Overview

overview

7

Static

static

1

URLScan

urlscan

1

https://www.google.c...

windows7-x64

1

https://www.google.c...

windows10-2004-x64

1

https://www.google.c...

windows11-21h2-x64

1

https://www.google.c...

android-13-x64

7

https://www.google.c...

macos-10.15-amd64

4

https://www.google.c...

ubuntu-20.04-amd64

4

Analysis

  • max time kernel
    240s
  • max time network
    284s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-05-2024 11:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://www.dangotoons.com/&ved=2ahUKEwjZh7_0kpeGAxUn0gIHHWcvAZAQFnoECAYQAQ&usg=AOvVaw2ldF67PkcFvJsRVkjAGNjH

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 8 IoCs
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of FindShellTrayWindow 27 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://www.dangotoons.com/&ved=2ahUKEwjZh7_0kpeGAxUn0gIHHWcvAZAQFnoECAYQAQ&usg=AOvVaw2ldF67PkcFvJsRVkjAGNjH
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1360
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc374346f8,0x7ffc37434708,0x7ffc37434718
      2⤵
        PID:2012
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
        2⤵
          PID:4596
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1404
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2648 /prefetch:8
          2⤵
            PID:3032
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
            2⤵
              PID:2596
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
              2⤵
                PID:2988
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
                2⤵
                  PID:1568
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
                  2⤵
                    PID:3540
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:316
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
                    2⤵
                      PID:4340
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
                      2⤵
                        PID:1628
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
                        2⤵
                          PID:4044
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
                          2⤵
                            PID:1896
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=2880 /prefetch:8
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:1108
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5908 /prefetch:8
                            2⤵
                              PID:4972
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5912 /prefetch:8
                              2⤵
                              • Modifies registry class
                              • Suspicious behavior: EnumeratesProcesses
                              PID:4536
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
                              2⤵
                                PID:448
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
                                2⤵
                                  PID:5300
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1808 /prefetch:1
                                  2⤵
                                    PID:5680
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
                                    2⤵
                                      PID:5716
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
                                      2⤵
                                        PID:5732
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1
                                        2⤵
                                          PID:5960
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
                                          2⤵
                                            PID:4156
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
                                            2⤵
                                              PID:6012
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,2810645904669035038,576922756509551626,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5040 /prefetch:2
                                              2⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:1088
                                          • C:\Windows\System32\CompPkgSrv.exe
                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                            1⤵
                                              PID:3988
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:64

                                              Network

                                              MITRE ATT&CK Matrix ATT&CK v13

                                              Initial Access

                                              Execution

                                              Persistence

                                              Privilege Escalation

                                              Defense Evasion

                                              Credential Access

                                              Discovery

                                              Query Registry

                                              1
                                              T1012

                                              System Information Discovery

                                              1
                                              T1082

                                              Lateral Movement

                                              Collection

                                              Exfiltration

                                              Command and Control

                                              Impact

                                              Resource Development

                                              Reconnaissance

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                Filesize

                                                152B

                                                MD5

                                                2daa93382bba07cbc40af372d30ec576

                                                SHA1

                                                c5e709dc3e2e4df2ff841fbde3e30170e7428a94

                                                SHA256

                                                1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

                                                SHA512

                                                65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                Filesize

                                                152B

                                                MD5

                                                ecdc2754d7d2ae862272153aa9b9ca6e

                                                SHA1

                                                c19bed1c6e1c998b9fa93298639ad7961339147d

                                                SHA256

                                                a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

                                                SHA512

                                                cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7307c2a9-6ad5-4196-afd6-70e48c673523.tmp
                                                Filesize

                                                8KB

                                                MD5

                                                341302271b703997c96c73faddde60e3

                                                SHA1

                                                212e42428852f36e684bb9eea653b90f160d6601

                                                SHA256

                                                9b67e33cb6922de9b5916972e6bd13c554ac053763a06b7335f4d52b6c9a4bb0

                                                SHA512

                                                30d7e87a1d9406d6ad550d525d1a4282478f5252c85291601ee7225da325d7fb2ca8898167f54cb24055e1019f5fb1edf826ea51568ff2d88224ed30defceac9

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
                                                Filesize

                                                25KB

                                                MD5

                                                0990403b1d11de4917dc998ed0cf168c

                                                SHA1

                                                4f3811ca98c919888a571db32e1c0575c91069d7

                                                SHA256

                                                63faf734d19752e9b44b38dabb934beb540eaece32f9bcbe0812966e60de8e00

                                                SHA512

                                                3c752d63f7201273faabb2194a4e756da47d1c7b1454580affedb0538fc0cc0bfe2d290045f0d94911747cdee7fc35f91ce2466a6a4c2683049ffb47e5212d23

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                Filesize

                                                1KB

                                                MD5

                                                92ca18edbd2af5c574e4f075b71eac41

                                                SHA1

                                                eae50cc18b18558309c5ea0498f881075f30dff5

                                                SHA256

                                                03296696b4b694cc9eeefbac3792e3d847ab8fe9eabbee2878841028de633e23

                                                SHA512

                                                9dd88c68d401bf1f86c2ca2f9e140ba8a29bcb263632f6f14bc7c246c41d9857044f8060bc1eae8b37fc545188c9cc2a927a8e37e232eaaada3dd1eceb0903a6

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                Filesize

                                                168B

                                                MD5

                                                0ee13065f131e661b8f51879017ac7fd

                                                SHA1

                                                ba7832b41ed29f309fa7728ab18dd2bd86bb74e1

                                                SHA256

                                                7407abe69c5d6a65113dbc8f3bd3e5d5bf4eaa9f29159bd60a21ff467eacbcf2

                                                SHA512

                                                ba059b72c36b48ceb39c2aecba627fcc8391aa5b04da829e88e4aba6e88a92305bb764fff0f858628e3faedd414d0bd68f16b642708452c6c48e1ef926b3b980

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT
                                                Filesize

                                                16B

                                                MD5

                                                46295cac801e5d4857d09837238a6394

                                                SHA1

                                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                SHA256

                                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                SHA512

                                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                Filesize

                                                4KB

                                                MD5

                                                623c335fc69de24821f102a3030df033

                                                SHA1

                                                cf8f05fe6e7cb55b821b9856ea3ab7431fa9d8d7

                                                SHA256

                                                592da4ddfb38ca8cfd68a2a39382c034513360a9551a2d22f859da429f199436

                                                SHA512

                                                f7b755523fa1d89567f57cab4957f38c723f22f2619f71c907cafa1bfbcfb79a057bbcaa364962f003fd5f242e55d58a7451f954a58c603b3d99d993dc160852

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                Filesize

                                                4KB

                                                MD5

                                                1af0e2cc27ec17ad7307d5c2a6824aee

                                                SHA1

                                                820aabb3a41b2c30f5491c4eb66ade6d19870f4f

                                                SHA256

                                                b5a629bdf5e55c02a1e8b725df9e12c4d7c804c417f4d7d7346cc9d94e266c16

                                                SHA512

                                                463c92050af9fdabcfe3f49f14c293e7b46e1bd13127ec33499b92225b79c66938fea69418272f5b29d15e942ec68957b543deb9405f69e72d00b787a4c6fa28

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                Filesize

                                                5KB

                                                MD5

                                                79844a3248fcbb93d83118fdb9b36206

                                                SHA1

                                                8339d3a009260350a84a21c168a0350b131671f9

                                                SHA256

                                                957560c5f71d982981a2e5d427c4031164f53198249360831ab8fc2a76e112a3

                                                SHA512

                                                476da4cf1bd3757c75e4585b49a270a47c315431b1951ad76c5a6e09a376d4282f21295acf6895e33322ef0bf8f448c2f729af31539852d8bf2ee22edbf19d03

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                Filesize

                                                7KB

                                                MD5

                                                1476e2959fa1ab148d6ca79b6dcb6d42

                                                SHA1

                                                558c4e74a4aa3b63206900e2c89db5f7bc09a608

                                                SHA256

                                                cf6c9d4c208737222853690c2ae19bd2000c1b6f29aabafff4298753de6b4833

                                                SHA512

                                                abb48626fdaefc5e125e2b27646216928ca6fb9254551bba1a3439087a22b4a394c5ffb4b9615b8a79f10aa88875cd1fd5819d1acece1b87d79c52a27f1241fe

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                Filesize

                                                8KB

                                                MD5

                                                4be52f036dcb820998dffbe6c0ae930f

                                                SHA1

                                                a56bcd49823c4de4ae0f6b88134ef6be09a36e75

                                                SHA256

                                                5fff92545b079ed772dace8af9b573380c592add71cde00667f96210d0456ec6

                                                SHA512

                                                c47bda76c21419677ff0d580a5befd22b2104141a8ce20a110b15a27b89eada9c375df88ea0f17447542f47b148da47c1335b28cc475e6dee039b53fd42745cb

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                Filesize

                                                1KB

                                                MD5

                                                1f601f79523a3fd5d3c700cd02293916

                                                SHA1

                                                db17f87a369f894e5ca17a15dd623f56e3e0b58b

                                                SHA256

                                                b463b4d27afba738519c265b2a299dd4e7bdb0d8239475af6d38153b0ecc9c8e

                                                SHA512

                                                b0ca0f1b23295fb747245630842adc7094c252e9e12ccafcfb62f26c8560e4cc8d373deeb373d789afe7be1ad282a4bce8e549cc02b20589105b8c7b39468373

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e9d3.TMP
                                                Filesize

                                                701B

                                                MD5

                                                ea03e1d0d473999a881362ae73982554

                                                SHA1

                                                ea2299d0890cb5028ed87f0566ee371b3504b7c9

                                                SHA256

                                                eb65978bfd5bd212041784d35dd7b754c5fb4bf5fc410c025852a42afe711bbf

                                                SHA512

                                                293bb7fc6e74fc12656afbc5e663a4717b47fff4d609a33ca97ac0ec42c1bfaf5f85c72a784b7890ead71e7e3dbc1344db3f033359347d72dc91a226b8c4cb01

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                Filesize

                                                16B

                                                MD5

                                                6752a1d65b201c13b62ea44016eb221f

                                                SHA1

                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                SHA256

                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                SHA512

                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                Download Submit
                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                Filesize

                                                11KB

                                                MD5

                                                93911bbac2db9583628d8bb5b1f5be9f

                                                SHA1

                                                32dbd16f287a10f92dea6cfaf5ecc6f4fa41cd50

                                                SHA256

                                                a78837f7ff916bf94816b27a7bf49e8edbaf62b4d4ba8b58ab98fe64e36364ba

                                                SHA512

                                                1181be8e3b40b22246923ca8d8bb1dd383fc49be55180b2144383701b2474964b3ed651f5b9753ac834566b83cf24d39fcbfb1660099680ab4b07ea8ee2f8cce

                                                Download Submit
                                              • \??\pipe\LOCAL\crashpad_1360_XJYJELWOEJEKFNLC
                                                MD5

                                                d41d8cd98f00b204e9800998ecf8427e

                                                SHA1

                                                da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                SHA256

                                                e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                SHA512

                                                cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                Download Submit