hxxps://www[.]softonic[.]com/descargar/bantrab/iphone/post-descarga?ext=1#google_vignette

Analysis

max time kernel
145s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
21-05-2024 14:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.softonic.com/descargar/bantrab/iphone/post-descarga?ext=1#google_vignette

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exe

pid	process
2684	msedge.exe
2684	msedge.exe
3760	msedge.exe
3760	msedge.exe
4420	identity_helper.exe
4420	identity_helper.exe
988	msedge.exe
988	msedge.exe
988	msedge.exe
988	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 60 IoCs

Processes:

msedge.exe

pid	process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

Processes:

msedge.exe

pid	process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

msedge.exe

pid	process
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe
3760	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 3760 wrote to memory of 2188	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 2188	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 916	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 2684	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 2684	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe
PID 3760 wrote to memory of 676	3760	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.softonic.com/descargar/bantrab/iphone/post-descarga?ext=1#google_vignette
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3760

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd150d46f8,0x7ffd150d4708,0x7ffd150d4718
2⤵
PID:2188

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1976 /prefetch:2
2⤵
PID:916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2436 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2684

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
2⤵
PID:676

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
2⤵
PID:1704

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
2⤵
PID:4608

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
2⤵
PID:4868

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
2⤵
PID:3452

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
2⤵
PID:5024

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
2⤵
PID:2528

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6372 /prefetch:8
2⤵
PID:1148

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6372 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4420

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
2⤵
PID:1184

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
2⤵
PID:2980

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
2⤵
PID:5476

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
2⤵
PID:5484

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
2⤵
PID:5492

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
2⤵
PID:5500

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7012 /prefetch:1
2⤵
PID:5508

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
2⤵
PID:5516

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1
2⤵
PID:5744

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7948 /prefetch:1
2⤵
PID:6088

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1
2⤵
PID:5400

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8580 /prefetch:1
2⤵
PID:5408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
2⤵
PID:5880

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
2⤵
PID:4876

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7380 /prefetch:1
2⤵
PID:5192

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
2⤵
PID:6276

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
2⤵
PID:6284

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
2⤵
PID:6440

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
2⤵
PID:6584

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4124 /prefetch:1
2⤵
PID:6772

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1
2⤵
PID:7132

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6116 /prefetch:8
2⤵
PID:6328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
2⤵
PID:6556

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6736 /prefetch:1
2⤵
PID:6808

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6624 /prefetch:1
2⤵
PID:6764

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
2⤵
PID:6820

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8960 /prefetch:1
2⤵
PID:6920

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1
2⤵
PID:6900

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9164 /prefetch:1
2⤵
PID:6908

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9640 /prefetch:1
2⤵
PID:2592

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9660 /prefetch:1
2⤵
PID:1972

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
2⤵
PID:2640

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9892 /prefetch:1
2⤵
PID:6252

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
2⤵
PID:212

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9648 /prefetch:1
2⤵
PID:5576

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
2⤵
PID:2980

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
2⤵
PID:5300

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
2⤵
PID:4628

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9040 /prefetch:1
2⤵
PID:3960

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9740 /prefetch:1
2⤵
PID:3688

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10180 /prefetch:1
2⤵
PID:5868

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9320 /prefetch:1
2⤵
PID:5796

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
2⤵
PID:5820

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
2⤵
PID:6992

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10120 /prefetch:1
2⤵
PID:7004

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
2⤵
PID:6928

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
2⤵
PID:3236

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1
2⤵
PID:552

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9640 /prefetch:1
2⤵
PID:7060

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10204 /prefetch:1
2⤵
PID:5604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1
2⤵
PID:5508

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
2⤵
PID:5428

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
2⤵
PID:768

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
2⤵
PID:3604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1948 /prefetch:1
2⤵
PID:3724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1816,16632922081620964629,1409724562898694733,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5096 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2228

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x528 0x2ec
1⤵
PID:6744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4f7152bc5a1a715ef481e37d1c791959

SHA1
c8a1ed674c62ae4f45519f90a8cc5a81eff3a6d7

SHA256
704dd4f98d8ca34ec421f23ba1891b178c23c14b3301e4655efc5c02d356c2bc

SHA512
2e6b02ca35d76a655a17a5f3e9dbd8d7517c7dae24f0095c7350eb9e7bdf9e1256a7009aa8878f96c89d1ea4fe5323a41f72b8c551806dda62880d7ff231ff5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ea98e583ad99df195d29aa066204ab56

SHA1
f89398664af0179641aa0138b337097b617cb2db

SHA256
a7abb51435909fa2d75c6f2ff5c69a93d4a0ab276ed579e7d8733b2a63ffbee6

SHA512
e109be3466e653e5d310b3e402e1626298b09205d223722a82344dd78504f3c33e1e24e8402a02f38cd2c9c50d96a303ce4846bea5a583423937ab018cd5782f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
16KB

MD5
b6bccb44eee52c305e15fc4ffd07f25c

SHA1
42253c60ddfbd6a2042c67ab33669d8f71ca53f7

SHA256
f6600fa5a55813db44f67fca9454794b9cad4350e3df34046d8f26fcfdc71558

SHA512
c9e1b9c1c2357f7624e78af8c27631c02fd67a2f744126d6a5f1cada9cb74f2020eb633cbb81897736af1f1b676b26fd2174eea9ee1526e9971d4255d2257213

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
20KB

MD5
01d6964fa1d3ab8f487f51efdf31f4b3

SHA1
b33fa213cb58724f59e7ec7b0388d1e629e963ed

SHA256
4cd7318fae6044deb19894f8a693bd1017fbb5775c369d767731d7ce37e304b6

SHA512
f78c89e912f35bd3e5d23058d0745d9f6e86aded629769cfbca7618eebe37eb8109a54ceef5314829c2481ba99a2fcb9eb88c1b3062be88c4b38196b088c5fb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
19KB

MD5
1d05cc62583a7db7139e30dc7a7c24f8

SHA1
001c2cb08fc747cde1028a45b75e462ab333ea08

SHA256
35d0d6598bbfd4722ba330d6d957829de05c18706b4ea9443402298720beb854

SHA512
f4ebf61f3a49256e0a1c50e88d940d75891b54a6766d68346550d0fc04d65c63bc6224db35bc150a108d6dec981cc9b292aa90d7c339ff523e7d3a7f90b3d986

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
29KB

MD5
71e93992dbe9a3f56565df50812d6082

SHA1
9e8ba852d78b1b2c0b4eabbe21f78f7cf9ff78a2

SHA256
094d0fb218a9e919ea5406bdb02940007b0ffff8da677561b966cb8efa44e534

SHA512
31e91e113db033439bb22c002643c1df9ca5335f76556bf99a46255982a0d77b99585046c60742e8854ba94d2aed8142cac5fad660a8bcf89a81a748a7d61142

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
16KB

MD5
bd17d16b6e95e4eb8911300c70d546f7

SHA1
847036a00e4e390b67f5c22bf7b531179be344d7

SHA256
9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352

SHA512
f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
17KB

MD5
19c73397068ded824edd2c5b13d0a9da

SHA1
7f0f149b66309aaba41974d524ca69390a34e4f2

SHA256
8c93e33fb098c30a82d774c6a9db9aa92ea0e34586e907ed7d9d2935582c6100

SHA512
8795cd26570fe65181d49676dd9cc9a8012bc22c3e505ac8ed8c1bea68ac7db7f77d6bade360a403a8d79cc4126ac18c2c10e3b83a163e3b42f2e3f60c32426e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
103KB

MD5
144854e84da83ffea974a51dc947756b

SHA1
50ad7fa26be4433392808f4e3f0f79ffc273cd78

SHA256
8c008eb45d08a7cdb74767dc72e2e47dd33264487749dfcac472f8d9e1311c12

SHA512
515d5343fd3da1fe397d6722bd6b1ef8fb5a971ba8f7ba351e5c022883f3f4a9b145c70e0e7c54e5b424047adaee997095667df62464781a9f684e74d752db11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
132KB

MD5
1b6772aee775fd4170c71c1edb00e8be

SHA1
711d8ef637928d79675c8c1ebd31aa7095301ce7

SHA256
18931a6bd6a41db4a7835b69762e67207bb3d27890f1bf890f5cbc890198d2ad

SHA512
73643f525496183eb6c14e6b17500bdc1b1c2e6da992e580719a5c1b860bd5fab4c24f2851a44d2cc5d766ce04da068a57ad55b7ecdfb88a117ddb2021c13824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
94KB

MD5
095652c61c493c010d54012cd35f7202

SHA1
3a254dd546887ec676e228144c79ae668807535b

SHA256
d8ae9b34d7dc740aea5d1ceadbd79277cb7cb01dcefff262d9010b91426e9a84

SHA512
3e45a6ac1d35358d82a3db37d18d19a2d6a982d8723a58cba1bdbea0d598ce165ed4d11dace506d7c90c5c801f472e1f2b7de98e8fa6fe269a353bca3f2937ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
20KB

MD5
eaac5dfd879fc0a9fcbc2893e02677b3

SHA1
fb702dbc122abb2ff30983fe580d9ad9fe0f4f12

SHA256
4a3a4d99b4dcec71352dc097b420aec3b8a5d0eeef5c79e4711b79f81070e92e

SHA512
854850ad01c7c49b0373aa6c398edbc7d406b95f930b24a1f5b3bdb253666f45928f5e496ae314059e0b9a537d1b81551d9f73e9f475e106ca5fa4b577e757a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
141KB

MD5
e37ff0d4416a8481f3aeb89420492e16

SHA1
06f80ba46de90e82bcf70554085c4a0fd3ae7e3f

SHA256
b1557195bd8756b03e934fd9c844925fab35abc621688ca41cdd9040d5cf1d1d

SHA512
bb5cb5261d2aebed208b70e192cfdd792159d483344e2cb6291d06888c6aee9a69e85ee89f1e77751df771fc5c02106e1cd4649252082d3c0def5fb55850c1dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
80KB

MD5
d150d002f368ccbe41ef959bfe3e3ade

SHA1
db465f5a25efdf35e75a8cafedc54dc0bf814748

SHA256
05e2d5601b1d8220b33ffe79eb1a06fd3647d1904a2a05120f3d624f9f4e2cb1

SHA512
fc29c40fe953c29a9c2b49b91813ecc0e8000b16d731a6e3d0ea769036ba7cbd150677a3af9cf91716343cc182576fee580ad7979a93c2443c45eb64e5e152a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
130KB

MD5
e14453a8f1dfec05cb939e32ac6c627a

SHA1
b12c768401aa0f85d20bf415e0981b01cb0b9734

SHA256
abf6c0a227ea290a5401a5ff1c5a494a2e66095b8777aa87dbb99b74f7d33b60

SHA512
bde9b7119f84145dae793125cd73a74d92d76b7361adcece10ead3161022bfd592a74b21c8231986239b489bce3eaef53c49079efca43c6fb3adabf37ee0bb86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
17KB

MD5
986755864903c92155826a7cbd4bafe4

SHA1
336ea6987616b58e5380517ba79917b39f3ab58e

SHA256
5d630dc3b58bc756824c2dd8ed452b90fe32ae59c2428387d756a15e90da3aa4

SHA512
cfaecb02d5531f0f2edeeb2ed42895deaf60f1d4a30f9bb2f856600c20e10979ae82172cd7e4c40230f5248a8d83c05bf59846bfeabb8cee0465e752c29555cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
47KB

MD5
520871961b4a710968bf95f8096d8282

SHA1
815c846f6d78d8dfe6336cc422891db0de746473

SHA256
2954735760058f5718cae8a8399d1422a642761e22cab42b25f7542cee68cb0d

SHA512
a30c732a2caedf4c174967ee813d97c7e0eb270236ac5da917d2ed9d1fc38fee605313f74f22f5f55bc78ad11bd24924df0306838ba5035d681fb5dd00b64d53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
80KB

MD5
6f15bf676bbd5ca3ee5f7aee04e9e160

SHA1
50f755c4561c70f767af72b9e272bcd217c80d78

SHA256
21b42f2ed5c070eef20f0459a15b8ad87da61af49cbd72fc06fd456a986cdf1e

SHA512
6bcf97cc9f423ec632d2f3c73560cdfabdaf52ce14346ec1475d7118b70294e275272fa8545bf514ddc98c42060328b08702573b6caca2072eeb49d0788cc407

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
66KB

MD5
8ef34d72ffc21a5a588f72ee62b6096a

SHA1
bf1c2f7b12160328c0997a846bc3774346da725d

SHA256
d8c54dbba4fa411550fa46fd8ff5815f401edb9b79af8b3e0c6fd380665ea111

SHA512
b234be3a3adf081c443d99552daac3798dd05b9c2f9bee77eafeff795007e0bd40e61f3f621ace75970d7bc1fe0b5149b6eac6722a6600fce260926f86dde0e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
26KB

MD5
a18c7bcddfe92565761e7a1dc0f5f467

SHA1
18981394ca7b5a0890d612a5bfa009878c7329d7

SHA256
dd728e2bc3a090b2a4047609b49a73f7fa8f2ae4ca1ff0dce1bf688d8b881bf4

SHA512
9d550f02b63ea19220117467102356bb645cfc19e93988f770efe4df91c7df2c65d67e83da8214b62916a385d157c0159c3c90b1e0c9454e5b4018cc8bbe7db1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
94KB

MD5
c7f1043c740cd6bd85bdc250b1b41777

SHA1
1992c9c05a4e4cacfb57c5884dfcb8c668375285

SHA256
80da70c25e820c9be6ae47619891aec861e5497c7744873de115e42d6ae28d52

SHA512
f39dfd7f7730d9760873e1ee24ed0ebcda4863c55c20530f5f2710f2a5325ecb275d5053cabdc0c4f6363986c8f3ce94939455f1d76a4c24308e47b0ac979efc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
19KB

MD5
23b27116b3c4831452570f751338a118

SHA1
7d554a38e31099d02daafad046e94fc1adccedfc

SHA256
c55c717441910dabc60477e7cc7c912c593b992a88fdb173fa8308735b07a69a

SHA512
ecd101f01cde501c64d961d050686245672426afb50ab00cb35e9462615477a267568cd3310fc7e5dbb39e345d0a30cb3b532ff2e0600b08a2851fcdbac13828

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
64KB

MD5
0d195dd38e9406c75882ba90cb063949

SHA1
117557761105bcfcc3f49c5d6312ce8bd382d2b4

SHA256
e7f8740f6058aa21acb34e453bae47d0749fcfb578d8f2ca15c48fec85f2191e

SHA512
99aa204b190bcda69cd9a5b812f27b5b3f5ad30583e34baac713fc23f51eca18e8bfba490fa3c40f31911ee4b337d01c0f3e8278479c99fe76020ce630365524

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
62KB

MD5
d595aeedb6ab5955252895140cd33b2d

SHA1
54ec38264ca7194d6df71d5a5fe4b7dd5b4b5130

SHA256
94449a2e74b33178a00cbd79505d9251a0fcdff8ee1a0ac24352a6779ca34fb6

SHA512
439d8d57c0e938f28804e4500f6549569090b7e52c9d4048ac8ac266e7732669eeb017b7a32ba027abd590ebd39658a443baefe3a125f28fc5ad00176efa7bab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
31KB

MD5
36c9caa1478083bd6ecf7c07649ff6c3

SHA1
a44d0b10ae53f6ea46bc450acb5798c159a1e412

SHA256
c5aae61399b871202548f1f2df7af726b6ca8b8026600c6ce1cf9893ad0d80ca

SHA512
2e15e8cb6776985ad7d30f9ed750052334027e4e38adf80ee6f46f3cf9f9b2b79a9df1913b8f854ce81f39c9228313c2b7faf597cf19fef5ef0b127ae3b2b1c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\58a7798e8b9ebcd4_0

Filesize
228B

MD5
b8b92abf1d82a8eda82ef57e4927158e

SHA1
696180f315af7b777f9dd763ffce69ffc5d76730

SHA256
033214d1c23315f03c5834a6c8d6522ea17590df776446725a192d49d30effc5

SHA512
a45af5e450067a6a1b2c0ef99f9dde39d80b8ff4908acf666c632416af8fa19aa069fb620d93955f9399f4ba72ab009749a45a174b35e2fac2737dbfa2549c36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bd347d0d9f5d05f_0

Filesize
53KB

MD5
b5f2557f8e8bed99dab44e801b7e8060

SHA1
204cfe9db9f12fb2b113b4921e67544fb88b7184

SHA256
df90b9c15fb97336abcc91ba8ff1048a829eac759bc8cd39ae587992249d21bb

SHA512
3c536f52872b19af8e72f8bdf38fef0c730439c4b07cf8f29ff7781fe7f4b2d574ecf7519306e9dd49090dbe8318e99766c304b6611f936c17ad146c7919c607

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
297064679170563f5d5bdd8fd404f844

SHA1
ed62a0d6962c9cf87879570db683c15eb324e14d

SHA256
5af0f9c2593ce43a3f1c1f8f949ebeed41ec323064f192b25bcc56c95d7b0d6f

SHA512
81036704ac2b37f3971fb300026bd76f486f1d882a01a9b55ce79f6d190430e109bec7dd70f444f0d6571cadf0f839ac9304f9d8e92fdb6f3cd0c6cc81fa52c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
7c6a5d80af44b605d67e039c8c0f02aa

SHA1
b4fa60ed41245d035d4836c24f70e26127d1d8b0

SHA256
0bbdffde416c8648c5d514edd89b7e1e9464e3a43bdd399c82d99a1ffb1870b5

SHA512
f27189514751ae927f52b42187a0de36403679274c672324b21c43ef20eeb12ffe430aabe89c5834db98c54a8678b195abe6bb856e250c2ed38c9a49c14f4b16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
8e81de2cef59f65fe4d4154dfe513662

SHA1
6282667cf5480c7236439b96a9b68d7fea5a9786

SHA256
33ed3d066d78e841253ddd4aee042f28ded8e94a5c6e03a8f28e4c0c7563432a

SHA512
c10df07619ceee0023d7d002e2cf4fa33b75fc38dcaca309b46390adc01fce36616d6d9d6101f5a388fad67697426015ba36391002a87971a9c5837af186a8b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8fdd84204ded0742fdafc2a91e0e803a

SHA1
b3148de9fe128a7bac0c65bd3f0cc62d5005d48b

SHA256
5287435f2555703bd4185e6de167befedd900faf05ff851e7d09d1a3a5a05ca3

SHA512
fe23a53079700e37be68169d7b084f542e6e793ff5be5563644495154a02258ef9105b108d65bc0dc4573aa5d62f023269c1e1328287b08af858bc2e0665f27d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
cf7d57e3cffd7b88b27c57b2daf9c1a6

SHA1
42aaa430eb5408594cc4bbcc11e437e7d25524e0

SHA256
e77d8970b5b735e45ca14311793bdabc40a7d7b4d4fb3ab126f23719dad56702

SHA512
6e26341e6bb83a0b083c66f78a46094b27b8adccc01be202a6c29147b2484f8b179b46f1a79155858575a2f3c83adc8137f94094a76f6ec09b1be05063feacfd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
c301c85e343464131fb6a1bfd8fec2bf

SHA1
81f981a7d4635ec9ed498670c7c614d36b73f772

SHA256
691010982ec7d2f97f68db3f8ebd6443dd70eb82a0c18a137f223c9a7c6dcefc

SHA512
0c457123b38de5c8a1fb8b8c15f701c26e6c510b6a98eff7130d23e46bcb068e0c18e8392cc4544cdce42504ac345100cf4e4886879c3587c01181aee3e34d6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
94735593c2bb019e8228b74ae596d85e

SHA1
3b943a1e69ff80b11bb6f611f7f39006bbefa480

SHA256
350747b5043e62e299d67359b98ed51d3db516b9e9081b9cb69b7dd14f9c705b

SHA512
21f7f6df8a442ecdbbb7c224351efaf35b8b07136e569a2837a6c8ac93888f0e3727452838e5367c1078fd14c9e01a38527222226f6b602b112cf0f641177c07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c39b6a07e5ee05e2c6eb8f33096511ab

SHA1
8a07c777012666999201255e34cb06242e3113e3

SHA256
7797f71c6678f651183a257799f2a60267f5208f1e502fa7811e8ebe820a4f99

SHA512
449d9ce863db3db656b50b77a1f549521f8c5308419a12bd03c7046fc59d1fee39857b46ca87df43a38b41ca3ed344a417e8f52a4e7c4acc1f8114322cce59fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
5db850e46b2af1f91c74897a8cbfafc0

SHA1
c8449cda5851e564d16b94bf20db2e111d4999b9

SHA256
a81a9e4271c5860f3d8388e738cc22a996eba9c0908a62601b9a81ba7520d078

SHA512
78f3fe02e13ea82045fc8cda1197b031f35e655bbb47f449c6f108a09c2018a9135033cfb69cc8569d181dbd6a6e0687a7a4ec6fe351439ec4a05034f7ee4a32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
e7f9349d9b9fa7e7d7a0950d790d9468

SHA1
ca2bbc2e685b600796a3c7ccd4f56c8f4e8e59f1

SHA256
2be3721e21ccf6ca1c4784872ccf7cf01aeeb4dc5de8194839f9d23d162d59a1

SHA512
aafe7b31a96de09a0e515b763701d31c7d2795d125034aa8e3afb37d1770ae65da2c9f06e0fdc1d973ad158500727b6fa13e5ffd73f067bf4289a3e16a624a74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57bab5.TMP

Filesize
3KB

MD5
3867a773c5a88f84b84347d4c52480b5

SHA1
14fdad4ec3ccbc737a8de8851f950465401d20c8

SHA256
d823e9fd886ad85ea0b8c84b10fa6c1ed9ec3a05f50ee47f916ea40c7819adb5

SHA512
be89c6cabce1a3b7ca0ea904b4cfd51205b8f6475087fd2634cd10937c1165fa13777085122f4e16590a63e89e65680136affe2e328ebd8da38b18fdc2e6715e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ee6cd1b2d3db195bc4154050f0baaf32

SHA1
fa27fcf2f9593b03f0abfc3f16a26f771e1b74d0

SHA256
0a414523c5b3216fcd4eab2add66313a796c34662becc54af89366d782f88f86

SHA512
a2d5bf924952bd6a1fe761110b78610170dc75415a9c8bdd4706cdde65b23ce34a3df546f8a705845a2735226656177ffc6f12be1665334e61691dbd459c4af8

Download Submit
\??\pipe\LOCAL\crashpad_3760_XAUUTWULBAOEZAZH

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit