Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

7b37f25261...8.html

windows7-x64

1

7b37f25261...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/05/2024, 01:20 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7b37f25261d69b67805a29e877caa744_JaffaCakes118.html

  • Size

    30KB

  • MD5

    7b37f25261d69b67805a29e877caa744

  • SHA1

    68937063e7df51a23841024d16530097e3bf48ae

  • SHA256

    775cee5dd8f59ecaa7e1c16d843b7f1c514c3b7e8974615b25d2d74092330e6b

  • SHA512

    18d68a09e9a427357c2030151c4a43b9b63d1bbcd33012caf4530c181c04e81240cea47660e67af69ad0e611d23816c9df6255f9f2d91f256dc5a5075cebe203

  • SSDEEP

    192:uWTkb5n/6+nQjxn5Q/GnQie1NnLnQOkEnt60nQTbntnQuMCjAKDn253gbiYxYJ/l:XvQ/8toQ9xYpyQ3ZbDnOO

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7b37f25261d69b67805a29e877caa744_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:740
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff5a4f46f8,0x7fff5a4f4708,0x7fff5a4f4718
      2⤵
        PID:2728
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
        2⤵
          PID:672
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:368
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
          2⤵
            PID:808
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
            2⤵
              PID:972
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
              2⤵
                PID:400
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8
                2⤵
                  PID:4720
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4432
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                  2⤵
                    PID:676
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
                    2⤵
                      PID:908
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
                      2⤵
                        PID:3628
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
                        2⤵
                          PID:1992
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,14860979861794768261,17644416640899272105,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4852 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:2344
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:4932
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:3224

                          Network

                          • flag-us
                            DNS
                            8.8.8.8.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            8.8.8.8.in-addr.arpa
                            IN PTR
                            Response
                            8.8.8.8.in-addr.arpa
                            IN PTR
                            dnsgoogle
                          • flag-us
                            DNS
                            cdd.net.ua
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdd.net.ua
                            IN A
                            Response
                            cdd.net.ua
                            IN A
                            89.184.88.6
                          • flag-us
                            DNS
                            183.142.211.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            183.142.211.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            23.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            23.159.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            240.221.184.93.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            240.221.184.93.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48 HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=0884BEDD5B296617188AAA505A0E6707; domain=.bing.com; expires=Sun, 22-Jun-2025 01:20:52 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 884749DBE89F473E94AE14C9974F63EE Ref B: LON04EDGE0618 Ref C: 2024-05-28T01:20:52Z
                            date: Tue, 28 May 2024 01:20:52 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48 HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=0884BEDD5B296617188AAA505A0E6707; _EDGE_S=SID=32EEA3C9485F684211F1B74449F5692E
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=3kQ1ldaPe_BnrZ7StW7sYJpMsaaq6sLj5AivIHt2y7o; domain=.bing.com; expires=Sun, 22-Jun-2025 01:20:53 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 86C55D2E459A4B2C9069E6C3249C5426 Ref B: LON04EDGE0618 Ref C: 2024-05-28T01:20:53Z
                            date: Tue, 28 May 2024 01:20:52 GMT
                          • flag-nl
                            GET
                            https://www.bing.com/aes/c.gif?RG=f62888a0c198486e974d193e16b750e0&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T112507Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182
                            Remote address:
                            23.62.61.97:443
                            Request
                            GET /aes/c.gif?RG=f62888a0c198486e974d193e16b750e0&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T112507Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182 HTTP/2.0
                            host: www.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=0884BEDD5B296617188AAA505A0E6707
                            Response
                            HTTP/2.0 200
                            cache-control: private,no-store
                            pragma: no-cache
                            vary: Origin
                            p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 937421D8FA794E9195C788FD3AC0D909 Ref B: DUS30EDGE0714 Ref C: 2024-05-28T01:20:53Z
                            content-length: 0
                            date: Tue, 28 May 2024 01:20:53 GMT
                            set-cookie: _EDGE_S=SID=32EEA3C9485F684211F1B74449F5692E; path=/; httponly; domain=bing.com
                            set-cookie: MUIDB=0884BEDD5B296617188AAA505A0E6707; path=/; httponly; expires=Sun, 22-Jun-2025 01:20:53 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.5d3d3e17.1716859253.494bab3
                          • flag-nl
                            GET
                            https://www.bing.com/th?id=OADD2.10239373720215_1RHWT2NN92K0QRRNR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            Remote address:
                            23.62.61.97:443
                            Request
                            GET /th?id=OADD2.10239373720215_1RHWT2NN92K0QRRNR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
                            host: www.bing.com
                            accept: */*
                            cookie: MUID=0884BEDD5B296617188AAA505A0E6707; _EDGE_S=SID=32EEA3C9485F684211F1B74449F5692E; MSPTC=3kQ1ldaPe_BnrZ7StW7sYJpMsaaq6sLj5AivIHt2y7o; MUIDB=0884BEDD5B296617188AAA505A0E6707
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-type: image/png
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QWthbWFp
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 1548
                            date: Tue, 28 May 2024 01:20:54 GMT
                            alt-svc: h3=":443"; ma=93600
                            x-cdn-traceid: 0.5d3d3e17.1716859254.494bb81
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            97.61.62.23.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            97.61.62.23.in-addr.arpa
                            IN PTR
                            Response
                            97.61.62.23.in-addr.arpa
                            IN PTR
                            a23-62-61-97deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            196.249.167.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            196.249.167.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            50.23.12.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            50.23.12.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            15.164.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            15.164.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            26.35.223.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            26.35.223.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            43.229.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            43.229.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            tse1.mm.bing.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            tse1.mm.bing.net
                            IN A
                            Response
                            tse1.mm.bing.net
                            IN CNAME
                            mm-mm.bing.net.trafficmanager.net
                            mm-mm.bing.net.trafficmanager.net
                            IN CNAME
                            dual-a-0001.a-msedge.net
                            dual-a-0001.a-msedge.net
                            IN A
                            204.79.197.200
                            dual-a-0001.a-msedge.net
                            IN A
                            13.107.21.200
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 792794
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 538FA87742C04767976547473335C937 Ref B: LON04EDGE0820 Ref C: 2024-05-28T01:22:31Z
                            date: Tue, 28 May 2024 01:22:31 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 621794
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 0FEF9F6378374E469ABDD86728C7AA4D Ref B: LON04EDGE0820 Ref C: 2024-05-28T01:22:31Z
                            date: Tue, 28 May 2024 01:22:31 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 627437
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 5DEFF54DF4EF4C068C0DC42C16A358A5 Ref B: LON04EDGE0820 Ref C: 2024-05-28T01:22:31Z
                            date: Tue, 28 May 2024 01:22:31 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 659775
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: FEB08BB83CCC45478BEF0680E93B72C2 Ref B: LON04EDGE0820 Ref C: 2024-05-28T01:22:31Z
                            date: Tue, 28 May 2024 01:22:32 GMT
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48
                            tls, http2
                            2.5kB
                             9.0kB
                             20
                            17

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8-RzghYxwoGd_Dde77qAmJTVUCUz2tPj3BCSVdDVDy3UYlvTNrlFqMxJw_cCrh2HqybZqnSISZExxe5E1kqsAH2aKwoxmX9PXZnH1j5t_YcKjQc9JGKoj0lnCLiM_8qknqlUanAnmZBXYjOxNYD-Ew7RUcYsvhoskDvRmW2lxVWdMYXEU%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D05c70557dd7110d59e6d636cbda54212&TIME=20240508T112507Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182&muid=D54583D0B3DA17FFA4370685003AFE48

                            HTTP Response

                            204
                          • 23.62.61.97:443
                            https://www.bing.com/aes/c.gif?RG=f62888a0c198486e974d193e16b750e0&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T112507Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182
                            tls, http2
                            1.4kB
                             5.3kB
                             16
                            11

                            HTTP Request

                            GET https://www.bing.com/aes/c.gif?RG=f62888a0c198486e974d193e16b750e0&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240508T112507Z&adUnitId=11730597&localId=w:D54583D0-B3DA-17FF-A437-0685003AFE48&deviceId=6966565253439182

                            HTTP Response

                            200
                          • 23.62.61.97:443
                            https://www.bing.com/th?id=OADD2.10239373720215_1RHWT2NN92K0QRRNR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
                            tls, http2
                            1.7kB
                             6.9kB
                             19
                            14

                            HTTP Request

                            GET https://www.bing.com/th?id=OADD2.10239373720215_1RHWT2NN92K0QRRNR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 89.184.88.6:80
                            cdd.net.ua
                            msedge.exe
                            260 B
                             5
                          • 204.79.197.200:443
                            https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            tls, http2
                            98.9kB
                             2.8MB
                             2059
                            2053

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            14
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            14
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             8.1kB
                             16
                            14
                          • 8.8.8.8:53
                            8.8.8.8.in-addr.arpa
                            dns
                            66 B
                             90 B
                             1
                            1

                            DNS Request

                            8.8.8.8.in-addr.arpa

                          • 8.8.8.8:53
                            cdd.net.ua
                            dns
                            msedge.exe
                            56 B
                             72 B
                             1
                            1

                            DNS Request

                            cdd.net.ua

                            DNS Response

                            89.184.88.6

                          • 8.8.8.8:53
                            183.142.211.20.in-addr.arpa
                            dns
                            73 B
                             159 B
                             1
                            1

                            DNS Request

                            183.142.211.20.in-addr.arpa

                          • 8.8.8.8:53
                            23.159.190.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            23.159.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            240.221.184.93.in-addr.arpa
                            dns
                            73 B
                             144 B
                             1
                            1

                            DNS Request

                            240.221.184.93.in-addr.arpa

                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                             151 B
                             1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                             143 B
                             1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 8.8.8.8:53
                            97.61.62.23.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            97.61.62.23.in-addr.arpa

                          • 224.0.0.251:5353
                            msedge.exe
                            598 B
                             9
                          • 8.8.8.8:53
                            196.249.167.52.in-addr.arpa
                            dns
                            73 B
                             147 B
                             1
                            1

                            DNS Request

                            196.249.167.52.in-addr.arpa

                          • 8.8.8.8:53
                            50.23.12.20.in-addr.arpa
                            dns
                            70 B
                             156 B
                             1
                            1

                            DNS Request

                            50.23.12.20.in-addr.arpa

                          • 8.8.8.8:53
                            15.164.165.52.in-addr.arpa
                            dns
                            72 B
                             146 B
                             1
                            1

                            DNS Request

                            15.164.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            26.35.223.20.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            26.35.223.20.in-addr.arpa

                          • 8.8.8.8:53
                            43.229.111.52.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            43.229.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            tse1.mm.bing.net
                            dns
                            62 B
                             173 B
                             1
                            1

                            DNS Request

                            tse1.mm.bing.net

                            DNS Response

                            204.79.197.200
                            13.107.21.200

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            4b4f91fa1b362ba5341ecb2836438dea

                            SHA1

                            9561f5aabed742404d455da735259a2c6781fa07

                            SHA256

                            d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c

                            SHA512

                            fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                            Filesize

                            152B

                            MD5

                            eaa3db555ab5bc0cb364826204aad3f0

                            SHA1

                            a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca

                            SHA256

                            ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b

                            SHA512

                            e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            5KB

                            MD5

                            23b5f83eaa0a9e0b959dfa4bcc695344

                            SHA1

                            d8887d3c710969da1ef6fdd7f518f68bf88acb14

                            SHA256

                            2885a2976add1175ff5e67937d59c00c0ee7192d98d018cdf270784ed1a8c6d7

                            SHA512

                            0d731e9d6db740614c757780e38c49d419d483dc2ee4a120025f18206a29f34907f33deb57fc960b247061d457a0e12045939eb411ef097c55020e9130a944d5

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            7260a57d2c5f2f0bff35a18944def572

                            SHA1

                            8d535f956f3661b9db9763ff0e60ad733ef3b352

                            SHA256

                            9319147e336a142dcd3ea9dd8b4717ab98bb5795711eae0debaaf0036c79d026

                            SHA512

                            4635adc35b4bc7f4a0b94921b100101cf66d334886773252c93ffdb0d1644db78502ff239509d8eb12bf845be2bfa93b7485219c1916e43e60247170babd16e7

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                            Filesize

                            6KB

                            MD5

                            88b2b1fa74b605373732a52de74238d8

                            SHA1

                            c9021edd32c0e23f249f12a9c328b1d5e9dee52a

                            SHA256

                            ef32fda0a0e00f249c0ad1a55b6327e835eb956d857710acedaa1559d5d4749c

                            SHA512

                            389a67ccf64104d485a22c10faf99a8fc4bfb083eae9c7479d83cae79f890cf429b4f0d4771f99c7ecf1e00b643ab04c1cf9f0c981f169367b4d66f4681846b5

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                            Filesize

                            11KB

                            MD5

                            d08b4a622b4e0f8db09b4a44ae0a5e2e

                            SHA1

                            70eb62274b764dde36b23f1c3cc97956cf08e547

                            SHA256

                            c4aac9893cbfe1a3e3e387be7f7be3a05451f3bf3a1ce7b4afbe6e7a717ffcad

                            SHA512

                            434ccdaeb9fb64348380738049255de56920a62fa3c2db5a992d7d37ee762f2b9e1c8bc9be974812c33349becfdf36e9d6a37e3c621a1ae4eeced3f27cfe0ab2

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.