1072efad667d604f609fd850a13e54507e23b5ad33b836436267144a4cbd28e2

Resubmissions

28-05-2024 12:10

240528-pb241scb5v 8

28-05-2024 12:01

240528-n7dwmabd9v 8

Analysis

max time kernel
390s
max time network
395s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
28-05-2024 12:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Blank-Grabber-main.zip
Size

1.2MB
MD5

cf1622e33a46b0a9b7f88d0f031d679c
SHA1

6af28cb842e880d2121cc6f1ea9176c07d852bef
SHA256

1072efad667d604f609fd850a13e54507e23b5ad33b836436267144a4cbd28e2
SHA512

d5768cab8a7c44f569dd9abbade6eb0a4cdce530e62e3b59ae19ddc7cab6782f2015c0b231568c9945c9fcb9e28ac8f7c4488d390416173c30a292f3e8b6dc57
SSDEEP

24576:OmyJ4KPprRsfyj7JHdGddG4VfvTbkrqAItD6b6D8J7kKy:grBrufyHJ9s04FMr8D8YZ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{3DD719F0-F921-4D9F-95A4-B1AA44C82ADE}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{FE58BDEC-CFE7-43C0-816A-E13B65DE6937}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{A5A8B540-5859-45D0-96F5-8C92B98015D5}	msedge.exe

Suspicious behavior: EnumeratesProcesses 28 IoCs

pid	Process
4924	msedge.exe
4924	msedge.exe
3148	msedge.exe
3148	msedge.exe
1028	identity_helper.exe
1028	identity_helper.exe
5288	msedge.exe
5288	msedge.exe
5360	msedge.exe
5360	msedge.exe
1128	msedge.exe
1128	msedge.exe
1352	identity_helper.exe
1352	identity_helper.exe
5884	msedge.exe
5884	msedge.exe
1800	msedge.exe
1800	msedge.exe
4388	msedge.exe
4388	msedge.exe
1868	identity_helper.exe
1868	identity_helper.exe
2040	msedge.exe
2040	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe
4288	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 31 IoCs

pid	Process
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
3148	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
1128	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe
4388	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3148 wrote to memory of 4968	3148	msedge.exe	105
PID 3148 wrote to memory of 4968	3148	msedge.exe	105
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 2104	3148	msedge.exe	106
PID 3148 wrote to memory of 4924	3148	msedge.exe	107
PID 3148 wrote to memory of 4924	3148	msedge.exe	107
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108
PID 3148 wrote to memory of 2220	3148	msedge.exe	108

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Blank-Grabber-main.zip
1⤵
PID:3364

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ExportUnregister.svg
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffec38746f8,0x7ffec3874708,0x7ffec3874718
  2⤵
  PID:4968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:2220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:3360
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:1376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3716 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4808 /prefetch:8
  2⤵
  PID:5392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:5288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2180,6861260108848481656,12453917031802382452,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:5700

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3112

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2680

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec38746f8,0x7ffec3874708,0x7ffec3874718
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2
  2⤵
  PID:848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:5484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
  2⤵
  PID:5568
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8
  2⤵
  PID:5676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4524 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5600 /prefetch:8
  2⤵
  PID:804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1864,15866585367464913383,4423212472525914688,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1736 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:5884

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5488

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4432

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffec38746f8,0x7ffec3874708,0x7ffec3874718
  2⤵
  PID:5352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
  2⤵
  PID:380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2480 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
  2⤵
  PID:1120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3992 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5800 /prefetch:8
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5688 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2160 /prefetch:1
  2⤵
  PID:1732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3596 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,9954188322653869712,2747368085968507924,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4248 /prefetch:1
  2⤵
  PID:6056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1316

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
81cdfb24b7cb373078aded6989ce96c2

SHA1
6a1d8044943b0d7079af6a4464319e8527a2cb33

SHA256
8a588b00a12b871d90a765d9ea7676309dfc2a364c95b1ac68fc7480517210ff

SHA512
9a30fca805edd2902bc5fc88dca7db5dc85c62cb204a8bb3ddcc4cbbfbc2c3f65b70349195d1f24bf3473afed828f77de9ebdb88074409b960939e0c2d4649ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8e767fd33edd97d306efb6905f93252

SHA1
a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

SHA256
c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

SHA512
07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
439b5e04ca18c7fb02cf406e6eb24167

SHA1
e0c5bb6216903934726e3570b7d63295b9d28987

SHA256
247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

SHA512
d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
677f6dc7540868fc2b4392cf34944a20

SHA1
9bd459c2ce9f43b854466b9b59b18107c7dfe3d0

SHA256
42bdece12283cd52dd43665fd2852cbfd2179e3a6d8c7de1aa405c96b41b0b80

SHA512
6fb8162bd07054895b804929c8b98c352749a4081afa7b19e07363b06bdb38ca0b0e7794f017e0b5469e994b8e70032a7d6a4a7c208d687355cd6046969054d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dd7f392257954f1edc345932b4fda013

SHA1
d0a5ca70e532b852d9c37c2c4259486a0bd79b70

SHA256
c9720ed47a357c3b5d32205b62ea1d6bc9ef50fc38673371d26b1f31b493f5c6

SHA512
e694f8712d32c318cf9b64bcfcccfdab25aa5bd023f789856b3b40bfd58aaaa97cb49c76b21833e3c31dd31be6ca3418008d9d4613c55316a2066a525db0256b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\73f3f5a3-f962-4bbf-b1cc-afc7f48c9630.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
8803dc84e4a73fc311e5e2aa7af0ba53

SHA1
c761b031e2bcd3dded70b3bfb03ff5673b4f81c9

SHA256
054adf1e5cb0796b390a3b749e716e2f495d0d5ceabdcdbdf772b9dd6a6ac631

SHA512
1c678fc1309e218cbbe55c68b61af62a1ceeb6ee6d642fd491f0598ea07ecc7f138de18f4c6ffea22da46bf7e06e0110c9ebcc79f01a853bbc667827f87bd33d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
6f8d188e0105fedd750ea9ef3ff9cec8

SHA1
001b29eb34acedbd396db10f3664b384285aa5b0

SHA256
8e4ae88e2c222acce7cb0bc53456cd2c499cbd41a24d584ea1be8265eac7a541

SHA512
1466dc80722fabf5de310fd5d9eb4d59f4d2285dad42e80f98f7aa0fd30af9f857c44fd7a11fee603968890f628cce3aa71d05b025f77830a62ee55b09f6c441

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
2.0MB

MD5
4ae9d37aee76c85b05891e0603c8d148

SHA1
70bf8d868a7ebfe932e177490a214052d5533c98

SHA256
d4fe966e3abdee18617cd7c55db98c8cff1dcfcbab0ae58f19bf6a23817e979e

SHA512
204ee7bdfd56f6b8d5549bbfd4b87c87b1d32d0e05937c173ce2c8bc76d5644cdb71f409456e001f888f8b613283ab053cdc3b2b6c54704ceae5d648a641dbdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
5473c7c279cd837ac0ec3eb2cfc108e9

SHA1
c00827fc6d865867f5901651e206bfdc6ab77598

SHA256
5ea86db5c4e9ae205434a3f55196d683597d63265e3f6a27d99dd1a95f3cb3dc

SHA512
e76f3ece2685781908a8e63ad5727cf76ab370a4ffb03a811fed2c89481cfa006bf58cd0498748cb0a9e8e1f982a4ba4a8be6365b3491077e3658908ba0fb378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
67KB

MD5
d2d55f8057f8b03c94a81f3839b348b9

SHA1
37c399584539734ff679e3c66309498c8b2dd4d9

SHA256
6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

SHA512
7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
41KB

MD5
afe2453dd85ac3c76ecc7e2eaa787bf6

SHA1
955c7c70b4c514145add5e4c20a02c382ceb331e

SHA256
a6f11530ea47fee915e7411c7d5df1a17f6d9d6a447e62fd1dd56455fb7d3924

SHA512
96f5caffcff7ddb88206c65e260f023f8c394d021c650ea380aa4ecec1382a16e097bf2801e74ee662310becd694b9b56574c211e9c18effaadb11e52099442d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
1.2MB

MD5
047dbaf7429bd6fb2e31adc052b78641

SHA1
e6a965deb29062afffdd1778d12d49c51bd92910

SHA256
9057108a2b9a91d3b01e29aef1222826876f3922c704a3759ffa474b0b876132

SHA512
a4d0971c9ca2740336c02ef9e703010585ddbd977197d97f85a6e0f43d67ecb7af71db6e5b83a34c05c1e076124ff63da2cc3634108389fc55cab7026fdaacc3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
1671971c4804c1923b1f37809b9b89e0

SHA1
f823ae95003cf8411662e7670214337b7a1e0729

SHA256
db2eb9ca6b258b629ba6a303cff99b827d012f942ea653a03282242abeada938

SHA512
303ffab5a6f4c488a111fddbf2fae65c0b399e3397b51e222d1ede9690b45a76161e2d521c9152127bca5ff7eff9440080d39d95f3959ae44cd7d9e1a98474de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
03c5b82a8ba0db84d4e2a86ab3a1b1d8

SHA1
6964207f17267482e2788facb13c8f557a68005a

SHA256
df22f6f66a6b26dab5f1caea84fc8a3d412defbd8bfd0da0b9dd339361800dee

SHA512
429fc206104b6592b13e052e3a8f2a0a766623ea4da48dac8d7d962da3f7f803049d5180f36e36fab20f1790a272701ae8da54e5b18bb209af4bb0a20a6d0c48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
319e4a13983f3224d332ca34e1095289

SHA1
e25abbdb87f52403eab127c65fdd12424b59b834

SHA256
64bb30247c88108ff7bcba9de53520b29569033c55de94c598f406a875ae4f74

SHA512
d82e8935d23634e367c69d1f144fe0456a1b54623187aefb26a23eff553e94f1ea744f87186e6f611a7ac89f14ae3a28dc04fe685e12814eeeef1a1b739600eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
0bfd62cdb305fcabf619cc237d510eb5

SHA1
c8cd707d5b05e077246c451139576290600b2919

SHA256
f3e3d8b6228b70e9894775cbcaf9a6eaf4edd18ffaef2c767acfc1fc18cea269

SHA512
5cfa7ce73ef58ed978238f8560929c9037e72ba4d231d69e96b418b97411abfb702bc8f1938defa278e47167a2c24cf047881acc999b783a3dfe188dda908182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
709d650de981f0c7462b3f067c4b72f0

SHA1
a2cc693d42f4884c2ad0efbcaa1770dcc2386852

SHA256
477be7f9abe9523bc9cc51f9d40d22eef79f75f0597cef459cdcbdee3098521c

SHA512
ca849db983190375d4b944c0cf850f20f81edf262aeb7154df68e1b30e6bebf7b96282f25b8987f8e58e7609306124f7dabdd84d5c7554fc782aa24afb87d507

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
28KB

MD5
97b8a792ab6a82d9e8c466e3374c192a

SHA1
be3dff2f00040e77528b6a7e7b7c98a66a40c87e

SHA256
308a951be58e0ebadd49b9360d929409f1202b0f4c5cf3f9337f70034e8f88b4

SHA512
7f9c479d603eb6c779b1eb88d61e3b9f4273c8ca34531dbe7973653b61c875e67501ef657e646dfda8fb5421600b13c51697a83df5f75ad57f522eac810ca846

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
322B

MD5
576ea529eb540b29b738bae54dec56ad

SHA1
b05e0eb8de15cc6835e13440becb64136ea6fe36

SHA256
8875fd704c6461c548915e108e4a70fc2f7eecb6a96a4e0e56f113999facfd5c

SHA512
b62f24f385404612f6f3a8d82a7ea6f64833a8a8628a5ed0fc94a45eb6371b3385d9ce1211ec9c299c7e3dfab149fadf904197a3779ab01bc36e2b200591a06d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
20KB

MD5
9480e279d1a9f26290c95b839aed2bf3

SHA1
980d13e3c037964180d98abbccf5d7702b583281

SHA256
e5cc17171d87beb567c588650dc1ffe09885b13864fc6787fafc394665b02382

SHA512
9f53e4f94af30c30c557a6a66e1b5e06edda5fb07589e8d458bec3289a6f0028883821529690e312db984e887fedf102ac77ad00cbd2784221523f31c4508178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
75be6e4b8cd860f46df04364ceedbdcf

SHA1
06e7579ab0c82a1d06b4fcbc59c774f80dbed8d4

SHA256
4f85d1b5f66cb636f0aa9c83e40c10631fe9918d3c8f3a80f73ce2191aeedbfd

SHA512
1e98e26b6fec0e3f1ef74ccefbafbe4c6b291c13bc0d737d0afd3f7b1ab1be878ae4f96e4d6fa408a56359e0dadd3e56654c8339e969f9d367bced5c724b520a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
f381cecfb81e7de29df241c315bfa4f4

SHA1
eb3b4499dea18b01f3d97ec5b412e647de5595d7

SHA256
ab701eb60ee7109351d2c311950191f6ccb5d16eb8c80e08fcd9bbed4c0e1dc0

SHA512
a46e0d13c258b5a08f80b2ed3d15983e4bcdbaf495c6f7a7e32a1152bddb5d290341e676b176b9981ad963eaeec553956664c1108f82f611e9f640f23e4e700b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
2KB

MD5
c873fdfbbdbb037afe07ab66aacc1b88

SHA1
2ff10f448faad0111147a3cdab3e7610d162931f

SHA256
c0bf3aefae08c5aa6e9a2983c734fbc025a94c30b07a00c7a001acbcf47bb3e9

SHA512
c42770ddd8d25ca12e7c2b642e3597aebaab5e7e8d0fb6aab8ff2a2e1951723e6732557bed8c1ccc009301b6e8f9032228aa8b029f4103348728df98dded9b36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
563B

MD5
b591436c634d3133ae4270cbbefd4035

SHA1
42922e36cf267db144828a7b24915c825184b8c0

SHA256
44ce353b2c059f13c597d8330fe8e7b488154625a406e62769fe68c88a41363a

SHA512
c258c2138f47fd9d00918d337291f20cbd6d7bc1d15dc97e23e52a8e7db90325d05f39bc0317e6414ce850debedcc0152878e50b06ed6c5c801e7b97afd5b131

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
11edea40df97e0defc5e724bfed401cf

SHA1
54bb00c9fd3691b4478bc288ec6272db15ba6b0d

SHA256
1255657962d5e903f5bb94bd8b90460305aa0988017fd0a5ebace6265da5b2a8

SHA512
13b0b854dc99a5d8cb5f063b16efa48af8554f192da007da353e336aed9461949934d94997892541553ca9865f325ee7c4463cfd8d3011d9fbb39de6c8a92ace

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
830B

MD5
36fc8172ac48eaaf6b91438d0382c683

SHA1
503576181398ba17b6ad0f5d33b1175ab425dc48

SHA256
79fa44b5245f6ccdc4986fac47df9a6f1c50221314c17b6bee96d4a35d76ff7a

SHA512
36e9a2469f0667834b67672e90ef62b00c92287050adc64d43b1e092f6a3a7a968cb3a4dd7437e85ea4646abf3240df608423fe3eb4cbe1ec8909dc3f72d1896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9e20899e9674972554c9675ab754ba18

SHA1
537d9c615d70b17979388b19a6835fbd0b5d2129

SHA256
d7027dbacb82d7837cf2216531462294fbc197ff3308417f5114dfa87bcb6487

SHA512
917bd31c41e1476edeb0134ba70a9981f08bcee2c64aeb37fbd7cfba81ade09194e8031a4bde5c40269617e67fc308a55e8a40e19f0826d1e033636daacdd9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
eb741a57a21e52fb3c63089401f6f89f

SHA1
7a53d7e1f28aec404ba386b86b573fb7d6687d99

SHA256
670189486e5cdff870d301662031ad6a27291bcc0270cdf8caf58e0d97e8ecb9

SHA512
665c04ca68bfeba540833c5feef9ada6262885a46bbc5177ee005b822c8c7d3432145ed240ab3d714c8b9b75779fb8a2f59f2514044dbc12fa2dc848d2a333a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e496aa34bef8ac68e240c4cf46d683fa

SHA1
fe9475fb93ced5488653f2ec11990d8feed60c34

SHA256
18925208a3cbad37a5bf7dcca2e184a6415f1c038085db66fd59e2c81dd7df0c

SHA512
86dcf9abbe6083e28c2d8cdbd8bf5a639ae03350ea1bba51f39500cc2220af3597da22d578573852da82104cf68c03c07823e36e3802347e25b7e250bf1493c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
0f97c78bfc2635894a1be18c0a7716c1

SHA1
e551badabf73e60e770b74ef6f18d3f4cb761e47

SHA256
20f36148164abe830fda89dd00c6443c4cf03994bd1452047a4c5784d0272e9a

SHA512
d951aa97b5180834d799ffba8bad72d40fa2e6ae2b03cd56c501c8f19616664c7536377b5c95e301bc6541bfd6f167ef8b002186c5c6e951d9cc16f8302efbe2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0ca0aa51df296952ff43454e9f9cd46c

SHA1
c9eeb8e24a74f9feffb240ef1b002c4a98c4727e

SHA256
dea32575ceb15c5c924a42e7fc81e435b88d0b11a36808d8efa1fddb9a530527

SHA512
0b89fcb7eed43dd991133ac09567749b1ab9b7771234056d025e8f007de80eb4ccc7c6e72318448b2a71a2d66aea6dfae2cc86b33c127590fd5a82585dae1fea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b67ee6a79448d58fbfd35d46b7a28971

SHA1
d165a221114c32d955e584df43a3e4a2bc94684f

SHA256
f09456e38cc2a6a95ff4cbd720e2e04c6c444e7967c52d3edc4a7e44b0b3982d

SHA512
01f5f55309c9c0f7bb24152b5b8d9ffc6749a55265880b6f8fffe3cc9a2e9915593de359e54fac06f987a3363f6a434ad56966cbd37ac420e70c3527284830a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d1e82c8c53343113132a48f95e3914d4

SHA1
e5a41e05e9fd63fbbda207221ed431f429e9c0d4

SHA256
ec395d4ebf3be1681609527773f457e318a3361b1dcb00bc6a98457d3acb14f8

SHA512
4131637778055671fdf5962594fbae613bb8e5a3a265f9df6f62b86d055cc02f73f193e59f8ba36f7b05600c764fab08d0b76d3edd0198e785562d6a31c98c4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d2bef6045e4dcb600ac36faa7b6abe74

SHA1
50144c4ca1f146d4f7ece92f95f8e021d9f97f6d

SHA256
0404b6580a94eab1594f40ea64de2daed414f955456f29d08a9ff98c3e2624be

SHA512
52bc711a936ffc2d3dd9b115fb43f634d3dd19d1802a5b470a23373744a70881ab8399bda9ca980dd9cb257138ef92331cb4d094272f205f091707906439cd52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a7e4c23b11e9c9fe3505ab4e4ec73120

SHA1
d65b24d84cb2ab87da17a71dee97847bfe17370e

SHA256
9ca8cb098f2c0db007719fbf2c0200766172ef625d62d4ceb69d295648cd20f2

SHA512
8c191a02e45cb64766c1b8cba311dabe7edd9ff8f367f2be1b3c01cd7369b9f63cf24c7f8f153bab52c53d400f99d8f3c34614594f1f7175699e5b008b71fa1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
81c1fa4f5d355105fed104b1398811ac

SHA1
51229bf7e5db6290705c5219c25dbe170ea453e6

SHA256
184c3113d0ac0d62de98008d70c2f2cffb3a7eda2fe9d1b1c459835e19108e48

SHA512
a710cd8d506fcf9ae0dfa9abdeb3efb011098f02370894e66c8e102eba69c37699f07a0c6a4f465f992a01d390b2cc9ef966490c9d60aa9219ba7892aa20ddb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0333dcb8a2e32f58776e08fb988a14ce

SHA1
b820a942ed2fe5a7238be00d3b5e6286483ea919

SHA256
511e1731cca97f72f2291c47357c7e3c788f72a5070ef2137b4e2a0cc6ae1b7c

SHA512
bd130a887cd17bcacaf6b559f0ac88c09146fa235f36b1b56cea81b9f8150a7ebf8f0c565419af3203f34f56195a4e535c33d8a077ddffb090a850aa0ca5a0df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
117f29070ffb6baf7d2b1f9f331ea770

SHA1
cda93e55f0bd31796e8fb809fd51de67318eb6d3

SHA256
1c07eb09fa2e3977609e56865cc2e6a8b53aef17906483bf348ded172af9834f

SHA512
764d7939a69b3e7694c80e11d2c710a41dbeba24d3ed2b7f6ea0f72efbf45369a0b1fb0e3cbe9780770160d57a66b3106c568029212d83b296b6c06c1753b14f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dced65786a5fa5823908af342a86d3ab

SHA1
c00807c7078749879557e30ebdad565423970336

SHA256
3181e4fc1260a28b212f6e3cc8389df9bcd451a5f45bca249032fa6c5d13e3e3

SHA512
62a9e1a330384aec91462adcaf3c73ccc07ee8f31423b49d5da2990d61d88592d5e816e21f1a4212768f3add697a2e4bed0083dc693a8e441d92027ade4e3a0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
946f6013382c917e1a0dbc7ea625b597

SHA1
a116b2e31fba7f7b57c6c09ccc130edeaf2b53f7

SHA256
268a069202d032d37c1db5ccdc01e93000a2adabc336043dd249bece3f14a16c

SHA512
4c4e0a8a252abdd6a0ece46d2a50b1bfa8e77eaecc7e62cb295412e34e8524ca1758fb1d7615e551c2f75b3857697966796241211b95eb2fe0b6e4eeb5a47f41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
053a27344f1ef331f5012733d65f4b28

SHA1
52a37fcdf27f4b5ca26e61e94c7401894c33aa86

SHA256
9867637e579cf1468c0e09bf91f7d3df7296f8ca5340ceb2b1fc12eefa22a65f

SHA512
c1ea2e0180e04d19991956a3eb83b234bebab75daf5ef358ba431f3636667076e55f20f72a7c859ae1ac47082bb6fa99b8e033467a00d516db2ab9906b1b94b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
cfc15885c16e0429819877e299a410d9

SHA1
e38e274a21a09569c9a04ce777a139eb7e7adc0d

SHA256
a686d8e2f301fbd2e08f85ba387c2b4971c2278075d1e7fe613416f4fab4b24f

SHA512
666a480929b38c5348b45d241ab17c55aa933d1e67eb1fdaedd990519dfebd9faa933ce0e992d40802695376d41cf508de0e27874da851eb2b0bc1f0baf4004d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8f8ccdad4c39ca7c7e64266a7566a123

SHA1
a75276cab5d88b262ba79fa12a0bfeee61487a3c

SHA256
a90b606dd9301fd59c5192cf3eeab16b31fb53100a77faf221a0e57d155ba354

SHA512
305066a1b6bb5f4453162820a29dc4450b4be72660b4765e5a807d2550e306f85dca49f7198b01d07094233ac2d18a6db947f9525ac701a1393e2f78a3e353e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
42d64a6595df2a1b6841a1e5a2f87b1e

SHA1
34df20f8a54452c855f104f7b8afb9b5f96618ea

SHA256
cb79dfe62b4d0cb98488d014ae0f2d455d9196ac9ba0495b40342c5e7e99a039

SHA512
92d7a0698caad0e62d0cea197255afe5c81a48e714402c7a7782ebb71937b73d8692e1576c8cb28c5a6c5a7a8e870b50d49b91f7d837ec56d6105ec575b34c61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e6d75900d867f0d5d8d3d5c04ef9de01

SHA1
9cf10947c376e0e84107f3e005aa9b956c7df9db

SHA256
503ad00a2149b2728d6f0db8867f3c21f915b3403987e7684b27a1dc53d49728

SHA512
5fdec5e39defdaed55262f3a1b31dc321b7ec36c6d148a95393bd1ca416a90f305e70409d041defb05b22b08927c35677e6e02f80de07a1cbb0829284f02b3fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
388B

MD5
e6d48ee42bdb510c068d92539fcc5c7f

SHA1
05a2e32b424cb8789ebfde59eb3f036f980092b1

SHA256
54ea8202b841ea6ae5ebb73c401f386eddeab9b2849cb5043725132ba3052b88

SHA512
08f353767e39c6e14bbd3c3f98e3508dae3a1fbef9227fa3d9ee9ab952b41a470eb94ced5f74837ca92c860a898f5b283ee5704b0f3b1df61b80af35ac239765

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
248d54e4e8960175840e932eafc3b1bc

SHA1
db6d3ea4bcb0bbc7da6296bd816a31d681f1a511

SHA256
6755b165104fd3a9a8f779dcae941dd480f19325eff82d66b5f099a934832cea

SHA512
8eb0874178a4ce4b63c1b01e941cfe183c810160cc064b0714745ac6ecea100662f9464ed4dfdffffc9b309daf39148760f3819488b2179250f206286c52e6f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13361371416998987

Filesize
8KB

MD5
b78b150c5a47e6068a63d60e4b74f755

SHA1
c3a8c6649a22841c70c755d0f60ebb2af97277e2

SHA256
5a21030d76074150f8525d1c287d8b1533962e2a93551d24d21b9f690722eb26

SHA512
c12a5bf8f26b502957a17dfa2c1b7fca160f5000b56fc997be6c4dcc11abb566cad96750fe47e0a402fca432aaef2d776c0fa5d3ccc78476d5feb6fba6b14b40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
100B

MD5
f0a19ee93286fefb8a5b99becd672af5

SHA1
39114b9b4f1d3bbe6b2fc3b88b5360ebe47f909d

SHA256
67725fd4ec06f7c31e11ab27c621d6844e4bbe09f93c66caf0feb2dd34c177b9

SHA512
946f9d5ea7fba5c760a5913ae8f3f00da80ff0e3bfabed5053dce5570a75e878b34688a1573bf7c673ae457c5613fd036bb50bc73418d33e28373c04346dc971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
5821da92a063524e50aeb190c5e0625d

SHA1
f8a92c1082691761601c64a487e6f212ca59b449

SHA256
d14c54ab2c5913c3d30bed5eed8566c3a13682a31a6bad9386d7079b85051fd5

SHA512
8b944b6ca59f93a543726012a1942fefe3d8ba2300eae0c3252caf13a95e021f38c3bd5c826020cf15ef8faca08ae26d8026aa10d51eca0bad1abd41f9cb9cdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
6b9291d280e95031dcf864e269e2fbd2

SHA1
d2d0b2a8bea18eba8f62e0204e0c8f99920b5ca7

SHA256
7c4de0fdb55db7f2f069dcbeb60c89ea2fa83f9ebcd41f484ddb003d15f829a3

SHA512
fa6b3d077af90601cc4f937d9783caa791d1c77c7f44fe3927c4c9864c4aa70c6a189444e3b26953811f8b9db9bce67edea638b908cb8a611bcec9bd76bed4f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
91fe80f28383421dce683f13b48500fe

SHA1
f5365221be32b73b57043050a5b1cf28f41e8d41

SHA256
d0a0965c4aadfca4a19c00b27ccbc4e0d3aed6cfdb5ef6126197e6cd54368658

SHA512
b76428feb3cacfe61fcff632d105211cd2c48aca1d3a4d4f5c39bf1048a382b402a39ac3281246daabeb785bc31b8694c02d12a0b790ca605f33087ada26f5c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
9702a000ce84d6a892fad10c3e1d0824

SHA1
b61815a12a56e7623a49cf28edbb60aaba3f7adc

SHA256
c44082272fc6f7348eb5bac0bf7403232a1eaa0ae25cae043d82ef266e8cc400

SHA512
a619b6c5b69daa1d899863a78b854ed6c2a9363b8b5da3c874574c1fa5b68579f27eadf264cf643ad02026a270eedc3c565f2e9192c1dac654a610bc820f2966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
e8725fe9decfb73542f5e929c2be908e

SHA1
ff7f406c11fda2aa2d85b281de0a081168b1858d

SHA256
2609b8064b5c94ae5bfa85a0466bfa7b242ea8d3be897a454245e19139dc3a73

SHA512
7e64cea0412f97cde50809af2c6f28933859c815ea3883f54c9fcad46458d1254cad2761f198edab47336225b81b1d10a4827c7f91f42d5cf6723c67f0181ff9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
f0a33deefb6416520fdf3ea1081fa0e8

SHA1
5d9c9c29f2df2841dbfc3039308fc1df50d3d80a

SHA256
28f43c4301d06da56898c4c966bdb97840c3855a54d2f35e8076bdb870f469f8

SHA512
2dd4e6d17f797a40813fa0353c1e47f334c40e1ddba747434c938dff6c88c0ef466484a43750119d72376e089a1320b11f854955fa56e3aa8e437dc8d78071f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
27e31f4ad361200ebbfd2fd8eda4662c

SHA1
a40f9e9f4977c1fcbfac6bffff5bf0f34b05b698

SHA256
6579eec0079b2ebd372453a73209eb52aa5795fe29f3646697a24407f3f2d563

SHA512
c8e7b6ddb3d22742b77bc1e7e310d9b54197c0684254d2b040d59cc4e1da042c831cb0e7577dc0ce822329840abb75ae000389805dccab12132b84ffd817daed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b36d.TMP

Filesize
706B

MD5
5ea7f39ad216ccbe46649365b29d6740

SHA1
2f1ec7d6c9f698ebdd9d0622a5c514ce9bf538da

SHA256
2acdf0c572dfb8ec444db518057f1a6559b6676df36ed1f1f9c5129f2266e5a4

SHA512
6b8c0aba252ca128829a97e447bac5a742c02e3cd9286ece3dacd83f86d2a42ef3f05fc058e8bfc8b2a57b240270330ccab784511a24002a1e11d228f01a6272

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
85f3724fdf09dc55e746634b261f6feb

SHA1
85a1d25d0b06d4b05c1cb36d9fba48f6716a55ec

SHA256
0a43a95f6101b54ef7e74585ca9c870b8ae25ee8fb59e89a65c6c4493093ad89

SHA512
ef43f8c968de01a6554adf846dfcb859a0ea77d577d7bb7686b2108b771c7090e0f8c0ed1b6b09677b9679a5ce4f029b3d81a3d21fff259b0ee8b4606e5058c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
116KB

MD5
2b671e41fbae7cb8af89bd2fb2cb94d2

SHA1
c19b0d66c1a6b77c08a56e167f5b73d597417c9e

SHA256
ca85305a0400d3462d80523cc305c8dcfa65a20d88f29009807376dbf890c643

SHA512
e0b6f685059ee4bd5fd0cd36a409b49ebe9d5b94f6280a2c285b42c21d4d6dcbcbd10092de46b56177052cc952566091c6df9e28bfbf436cd446a740f76344c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
44KB

MD5
f0b546e1a161361cdc7c77314c03a5fb

SHA1
154857ca9401a9027cdaa568d42ad49cc47d5b76

SHA256
f7b71d31fe795c4720be60878dfb41c5b3aeea27c5ab2c8639793979638705a9

SHA512
bfbb7cbb5db55f901f4b3b0efb236af9abfe5bec8cb53946a062c2eaaff09e1b595917c4a27875ca242e4db485a62fc4f9664d9935bdc019a2db1e88e90eea50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
187B

MD5
2c5ca1f1aac106a84e2139973146dd56

SHA1
b1cd4f91fae8843386ca8ea2f3c06237cc591d7e

SHA256
6227a126de8efb557ee2a771091e360426c152b1f6aff8a1f954772d37e59a50

SHA512
dc5bb76de73daf5ac89e7804ca48a53a5dc2f7002a1c9b2652b7f3e09d4fc9eb31989a5459a9a2c4392fa5afb26695d69a2616406d7289cc2c37823abc77252b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
322B

MD5
44091b8ec79b6f5ffe65fede0a5ed447

SHA1
3fbff0a4330be19264ac5124e5f9522841472afc

SHA256
8f8ce398b3060d0dc2c135699aadda5def59c18e1d3833985fe93a460504766d

SHA512
8b94b279b29b542f4c845051111a268a95f8ce2e052b01f45b96ac390ad356032eec3161d15268cbe8a2860b5caf3a09d13539927b0ede0b6455f295fa7c2c0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
594B

MD5
717f4ccf0b8d9c53b6bad74b3f235a11

SHA1
a0a63075de8ebbfce799d2428d839deb8a90e6c8

SHA256
cae87471b1070ced2d02c423ff66cae332f633eaae94a9aab6e7b3e78d7c24d1

SHA512
e5b0d65c62ea7c48b8ffa7803a75c1a1c9cf8739739dcedd2ddb1c588119ae44a62a56ef8bb15b8feacf94f08aa8ec813fe5c557d0c1029d42fdb0b01537761c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
340B

MD5
a54e78ba3d56957cef3dd6e687a26649

SHA1
82828f49870a383a95e71c639b8d1fa9a84ee314

SHA256
c04ec37ee6c7fd0c9af8002aa8b06081aca87deff2b74b364d9cc9a447d0b785

SHA512
413b9369a548e555d92cd2ca7ab0ab9a9d2a90dbceaf96f00312efea2acfc01e5f21ad12c124f07e8fc3991f522de6fcac8155e988186db5c7a1762c4b95a05b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
d19ef541316e511494ca89eabf960baa

SHA1
c395b5495064cc23c41f3fa095e70402921afd96

SHA256
ca9f01d3c08d6cfea1b22896f756cc82a1d933043c6e1e175ecf2d7bfa06d97b

SHA512
e6c68ed08302a88488e8a775735e23e0b0fe91a7a792e22cd7da23ea73dae1454dd81ddebf047057ac44fddf1ced72cbf4c1d5f8e5ae4a86c3561fcef9aef2a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
3330f988752914b69841dbc5e0d88dbf

SHA1
1ae259b40fd0d31fa22218d4c28c4e9788bf3cf7

SHA256
1dca70edc52d67673069c601bb0f1a41f8fbeb42ef22ee63b547a1fa455c7c86

SHA512
9d11589113609e5bb64ca54d13658dacccc01867affd87952e2d62abacf0e928e63d41a87bf497ccb82faca0ce15d5daf22e7f931d50c3d8d7c7ae5b2b37d1d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
9bf81f5872d46d50b61e5955b761af1a

SHA1
623a648df72ea4907d78f8b7f9f9fcc256029b1c

SHA256
cb0297fe010559b70536c04efc429a0e6226173f54133b738caf7c9a38192458

SHA512
b0a23b59b7eda6b351b1545f117a01d8b009f9fea25f0ae6654f96a3a99f3ad68adc8ed2f3a8bd794d723d7128d35d372d99e04e6ddda73e43a7dd200aa5ca3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000b

Filesize
16KB

MD5
a1915da4a339aabc49f7f52ad9250e23

SHA1
4167efd629e7c4afc98807091859344a2e004b19

SHA256
3a3313e4266585271635d66c19fe0400433a5844ce30fefa00a59da9070d7244

SHA512
9853006133be34733e23c7f7dfe1ca5df5ce02f9eee3d709b97aafee2e0c9293d9107519a1dd9f9337b2b228d5fbf504ad6865b3cc2710b6db9d24990e164533

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000c

Filesize
16KB

MD5
dffb7164984c0c892ad67aff97aab87d

SHA1
df94cce03775263525ecdf1a4f6a55adf2e0b6f8

SHA256
6103cd48521fd7b05920814ed60455f92b327e00330008ec4f161e9bf5135502

SHA512
bc8c4f3643e19b8e2ead7808a433f9b3a07b7c64409b9428ffd5ada52052516bd7eceb77f0d4de1340d0b08b4fb943aeb827667aac9935fc1aa559173daad97a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000d

Filesize
16KB

MD5
2ac0e9550a06af37db2959aabfc084e2

SHA1
1949433519c9d587f66d317018a2fb2538973df9

SHA256
f077596d48d72f781d8dec4803c6b360e0a6d193758952e70a8a42f309595d91

SHA512
cc943996eb97d1f64408d9c66290e65d7ca499d318cde1492afe46e461964fba97b3c01bd884e23b63870e3808682f981345de7eced62025ca2be58d5d82a43a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000e

Filesize
17KB

MD5
c78af2a72d922918aaa9a7ee0633ebf7

SHA1
9ba184b99242e924a4008a9fefae7fdc82ff718c

SHA256
c08595bc5df537c37ddaf7a7018658e1760042192819b9b0ef7eca3241f6b14a

SHA512
7a5be7f257c2ea9598f4732d3f565a84d3c91f6a86566a9bb18d859700457247fa50f80ee0bd23e86d3617bd390f86e3c655855229a09b13eaf8f2d6945a3fe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000f

Filesize
16KB

MD5
92b43906598077ae8c0e45639c3b4133

SHA1
d50c4f8f43f79ff8bc99f64b364308e68cc57c23

SHA256
4fc08f854d31872475605eaf60469b004cc91478c45b82e7ac8a4afa92992247

SHA512
5dfdf54e96ad2015a5b7b493bdc298a1ae04093e987845f579859c3eb6153f03eddc4747027a1c0282cd7d0baf3eb6e86dec5fcae68ad23454c4823512cb386a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000010

Filesize
17KB

MD5
ebc7d58b117c23ff2de05acddc03e71a

SHA1
2143c9b272b28542932105e4786c042f2aebdbb0

SHA256
8ff8042b63345ab19847151e9545bd78092adb640172ae598fb6ebaa8cd69f7a

SHA512
7ed671227dd7b05e2d0da8b546cfdc36db949f99a59fbdaf51df952fd788f74914cd89546d73317e713863e679bd6c670fe553a47e80de1b19957048191da969

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000011

Filesize
16KB

MD5
edb6a264edd69ebf774b9bb1f490aad2

SHA1
a2c3f590997e27da9380cfe7b7ab5f725d59bc9c

SHA256
1804043136f4570e4da86b577eaee6aae09906ed3eea0f8253f3c06baa6ece66

SHA512
15cf2102da17536d24d5b3d758f5f0e0298aef8ef0ee2f2a57d11b79d6d898d1a398c3ccbc587b519f0d082b69d6bef1e18c16a69d8aeff1c336baa6f4e1cc21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000012

Filesize
17KB

MD5
ba999e542109e66c12a4102940df9245

SHA1
6c6848752cbb7544e76c1a8c7eb7af0f7c827a98

SHA256
47edcf4d8d0ee5cdadd611f5ab4e86393c09c0cea83dde5295877198d83c7575

SHA512
c52f7b85fcaaa1c6590d364ed98de201621f9d45e1036c6f90f39c3e6b3d301321fc7a893435a53a91e3f84cdd16dc45e6e164e8873588f7f3d1a97e9835697b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
547266d09560285e80ceb37493d6ba4d

SHA1
52e1e6be74c4032b83963efd412b4a60566bed4c

SHA256
5f49f7742e450641a61571ee59a6cd261b549c2212b3f974d32fee73324fc44a

SHA512
6354ecb7452a695004d56c5bb0c7c06b229cd204ef36b29afcfada858a010fec224a7688aaa1789666dae4b4104770e1d9ec576ef3d783326786a1bb6de6baf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
156d1aa7bf81a88a392eec32d23856a9

SHA1
b589c508f74dd8a17652e7684be600c94f09956b

SHA256
ac96feb3c93540c769994728d64db2e1c2abdff9dc8c619f931a6cbddc8d8342

SHA512
d148c96e394b1d8ff1fec3bc5428e04fefd329545c62f8f9b8703a54796903510338131587cb7e330145e28200341daebdbfeac87336d1f6a2e4e351e61bed74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
54cd064ca8b633892309c50a07ba640a

SHA1
b562d1f563c1b4b2a432a09c7dcffde1ba4399d1

SHA256
43f55ffbf0847c390ac8fdeafddf132b956f43ff0f4b6feafa90c748e876bc13

SHA512
a4f2be733d6c285d8baf2d1da5054fae94de970b32de8ec748c3b7db4146549ba46932c44b5822b4b4c7d3fa59f26895ea1ad6e81baf2a9f78cf3b3fdec9d7d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
6bb0700f75aa3cfddda3915eb1ba6f09

SHA1
bcd2015ec08d401b1c3e1328f125a4627435c177

SHA256
91fb05388c1abd248557c3ca746d39b40f60e58c6096c190e4d4e322a6b37f8f

SHA512
807ce7787417ab469b25d60294447e00127d15da1b68662d13827f21fb5053e542853b3076f05fe0ee87ea616a7eed36cb48e87458f9f7720128d4bc549dd63e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
9b41e92bbbcd45c7530f735dc18d6fec

SHA1
15f13a06f807ec533c4d5e6c96a6e533b97a50c8

SHA256
d1d3015faa8969a08e6ab45627f2d7f0209802651517ebc86d480c7ce64e1597

SHA512
7d68c1d02714dea772962583be88aaecfdfe1b1b84db8d15de2d06512574b516fdde539cc70fd7363f8d1dbafce822f8613cc0fb6d406b66da676b4a97df3d1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
75ca887a59b2b3772b2954665c0d2d55

SHA1
5e0f428999af885099351dc6457aea80f0a6e203

SHA256
9d6f6943f8916f6163891a3abce8895c7dc54ce01d75bf008d6f1a5efec13aef

SHA512
421b915e09dd9b34774c78eb180f134f623d749cc08f0f98d8e7f7e7176d5fc09f561b9d4ac2a2c8a1220f06ba60e85c6c815b9e9c099cdab4c3f70447d523f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
b3f15b2724c6222e5e2f24c7ce7abc10

SHA1
9745dab5d9c8f14fa650113d7d7a488bb7f72080

SHA256
99d0a43609ee183094729c51b2bbef65179aabc95aef0e50a47b9c9865c52e08

SHA512
ea52513ae7a6102ecf34dd090256620cc39ee839edb4634b1c84cff80bd6d2cdc7d35ccd8364f095c80ad99c44dad0e508ba8d8b06f8a7124db7beb1648c09e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

Filesize
4KB

MD5
fbbaeade00a942f1fe7fa076667691b5

SHA1
9e1ccf4c517735fd22baa45aa63cbda1032c0ee5

SHA256
84298c752f58bc2e1a99789cf2b538560d18500086ea927d95dbf3cc79ef1b44

SHA512
24ce9453f52c889693cbc2510c5d5c99e1f7dcc79623493f9c1b499014b45728adc3172818efef938ccf91ddf7eda7a93d59f4bf8615c8c0963b36d4f21835f2

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
536fe94f314734c3b568a8add87e9a31

SHA1
4e23075e06d9428ce87a954bbc644e87e983543f

SHA256
14b84a3f5994764955bda0a38cefae773c895a5b4755f60a7cc103408c0abeab

SHA512
31cda02b992fcfda21e37bbd92992863dafe543f1eb62fa65bf422fc14a1ffa8dbc63611c74a09a0355c3580f3251c6d14be1b21125a46c50f393dc0c3d649b4

Download Submit