Analysis
-
max time kernel
276s -
max time network
303s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
31/05/2024, 15:50
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://twitch.tv
Resource
win10v2004-20240226-en
General
-
Target
http://twitch.tv
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3808065738-1666277613-1125846146-1000\{AAE80C72-6E7C-4F7D-A3C9-3C47B280D5D1} msedge.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 3188 msedge.exe 3188 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
pid Process 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe 4852 msedge.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4852 wrote to memory of 5052 4852 msedge.exe 110 PID 4852 wrote to memory of 5052 4852 msedge.exe 110 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 1948 4852 msedge.exe 111 PID 4852 wrote to memory of 4276 4852 msedge.exe 112 PID 4852 wrote to memory of 4276 4852 msedge.exe 112 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113 PID 4852 wrote to memory of 4728 4852 msedge.exe 113
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://twitch.tv1⤵PID:2748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=3456 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:11⤵PID:4464
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=4028 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:11⤵PID:392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3392 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:81⤵PID:3012
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=5536 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:11⤵PID:3712
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=5820 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:11⤵PID:1424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5396 --field-trial-handle=2252,i,16022092570067181109,3235558581947505669,262144 --variations-seed-version /prefetch:81⤵PID:4272
-
C:\Windows\system32\werfault.exewerfault.exe /h /shared Global\d16209791f2b4df183f5629bf03628af /t 2988 /p 26521⤵PID:3368
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4852 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.52 --initial-client-data=0x2e0,0x2e4,0x2e8,0x2dc,0x2f4,0x7ffaeb832e98,0x7ffaeb832ea4,0x7ffaeb832eb02⤵PID:5052
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2160 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:22⤵PID:1948
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2464 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:32⤵PID:4276
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3076 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:4728
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3492 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:4584
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3588 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:3572
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4752 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:3136
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5052 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:1312
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3836 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:1900
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --mojo-platform-channel-handle=3628 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:1848
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5624 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:5084
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.52\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=5624 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:5040
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6032 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:4708
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6088 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:1424
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5060 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:12⤵PID:4780
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6304 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:3368
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6296 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:4748
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=6460 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:4520
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=6484 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:2576
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=5304 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:2636
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=5532 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3188
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3904 --field-trial-handle=2168,i,16052443044805088421,11592243418544632453,262144 --variations-seed-version /prefetch:82⤵PID:1160
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
280B
MD5b92df50be8b69e8d054ff376ad316c0e
SHA13a8f09d3543c3b0959ae59353c893642f8a5941c
SHA25680bba57e733be393031476f8f6d1f522897767e2c60acc2804e16f4dcfe7656b
SHA512ef4f95e0f560c098ce7e9d2a4fe5955031c109d9f95cb30b20317fb8a99c1855d1cca203e0492f5172b075c650e0ab4e9fa1df208f83bd8d79e0351a89371968
-
Filesize
280B
MD584421d715e7f65e0997e410a71fdb7ca
SHA14405cd2c17db66030debdf52b7068afebe9e157a
SHA25680607fc1e06f88f89efc60821930bcc7802c759eb8c7949a3b1a87beed95ff8d
SHA512a362b1adad3450450337d1d327f26061d36ea2ecbaefffa8c8df0cc208ea9d055e4887dfdccb31a7d25701240815cf145d00ced81d94c14aa072c026df5e8541
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize1008B
MD53f094150879bcf50eaf02d49ec9d6b75
SHA15c49b252a2fc3632347390272882103b1cf0f26a
SHA256a4915006e7b3955995784d9ea1d82c8be88c12826395d306adc48a9cbd55954c
SHA512b7d0b77ff16e17110a85f7a8294aa1764bdd76ff464e7399827339f045118cba7bb745cb412ad76619645efeb4d50ddb2f1d9ebc40d23711e3240be574e15db0
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe593109.TMP
Filesize192B
MD5b59d534e0ab287595e9de6021f2925b1
SHA1f5e3a29750afb5ffaf536a9dc4efc2adcedfe76f
SHA2560d519468b88f5bc24beee9e9c2c30e4d5c05b959ca5e47b22431c8d3d052de29
SHA5124e3f10ad8749d63eb5433e842ca4884ef28c48db7c6a0b3513957f3321f5bba8b5f082dfee578256f90dcc2b6c4d6ef640ebcaacb03ee7e30e0c228d03bad5c6
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.twitch.tv_0.indexeddb.leveldb\CURRENT
Filesize16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
3KB
MD5e7883ff2404aab2693e1d673ba252a89
SHA196083c61d543b49b93131460f8422e0c5fd7892c
SHA25680252975009879692321281a38af65ba01a3685090afc456ec91303f90d0907b
SHA512b5164c5869ac7b01a4b12f0ca7414b69ff239622eb914dc226fbbf8e8459fcbed3d97ba27b8a3ba2c71ce047458938151b282b09ef3511b2324b687684b2543b
-
Filesize
3KB
MD59fab1715f34e61d5325c204a21a88a44
SHA169860ec1d99b3c15afddb5367190b934325c278e
SHA256c9746619faac38a082886da062990e6a774a0c138251e2ccff8fbcd05e3318d3
SHA512fa6636f14ef10ee29669178338489912208a99156b2187504b55a150d543d8ff008ff4881b8ef903e106bf8ebf219e0286c6678e959324af83633a8bc73be13b
-
Filesize
3KB
MD5a5185fa00fff80ce78fffaa8dd076017
SHA16a84a6c1284fd32fe9e7fbb11b3c23f85e3133d3
SHA2562f4e649298e2cf8fb0c1153be3fa1f5e2e464a0b1194393fa534becfe6d81978
SHA5129e869c467bc24526fe9469287b53a556d7a04d7439b7671dd406c40d3bba06f444a1b9e044ceb6f7364b1fd5225f370112d9d4d679d794e1ace560960c11e395
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
Filesize
1KB
MD5f75410c3f7d3634c7f3374eff41ad92b
SHA18761512db35be208e4c2437148b8b9fd1368d21f
SHA256ad771a49d075622e79f17f036f17d2c1655a6eb2326f7d268057362ee80d959b
SHA5123fb4ea0fe398464fc0a3299d78434c5fa54720c9f6ce8222490f688666be6cf1c8522efe8eb3e82581723a5ac1f3591dbb9f9d3c4282cee9b413ccca611577e1
-
Filesize
859B
MD5c7d179687610b018e34904c5c8edc6e4
SHA198d221daeec37665bb03293892c55d241b395e30
SHA25668dfbf18f2130db9489da504eafc5b778837b6134907886c672e9f475a96bebd
SHA5128b3b783961a3de633d70ed2aea7abd491b372fd17a9359b6bf31c9598822797998e226c8f5dfdd649f1d8fb27b333843004152cd6237a39498a4df1701de1933
-
Filesize
1KB
MD5b483e0df704c7ca7307d08009b944f68
SHA128173961b01f53510eef49f6aed1cef9cb4c8180
SHA256acd2693ca7f58900c5de2a086583f5df2d55c74424b145591dec56aad9adec38
SHA512f2060420d5525243bde69bccff399af6fcaf62411f578ee908aa0344dac8f48198dd18bb0553c52846b2cfefb548225dd2f15020fcd856490a2af1140532e221
-
Filesize
11KB
MD53d6e8abcd4f40b029e2c06f737710ef7
SHA16ede14ae3a5c4b744c6d4e877b6079dc7547a061
SHA25698eb06482e530c9cdb6947d87182d1f10613bb5f33a9fc50c0264be68472a8dc
SHA512057e1624fb453b0288d42bc481f977b7433a10233385de1039300fb12988c7ff1bbc9709da61ad184d3a260c30cf87c3de168fdf138f4e9dee701e81216db688
-
Filesize
11KB
MD5e1a167db6cc7bbd9a1803a3093567754
SHA115d859bf7e00ebc58f3829006feea68e62a61711
SHA256f51a58372bdf7dda3cdb64b6e18ec62b760b387326101132c3d9fb22ebd21776
SHA51245b4e7da02b393f5ee20130f0b6209d0b216b11b1747c3b1cf0eacfff96fbc1a60298ba60f4ff2e6997dff44eddf574cef2ee8cb12b3c5c688cd1b62ef23e7d2
-
Filesize
10KB
MD52602990e5e68888ca16e682719509c71
SHA191ca2f304dcd9d3b77cfe3fc970adbc1b0d66e42
SHA25613edd00379091671d3f7c5fb41330ae75beb0bcf8e20433c46b9c3c580166d87
SHA512f4bdf8d5db64b1d428f510370da15d6749a124d72ebdb38abd4ae377ecb38221b6124b1a7d5fabfc0d4434fca64c22b9bd8cf8b32bb774064f5ff1e0b43e3c87
-
Filesize
10KB
MD5ecf04de8b8dba121312716bf66dd2c56
SHA160678437ad9e369f15693fa7c353fdd7fb8c3a26
SHA256b31495c772e0d1cf0a99861d4c8248913c96ae47fa600aa529410731af1917d9
SHA512e8073ba82a853ebfd0c2ef37d517122d7ccf5a555315ccf73e54d74e21431b751f6a818e2488746e8465e029ef4a8c7465ded6607ec8a57b4dedc09dc518d6ce
-
Filesize
30KB
MD5f7687f2c41fbca8ce64ac3a27f55a08f
SHA1c28d228458423471b55934c22a61cb8a865a9a37
SHA2560d8a6727dfd37fdad7d7f84f673afa7937f15ed2a70b9d72ff8dd56526d95f6d
SHA512627b86796af85385f4de10b7663095b226eaa0ee7afe3bebdefb0b02e5243c53000ffa2ce8699d1f92d2dd28eec697356934f1dcf1fd1be3ef99b9c9e2e77555
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD524e8f2746151093d490fa1efdd2974e5
SHA18ff21c0edff75ed2c36c400ff4329303fa089359
SHA256cf95f05cd4304ecd704e3cbce80b7da7e0daaf8b594b64068ec46d49b00b3d74
SHA5125fbd77f085098b5b9e5a25128c86573971bdc934954987b76e0ed63f6f789e6bac8d81a05f6b2bb8c8b5216d2eecc3b9a91e3beebf8060b0acdf14d6174f0b56
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5911c9.TMP
Filesize48B
MD504a4d74f4d5d82370e861a57f9548e61
SHA153d3cedaa2d321d51f553780b4b39c2877a5e408
SHA2561fb499591e8a599aac18e9b80aa6bce8343a9024ae14a48a83c4277c6ac58b58
SHA5126b6949f15d3e1b4c732e2d03ea5c439629880e2cae1ea2bc1a7941d6827404db4acf3fece5d9fbfd0ced638d305a0c07c8f8b4278ee6c5486d7ce3871091f5d8
-
Filesize
36KB
MD5916414c9407bee9e9106cd7977fb99fa
SHA1f4d6ca42ca2e704a2860fc7ef2d43fce0b4f8d4f
SHA256e5d0da2a526f0bc74947a7c683d70379f9337a52a04d839f12cc398de349ef2c
SHA512b3fad3b8b76f41d1ea34c3acab15d4ad39e38f1940b3c6c1231870d4332453bf305daba16ade3978f88e66676adc05265417e700240bb80db40ffe80ff519002
-
Filesize
36KB
MD5ffcb60d93e7b83b66adefa6d75426678
SHA1f01969d820ea4977a3297707c36854c81dbe745c
SHA25628788322a05a058cb4745b2296255e1416dc2ad7bbadc37520cc3d3bce4c09bd
SHA51201d7d297384531896330f0fd2bb6113b02947ad7ba4b2d4e846a21b8a0ebda7b70c4e8e9ba551d7e5017a87059bc67a9bc1271a46f7b8e1fe47fcf09e12733e7
-
Filesize
45KB
MD59ea8ac536f281bb107ee72435cbd7c2a
SHA1017143af5d35cd5cd71138ac843f3c734bba24c0
SHA2567958dd1454c5e46441193ff5a0a45238703e32d214a1db60b2423f0997d79d44
SHA51271e421871b294ec3e86f0b9ac2da53695e1f5f9d2d022fe20fe1d32cca3bac861970ae9ff2fa94b1e47236d77e2bab5d8b0268c2b0918b32f821935eaac05524
-
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
Filesize2KB
MD552bdb565825d7560b4fc19a5b221cc23
SHA14f1ea0eb3f905a7408feeda93b4d162a2ad834c2
SHA25650061f8a6303d39a80ca019fa11ce4ad477d58dd8138ae81d1eccb8d4d596906
SHA512e0f2a81873927df71bad201ca0c7f7d448ec4e51453941095bceceebd565850b24b1e6c4859600fb78d78dd98b040004c785b85a337cc16fc5239be2a39d9307
-
Filesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84