hxxp://google[.]com

Resubmissions

31/05/2024, 14:56

240531-sa9n9ace53 1

31/05/2024, 14:44

240531-r4lc3scc74 1

Analysis

max time kernel
593s
max time network
592s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
31/05/2024, 14:56

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-540404634-651139247-2967210625-1000\{329D4455-F840-4CB5-8CC5-DD9FA72D5F03}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4716	msedge.exe
4716	msedge.exe
4108	msedge.exe
4108	msedge.exe
4600	identity_helper.exe
4600	identity_helper.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1928	msedge.exe
1276	msedge.exe
1276	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 32 IoCs

pid	Process
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe

Suspicious use of FindShellTrayWindow 31 IoCs

pid	Process
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe
4108	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4108 wrote to memory of 1812	4108	msedge.exe	82
PID 4108 wrote to memory of 1812	4108	msedge.exe	82
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 1388	4108	msedge.exe	83
PID 4108 wrote to memory of 4716	4108	msedge.exe	84
PID 4108 wrote to memory of 4716	4108	msedge.exe	84
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85
PID 4108 wrote to memory of 4100	4108	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb633a46f8,0x7ffb633a4708,0x7ffb633a4718
  2⤵
  PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2332 /prefetch:2
  2⤵
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  PID:4736
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5732 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:3784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1360 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:1456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5284 /prefetch:8
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=1908 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:3820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1316 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1756 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
  2⤵
  PID:1908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1732 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:3648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:1
  2⤵
  PID:1752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2312,1204902043462701793,13877908196810241243,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7000 /prefetch:1
  2⤵
  PID:3864

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3996

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
69KB

MD5
c356a0c771a0209d3482777edfc10768

SHA1
1ff2d992af8a6f19c30ecbe8f3591f26fe1cab08

SHA256
32381f4549d36fa4583e599adc04056a4da80a6067c6805b7081c3f3f54a27ad

SHA512
561084baf8d65579ead79e79c2c3920ef987384d52ecc11a2689aff95c54a6b823a0c4a8e5b910e60e569450e36563f53adb5796f261f13bbeea59130b81fe3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
350KB

MD5
5f6f93d97f3685990e2b90e3988f95f5

SHA1
18d71f933e57dec70efb29b5abf45e595a46a3da

SHA256
b1cdc1cf3ff7b9071c5c2e6d7964ef2f73086e7bf63b309d9bb4eba13b2eda17

SHA512
214299244e3674b56fdba3c592d2ef9e574ff9a551ffebcb8497be49b6f107867e6f42a0d18349aa222bef92008976413a34bd173c5a4bbcc37aec4552541694

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
133KB

MD5
10707f8b6e53fd0d9c1ad8f38fd321b9

SHA1
9c818da320f2f3c9edb8eec85f76b269729c9008

SHA256
cc190c7fbeb41adea91b90c26e619edc49b5499c98d359812ec578d41844e65c

SHA512
05d2e90720c509340af495afa0a3f3cf3657263ab6cfe607b5862002a03eae5496f3a4379103a07cd7eecc9f12d2ae8db78412fa8b5fc12ecae601cc93f2fe95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
25KB

MD5
a64595549854c4300e0fea12f60b8c73

SHA1
d2095744d7d594eac8b6e8cecf29c07abb354d37

SHA256
3ce41a02cefa6aa03c26fb9231835500f568d22459d3fb8691cd0a01dc22a11f

SHA512
2966593e2efce7a3afb998977fadfe0ce72e9e2825ab0f00637f2749dab3e87c57c347091a0490f5a7b780f3cb069f0cd884b80bbbbb3c08c8e569efde8389e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
75KB

MD5
433cfd6aeae9c388dfbb5b4b2277ab0d

SHA1
64fa8c6949c578c9d351f5c9b3470e74fb0870d8

SHA256
8f6b21f6c332ebe4d57168daa3e84e48d2ecfc551e81cc28ac572d4b70d159bd

SHA512
091c2b48dcb3e5d0626087ca39d06b19360624d228f11031fd0676cb4ba73268e49ef8a0148579de5fd8300002dd9e00d0b6b2ed1d05b654c83c55c044218c10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
152KB

MD5
72e9215779634bd99074e0d6b3e34169

SHA1
749c8b2c38d6b32ae9fa666f846940a9b90e09d8

SHA256
63a9f19f7bf01527d1c9cdf44f39f010772966e16180e8afdcc82ceb6bec9eae

SHA512
cbb0c9082bad5958531b6d1063d50efbcc46593e2a07c473342f45ad0e2341d881cf794135b963db2fbe0aa408e571b42d52a7de30e4e420cb745b4006b9c502

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
157KB

MD5
f63706c2f899261ba798861811880e6f

SHA1
13027b1e173f478c68b241d7bb8b8d570bbf212e

SHA256
179c6e3d901f7719b6d4094b469321372aa8d7eb88574e2f0cef5373add910b7

SHA512
2b13f39cb807d305a2981b39b26ae54d339852a9a9fc931df0beba4a409eee401ffc82dac81a3ad6c702fada4a23dbabee5cda2de2669311fb23335819e0b52b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
36KB

MD5
423885818d67bfcf00e21be13f6f3a71

SHA1
a79144758af1204bb161fcd79e74c1f692afb7a5

SHA256
5bb552beb00af20a3a39660decabba8520cf53ff43594d1cd923f9217081d169

SHA512
99343f25ec96fe803d57a1787ceff649a5350de6e5624990214d604cdd6cb3a4c5a8c069a024712c83e70ab91424ac1ac1f7d3c7e16f9fd498342c46ded593a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
1.2MB

MD5
a60df2bc955cc9a12ceffe99b2aaec50

SHA1
914b78d052111e64a7ba10140c7329e8979d7a1f

SHA256
95d1ed7cd185a35a9bae139ec8ffaa570fa55e5a28848ab085110210bf53387a

SHA512
325752e58051317c3329768d0abd585e90e16d9d13909b326f59b58e44639c3b482863d37bdf6dbced24d72e7f67cc335ba33b22b9ecca72c8e55c1eea9ca211

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

Filesize
22KB

MD5
11add1e71a824ad07302e22b5f7946da

SHA1
57e8ece0adc79712fd02dcde8d2624ae9a016f6d

SHA256
42328157f617796af5f5f1de928d55c24fdfbc83967e6f2e0d0dd886a7f0f51a

SHA512
07153aa3bd5d5d5942d84d383a8d32b6153b820f44ab8d6b9185ed1589436a52bae22457261cb6dde4247d74ec5ca76b6e3cba1de29bb00602d35760e84f214d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

Filesize
41KB

MD5
9a0a6216272f55e4a0ad5b400b4d16f0

SHA1
dd545534e09e15e73890d031db94cfdbda6d717b

SHA256
1dd998ac076d9c40a0a28dea97cb0083cd16771210b0abd6b33095e28d7348ea

SHA512
b8448d5a202b872b6c3fa7e47ac2e0bdef2fc8696ba57ce5c543c7d39cbe3a6914e6f437475556d743d136e358cc89924741fa72ff8c936f03c9a374d042c30e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f

Filesize
74KB

MD5
844f9aa062b6004ff169e0b62fcf99bb

SHA1
a8f904ac8544c2a6f8c2227770c40688c8adf446

SHA256
e4f2fbd3c56f195f7f2517b192999f6115f3a55050765e6f9a324ecbfbfae3ac

SHA512
e6cc4acfdb6cbcbf51714fcdd12d7f5f8cd9727ff7f7d2ddf2060869302168f18a604fa1bbbe7625e51d7519258efa7a59d6e37d28a0dff32d30ab27d7dc0435

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f53680f7630e8e8_0

Filesize
347B

MD5
ae56a95763596b941806e7734962aeaa

SHA1
4dc7afd3a4fd212b7f4065023a53937fab01fe0e

SHA256
6f37df0a6010453f9c8c425363abbc8b8f67bb4c4247e2e58a48394fbf63c623

SHA512
28731801bba0ea21469cd84033a89e4d0520a762c7c341b4c0c439d4f20a42dd0e30148cd9537146e43f1994c0340ca3bae73878ccf6f579268c2efdf31e9a93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ff1a1a01bf98e25_0

Filesize
1.7MB

MD5
b68b5c758008c43e93ece512ae8fb622

SHA1
f17603623ebaca431cfa644fee92c30df462ea6a

SHA256
52d1756b22fb705037a79ddd03dd260047524b12d683c987949bfc4ef0ae68c5

SHA512
0c6a526d9454eda09d7287a18d6d1330bf1f2eacb35673c0570cdb6528fbde893f1d2a89c7c9f1acfc53145aeb3a008209180bc0ed2f5cbcfdb70f2c9bc9c6cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0716d9f6c6be0d7_0

Filesize
2KB

MD5
ce4336ebb8694153a96541345ae60e0d

SHA1
caa0b74c1dae83c6b4d28e31ef12782fd103210a

SHA256
3e1603451d2f3ef7e7980c1401d5e832bccc61158b4ea4fb96fce64ea502ec04

SHA512
a7eafd0cd85c0f8a08dc1121245f037e2d97a0b9eede7012871fd738ed8b3f065606c3e456ca015cda2ccf2e8fb9d18da05847fdfcef6327f8d4ea9626c403dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e785a466c221f979_0

Filesize
248KB

MD5
2ed229ca61df2b3f6bd0d17d1607cee6

SHA1
87571ae4ac49d60eda298de323ea58be7a074b11

SHA256
fa96922a41b628dc27e386dd7d21669df02af18c2eb48bbe187a992f8a9fd538

SHA512
6608091dae7ca6aa6e8e7c6a135e886845f3af8b453d9dbbbac5b9b1e6355e665d73af1eb879565d4caead7a0530cee935edfdf455ea8de24e9b5cb79001db5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f6105bbfb3a376b23eb3e202943a2e38

SHA1
ea8dab0027f0775305cf4aa38dedb316ac103fb5

SHA256
ab2f0df7fa625d4343c9f5b8ecde4dbeca121f6cb4e5934bf25eb50b0fec0c2e

SHA512
e61a8ad15719872c9305416e9647d9f42cbb55a78acfee1b1c5e42b52c94822e4684f68868cf8650ca20d950179530d0c8c18ce535e9b1fa3cfba3cdd8b5dbf2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
0a1c5da19b167463cefee048ae64752b

SHA1
37ba6e3851a823165d234a4bfe6a90c2367e97c8

SHA256
69bc823966036c21cad55ac8cc87f039965120d68611dccbe7bc1fca2bf488a6

SHA512
8f9c3c9d30b71800ef90825d0bdd3b88b0cdeeb484f63c03429b11d5cfda0211c25063f93a061c271e7bc2537cbeb58a3f4488022cd98e72a4340cbabd2935af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
69f6d98c66a3b235f30a8d41122bdad8

SHA1
8eb6e7db2d941eb2cd0be88233a04efd6131fc0d

SHA256
c05f9ceb18ea2305eb22a926c746e3aa47cf1a6beb51b871e8b1f8e92342825e

SHA512
ce64fd053df69702f2d28de815031421f1c8ab3963cfaa3131b1993b6c5b2eb78b623d7019dc904fdf625b275514f016d36a4969353a6901d4d7d6522a726bb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
0102779a7af4f43be2364fc83fe45fcd

SHA1
141ae25bdf2241caca0af1fb94955b2f48c496c5

SHA256
0a5aca165aab07f16a7fe77a2068f91faebc607d950e726984cffd59c2c0c333

SHA512
ad516ccd756b7327c5b17668deb00b829e4b229afa7ae7ad298fc8519e6c41854b2b1185cbc754ffd6ab7c4adac7f2c93335287f8d525895dbe2a5eff907562e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
0b8b2ed28d8c8b5c8c1394ae70e2997f

SHA1
1bcd35e4a6b2c49aeee1e7e04f47a46048f1bc69

SHA256
f7fd126b1032545ce0c9c086e436e442a1374fa5bb2092bfc1f742e7a298614e

SHA512
2657fc9849fbc9ca32d6555caa7b5ade3bbe3bc4c926fa55f1156ed9b9711463c6c2bbdd92c1f41dd3f9e9132a46374b2d17b5107dc6c0a7ddb0ab9667256f7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
dad0b8caeda17c6facb1e8a381291fe3

SHA1
618de742b871ecb3a0f1f87f06a76e6e2f6de31a

SHA256
9fc1c2dc60b794e5f129c7abcd4f2408a93c978d43f8f2a041e471da54b26bd9

SHA512
541c6e948e604916721122d4c5c4a7c4cf2a6b4325b3256ab64a743ccb6a2baae95deb50d7963623f92ecbb3dc491fc7b9f204c44d124fb867d0a4aaec361e70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
70ed785b7220b6a609c68478d0480c87

SHA1
ed1fa138c21738137ab4f0b5e95bb15e76df935f

SHA256
5e83a9d08247ab985fc73058326ff99c451fade848a8de7047fba330230913a2

SHA512
2544337f9a4643e8110307062dec54fa96c5dfb3aeacf22b3a2bb71f079ead4f4715f137c0365632173ce042d11a13958613a6c9977421a3ad411f357f5c5434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
17a89884ea2c5252f049ee56ac291255

SHA1
09b38d3c8c7c2f3149f6b5257043379f55d87556

SHA256
1c109550a0d2dd61e0a00cf825d47425d434f396b4977c380e9c4e52dcb367a7

SHA512
7bef30cc36a5b13a835430d3df4e63b2914dd6efc0c6d6007494e289a061bcb51e835afb985384a5e2f456c64ffb1b0ce9ba2740873eb01586d21f12412eca03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
25fb9b5cc1d123a89bb015ab97d410df

SHA1
9c3941360d0a75680fdfd68f413dfe75eced620c

SHA256
96d5380a0e4b508d1d190f1dfb7226865d9e2a316db2ea240a088af2cca98288

SHA512
d02ab959d00834639e1ff7724448f48172e44e0addf3a2289cd2bc45a9b1649d01799a1ecac881fb034473b115273f72904f131bfa7029419cf1897cbc987cee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
9817a35d0c8d1816ad6676ebecfa252c

SHA1
726cf8c72111d23f362a2bf4f5b1d65dcbebdeb3

SHA256
c635f1aacd5d6342398909ecbaaeb0dee97167473a7f15e3b10ffcaf023192dc

SHA512
899b1e2444391d4a90da2d3c3155f4fbe62cc5ba9403f3bcb05fa81a0b051d4c16ba23e654268748145fe178b3f8538600865ba34f93cec4093ab988a8ed3c59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
93f1754a216085ef338600fa61cf4dad

SHA1
bc1025e9a16b6fe73d4a669ff07f797eab98d071

SHA256
5186cba348fcbebba8e69eaa1e14facc12645e1a88ca96fb666ec92888c3466d

SHA512
fe1d5f2ec827c9cff9e57bfa0472f71a784041e9c58d565a36b40ce6ffb787f0828ef862f9c4505178448e26b5fef4f040ac7455fc5c36ece846274cd28c63d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0e7e1e5964d2a2ab4aaf240a214f2248

SHA1
86936bbae1e0ba1bdd5d850ba1e758c08072c6fc

SHA256
73955759af3983dde325ea2fde93fe8b6897c797108547ef39efa5a062c86854

SHA512
d153807d23b79326092f764a385a8972ed094f734593171426d9e1ccf824b02578401a4c97c6de6126e57dcb62281cac636b055f5236b5c89af4cbfc23ec1551

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3f57f6ce81235fd97c2085e0806e0434

SHA1
d6d1ba8280c70429162d1119e917a7213df1079b

SHA256
efe9a58fcbed15450b33aaabc7602cbc732fd775ce7c52254ff9d789f09f714c

SHA512
98c29774a514ca38d2bbd0c823fd4a45f0fbf8e695106dc27712121848a795203617b13cdf56476f66a6164d7e06cbfd6c25670d8faf69ceb1da1aa3313ad44b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
56f96720cfe6f1741f70e055f5d4dc9c

SHA1
820aa611164cf04ba9e3b4a2b678e577746ff96a

SHA256
65f56ae24582a08ebb4a1fbf46ea36a56e0265a6414f69e502e5714a732e5f77

SHA512
82c61fe6e873d4bd619f2674be1d51f224ae9322ec9b575cc1004cb293dea61eaa813763c797186a8804200e60d694fbe6676a6ef1a79ec33818a2501c9bea0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1b10a3569dc9764c23ae1090ac5a524b

SHA1
90725fbc239084f69f4c16966d738c7e94d0f7c4

SHA256
3be9f65268ea362b7031a98f50e49086e8a00b846f1f75eeea4a758dd7659ee5

SHA512
949de73736823925ffdf9c70012b238f8236e879706978478fe2e52bf3336331eae8042e05f63b2cdfdbb988be133d5cfaebad0f64f7d3579d8305e4f2903655

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
151ac30deb74b60202e49509d89d4257

SHA1
0a6f24bd7efb6f78acd028a3b7a9a599a4a80b85

SHA256
8f85ea88a1292a1b9eaa7485034f31a6f658f72ea59ffb5a2a6b19e9d3d30361

SHA512
6d199ca19a30f0fc48231afc36c09e379d5984fd2826538173e513f1e9139bef7000278349c38b8964412508b56fe97332729b520c13992eeb750358b18c39dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
8abfee052568144ece6f562bef005aa3

SHA1
2a68d855e33f044f2d12eee47ae2d4e453d8b1da

SHA256
b1a0d024aa50d4e9c917b7d593ade69d0427273d29695f0eabf413dc31b34e43

SHA512
7325a7982eba562386a4e33c7f542e2377ae1625f3ab76f64feb600fc418d161bd556ce55fca294ecc6016651a2bb9f2eab20c5d1d3bf88b0dd7bf50c108e5fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
2e65a95b0209074aba67c5b69715296f

SHA1
a0a46cc033a37c4a81ba5538a14f7856a0c53386

SHA256
89835bc41de413b05b2d164a29165955437b82480675f5fdacd09aea28791553

SHA512
a48ff035e619e8396856e606291e1f80cbdde0666cf919b68f444cc38ae0160425acd2ee5eed8cce93b7b7130768bd7c56f152c3b24a74519a642629c9ac05f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7305274001c2a1f47d623369c764e266

SHA1
5f1e4ee378a64597ef93926ff032a5560cb43132

SHA256
b3aad63ca7732b4f484e49ee12b837d7de70a25396a925fdac4949da65bdec59

SHA512
c342751a87b21acb1db017f0c0d291705373f67cc2361fb97b01c9dd191e5bde30823bf81f7048a30e4dcf8a3c4950a18c458f64a8eadd340e11d8780272fa50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
eef45cf7db4fd81d87ca3b335f38cb86

SHA1
77fc5f82b740adf9cd2b559430e8e801b8db1700

SHA256
90d866f2dfd66b160157fb03319470d81d23265c0c93a7814ffa41cf117a2abd

SHA512
b9e1fd512293e23ac839d48439b97cee8b2ee5086e5427f36a7d5ad456f371a87e8ab48b266de4a3dcebd6f27db16c73f96fcde36f3ef51785beb05a99ae1ea2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
22a94f233d6cfe050f466098a7796062

SHA1
8c719756b7d051c18d79b6fd416038c270b5e559

SHA256
6637e922b539157a12faaa7cd7a0320a9719fed7a435adce27c3bb0cdabf955e

SHA512
a59b055f9dac577ef507b3a7302c0b3cf82f977a4fe1daa684fa7dfc5dd5dc38008b99b7c67d25d86b60343e53d1fdbb1573d10ceb5e91fed6a6a59bb490b9b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e6b7111c20e4745248b9c73e89b392f5

SHA1
53f1eb35a706430977117b73a49a23709eff89f2

SHA256
7c228d824f16aaf0744b1f8f1a7f71063911158e7053dd5ca8bc1e73fd8b36d5

SHA512
1ab00cd32d633ca03a1c7bb6909d286a2e09a6523cbf5c42766e66a5d469385a9014ad796b6261347d9d47418f8210200038ce373d06b82b184725d81a723f2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
66150fdf1baaad6a4d9b67eca8171657

SHA1
18002b8fb0f04ef7b0b15ebf702d17dbaa95f18b

SHA256
f299b09020f751d9d85b112d38e0d777d05fc8221fe02cf5bd5ab9f7fee24ca1

SHA512
5f6b7f7037dee9b9844285e3c8e84b0667049da8878f049405f8999e4facbb4bd76215117200bf7bba9092245b257221673fdd29abfc7a7892c770138a5a75a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
75272d4c9149a1fa37ac30dc6a5cc7f2

SHA1
ea18badeb6e866ed87fd70a28218851636878200

SHA256
1fe75e9354f2bdb70b8c2c4e847b98d81b0172739a115394911a0462d277a2bd

SHA512
50e647dda7d1f465505b3fb6fb325b350beba64710819083b1d929219423afff55462678fa0696a9785b43153cba00d3fbd360812b220bf2fb69440bdccd505d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\e84a7a4d-011e-480f-9afa-846ec4ce8c80\index-dir\the-real-index

Filesize
144B

MD5
d395c774046337003f07f4d46dd1eb1a

SHA1
a72458a5a7f005c5806b9908d2685d957c109a1a

SHA256
00645d56edb756b703581e14cae778cfb49f82ff1ce81a70208884aa2b7a848d

SHA512
6cb9f829cc58c08a7b63c4ddf144e55a3f4126954b419d976e0f27041ce126c18f33ff89f78c502515851590467e9ea5f0b65623a206ba1f90392f69245be0e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\e84a7a4d-011e-480f-9afa-846ec4ce8c80\index-dir\the-real-index

Filesize
144B

MD5
9d82d6fb0afcb73968f4f22c3ddf85f8

SHA1
cbea89638ccef408e6415990487bd847b9eed394

SHA256
24fca6cc31a132f860154fd36159843e65e028de6bd852a489c2eb72e9783ad5

SHA512
af7caac7fad29a5781d2d8a9940eb2058a6cd4ba4c19fbe15c4ea2e7f268e9484a553ba215e0b2f429cf8d2a99a8c786fb937989c5533db47d383d7eb74b7871

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\e84a7a4d-011e-480f-9afa-846ec4ce8c80\index-dir\the-real-index~RFe5b0f4e.TMP

Filesize
48B

MD5
9933c33351ffddd90c46babf7c6dabe9

SHA1
da607a6cacafa3dd4147bcb87ded033db7b669a6

SHA256
353bbc5f67802c519f5bba8a973c348e911b250536e664d04cf7c2c414d22c1e

SHA512
80db26dc0e4019efbeda1b6dc46fc1bbe4795d9d34e8d7f8898a50eef6038ca24e9548298fc2d7e8400b552450f3e0dfc35ff71564aceb4e5a69916e2e67bb5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\index.txt

Filesize
164B

MD5
0c90dc56a4905f01170fae69a0c2f597

SHA1
791f8185b5bafcac4cd2c447f15b1e724f543949

SHA256
137ceff57f805ae695a25d1ff80990701085899e67a0c4bef866ff93d5dd4dbc

SHA512
49c2b5a35db2f6cf0ac5c696ebc025e76983d6abed4426ab3c8c62462bb736c6f906cdfbff4a4c8bc89306c461c44746c4a6ac29ed214da0abb6d638b8a44715

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\index.txt

Filesize
171B

MD5
5c8b8ef54186f4bde21a7ee565a3acee

SHA1
7a593193bf44c8c14ca65d5073f758a678a30ed0

SHA256
3d2094ac94858b62cf919c6512fd7737da622b026295144abdea3bbba8f1a725

SHA512
2e42f88fc8207b3071315eb247847d62647420558cba24798d5a8aa67597c4910aceb7e6f58535c06c15ea7ed964db8f633deec82edf6b07023b05142e11368d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\0bf6ab7f94a21cdc9c1649f884333ec20f40a544\index.txt~RFe5abb23.TMP

Filesize
111B

MD5
cf0d22413b8f597ac1580c856a0e8bc6

SHA1
6aacc98332992e173826010ea37acec7de420b93

SHA256
03141bef01e5721ac6233c6584bf9d2d6c3a19aa09e377e7153d385f136da3c9

SHA512
9c7f06390e04ff99a144cf3d1cc8742d890b056cbcd97cec2702569e945ce6f6b4ef47b2ab91630c3c59d006720419b22a45fe8d666f8312499da95eef13d469

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
f755eb6a9eae14d43eebbf53a82c4fe8

SHA1
a37fa3378a95a923757f9c5772b795e75ee4eb81

SHA256
f8131f6dfeb07fd2f2c37e900c504e3c515c1f071e34209778d5e077f9182ff6

SHA512
0bdfa2bb6d56cc4876371f5a318dcc595554b504ff44d47d5a2b451bed830c60f380c4020a69cb168d6658e35435a90e20afea151a5f771c720c5e214a24bea5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
9d25ddd98d65503dedf9591fa9e44758

SHA1
1f27332e6ad90c4544ac100123e16859dc56551e

SHA256
210980ef4df14e715a432b53404489b8830830f56e195a8d38ea94c28ee9ae10

SHA512
ead21f68b4a29b84096c87f369644b69b71224e92a6c2719af1f1a81fd4e7d45882f81f5063fd766904c502299999ecb8e66857b65d80809769c05cad521b240

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b09e0.TMP

Filesize
48B

MD5
407a5806e15064b8faa73511cd14fc91

SHA1
d6d9b3cc2eef42e050f759a9188cbccd2b596c17

SHA256
d125b45f12087a0509d1ab837b3f55d3bb883370a5c0a1bea6f3c8ee1fa331f1

SHA512
20aef221d8746fb484bb5487385ed0037db98150e5d0981d8ef007c511ff929b103050893b471c810c6bd80604119616af4bf5e0cffb66aab6bc5366a9dcb447

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
b84a9983db6805a3752dc61b80b42d12

SHA1
b234fbf9be2ba4170e2e7a6bd236f540aa275ebb

SHA256
8f78aaec0c439082a7540dcaea0d59ecf47a574b5e4036df3881809dfb98431f

SHA512
a94df89c2808a1963578ddea4c5902058f7a627314bac7e2c45af6554651a9aa6197e4f99880aa4ff0b8f6b7db0e5d7b2e0eb42af8174e59aecb311c9ee73ce9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
0e7e7ae6498b17b776f2030337e8e600

SHA1
dfd7ed6b02cd9818aee2b6424693b0089454366e

SHA256
96eb0e34267d7676e75a171f0949a3f925badd9b02e337961099399fb71133fa

SHA512
8dbd2d888591aef3cf4b7854451683fe4771595823098d64ae70601ee77d552dfb73ba83c3484b943e5112b95fdfe2099e94547a5e257f986dbba1b2b9a78191

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
fdf7a295b9909296c0198ca071ccb307

SHA1
e1f413a352b258c62a097dfe6a4f7c4356f96d59

SHA256
82c2d180174c43f996c9988df1ba34ebf91ec1104b31b7e8a631305a3bd561ae

SHA512
50eedd9c16c435bb27b4fc9e6911fe683054625677df25e369a103decbc75335d2128175eb5150d07352968f56829fd35284c7f352ae88aa5706c137c20a933e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
a79d32215c8b5d5a0ae699d50a88f851

SHA1
f120cc004a15bbf43a44067a55f74851ce03c8e6

SHA256
928b45412d546a5bc2760870d2de8b8789d382ecd8e4e1e2be5ef0cd2f01e37a

SHA512
e4f278bb145dabaff63382055e36bdc34e35f993476a917b737c907908745a46c80bd77ff4a5841d0d5374e12d8391f6639f22f19e27e287ac31c9fb2988fc89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
4e3adb7a72c19ccc1a42bf66ae97c893

SHA1
b831b60733e77e6af458a4f19c3415bb521dedcf

SHA256
6af436a5b8916032afe07d1c20dbe733258606909816c8bc2967c430fb70cb68

SHA512
6ed0bf545b5ae9d896028a7ccd5e190c79fd04ae6fcefabfe4f43e1ee13d3ec341431f6f4c0b4b3f2bdd649b0aeda6ec3a1d71f2068804a8a4414b71c63fbc74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
d3973deda274a9aeacb4792007c5f9a5

SHA1
4bf90f67ab14e92b14d629afe78c7959881e724f

SHA256
5a4b585d0a0882e9be8738b81af2b6c342e0e66d602ce8b3241a2ee32886155e

SHA512
961fcec54ebba078e4f3b80e824f2f7413d601abb1b4a7920f4d924a90c433d276598de20b376eb5e8e7dba2d676bf4b8ea2a490690f7667b346d989333e9c8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
5cfab1c1f5438118fe145b6791a106ad

SHA1
21f85998aa250b628eba2ed11ae48b66235cc152

SHA256
d6232e1c28fad7b038312f1fc743b77e1df48ac0c644003b093e1e4133121716

SHA512
309cb1c9e40a8c4095ec9825fad7c0cdaf11ca9c3b75c18a90c1652c1260672dde94cbb07ac06c33f1e3cbe4526e743be068a08934902ff5dba109210fa2933f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
ce26433ca7221c20ea33b8708559ead4

SHA1
35bfc2cfd0601ebff1860f01999fe78f5e9dd8a1

SHA256
a9783cd7c3bf78638b80bafc1491c5e20c0f32c8f4c8ebf1eab972533eb1ec9a

SHA512
0e6da64d50900cc9414edd36958d8d4edd16d7a79c1a863f8552c28c156b945fb7d0838c03fc64d16ff77c823f876f4dd01da93f32392c3323815ed51e744495

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
adbbf3631aa332809d4f6b0b3bb7ac09

SHA1
01cd5f13717c4a4cb915cfd5b5504ba817e93157

SHA256
578efc60c60c649ac48900f9833ae2328af89a4799e212ebfd78862109a84307

SHA512
a0002c1e7f82ff79bccedc531893a984712c7780314c7779b3a52276859afa0a7b299fa7b749bed86c25b3df926cb992876915b656e768bdf3e69fd78c14813f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6ac7bb43416a29207b5b23c35ac17542

SHA1
0bfca021e9017eb354a10395f6a08f2ab4882554

SHA256
b1021bdc24e739af2bfb49a0b0d3c2892f76c0f5be91301dffeb3b7ac66593e1

SHA512
8033c205cb2131236b2c5c5f0e816c9fb724afbf4ac51cb2642e9a99e1a4e40bcae42553c004c2cdfe53846162cafe5eb098761f4036b50b0b3503e8773c68f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7abc658c8add37fc7ff18a331a38d934

SHA1
af14b85152a7feb6e265915af90cbebb18895ec9

SHA256
f3c9c07cde81fdc895610f40fc48262115f756fce9a810de29c447d7040d45e4

SHA512
aee96d1691a40047140fbcfdaf063b7616ec4b7266201a4583920921de98d6ec886c38985a14aea057ac917e747775a8d91f95b1b180b320c939eca2cc876282

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5b20a63016bad9c87da4887da86a68f9

SHA1
b92946e8f41a4dc422a109a28e4c31fee0dba2d4

SHA256
b27983992c2d835fe66bc97e8e50f831a422265f18662cb811ba9289da310112

SHA512
780c5f49362eec36679931dc32cbffe5be056f950ef9d86651d62c2e8fc8845b38030b4f686477947d89ea5a002b1f34fdea444a66e8c9e7f682065c1130e856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
b32cfca33226fda62eda8c56536a9fe5

SHA1
b1aa91e1e3c87fb21270aad83e85587642b942d7

SHA256
207273fa27f9aa7210c981cd2c2276ab5447f0f66380c0a2e208d8bcdc008d7f

SHA512
bb686d6a102add3a75a2305186f19f1c485ad55a4820b6e7e9bf49075be684fc5e625232f9bcbc269394ffac3ae31b5526e636aca554b4fca03114a1b75aa70a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
394a81536f6fa5fb2d3d5e007f52ef90

SHA1
8594760ebb61884c28dcb21c780d3e17d7caf423

SHA256
cac8cd702e8c683c32182b43b4f5a9a685029530757efc7f183051331356b27c

SHA512
b44c9e4445c322db4ded0f1c6a40a2ee0b27ce8d9a3098f7879e11d9d1260d1ff1fd206de5e390e9c5d51f270ceaaa347b6cade9e799550a98749b7b8bb89a29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
995b69e8dd613bde665b92dbb73cf463

SHA1
a2fa244fef54cb3e6a83fc024ad5908fada2022f

SHA256
c57b5c80d6866980e06afdc4607383844a33e91fe4bf9dcb88058260608b7615

SHA512
2f5cc412d1240a28589ae1186a1b4016ebf10640cfe1765f8ef9e0afb4661907b313926e2cb20b625d0b2434798a9da6cc8240677380de53dd5cfce38aa31242

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
353f1a8d9eaa10367ad280259419e3bb

SHA1
21b621a87255a9818a7c1917d535aad9dab62c99

SHA256
ba6329e6021cae715469a9d46ceba97d1d0b4da73dd9ae9e9063fdacb82471a8

SHA512
8aefeabe4ccb689ddc4761d219ecd178948ca920c8c0be5589b09f3717c94eec7b4ecbcd544e0e588144de995e267484669fdc787f1413a34d5babe4355c0971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
21604d4d76a1dd3ae60e5b20b8573678

SHA1
a48f2ac866b981743f934004978da6ad9b77033b

SHA256
500c9f39d151c8c1b56d8bb2be91f605bbba734f466ee5e72ef228c1d80252aa

SHA512
d888cc7a42074d63a2e5eaa90fe1a2323636c13b917b685db2ec16359684b3bfea6373092a9ed123e2b0f334cb173fc4e3ce9b3c049eaf24f6566cc569749876

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe578220.TMP

Filesize
372B

MD5
ab2649fd78447e4f8649d1b23f9e8129

SHA1
134ae14d3ca37551ba129354312e1f5ce023a6a7

SHA256
62b42c2d6d02628921a1659e8c9787e584be39f27860bde22f0e91ee3fdd7dac

SHA512
2424d3a07c5e91e415f01e1156352a09cba39b01c23c77303114fa5046cc4795c4bdbac1c1b3d3d1116c79757edf7a0b1ccbfbc6aa31ad5316bc74856e195b7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4ba2e7144cad1030fed57680d24ef8b4

SHA1
9a1c67438505ae29efa57cb221fc99fe94c71443

SHA256
16cefbd4fbe55e75011604daddb1e085a817e5487aba679ed215c708904537b0

SHA512
534697ddb6e2679824228b3248606fcd71cebfcebdd32a904c6fe8ad7d86c6a40db2bb8f806573b25fef80e64844419e9841ddf725fb098cd3720625304be236

Download Submit