hxxp://wzv[.]miallafun[.]com

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/06/2024, 15:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://wzv.miallafun.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3992	msedge.exe
3992	msedge.exe
452	msedge.exe
452	msedge.exe
2660	identity_helper.exe
2660	identity_helper.exe
4528	msedge.exe
4528	msedge.exe
4528	msedge.exe
4528	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe
452	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 452 wrote to memory of 3524	452	msedge.exe	85
PID 452 wrote to memory of 3524	452	msedge.exe	85
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 4900	452	msedge.exe	86
PID 452 wrote to memory of 3992	452	msedge.exe	87
PID 452 wrote to memory of 3992	452	msedge.exe	87
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88
PID 452 wrote to memory of 4804	452	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://wzv.miallafun.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb884446f8,0x7ffb88444708,0x7ffb88444718
  2⤵
  PID:3524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:4944
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:3644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,13647740726836111221,12342948038007768354,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1336 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4528

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4912

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1900

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56641592f6e69f5f5fb06f2319384490

SHA1
6a86be42e2c6d26b7830ad9f4e2627995fd91069

SHA256
02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

SHA512
c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
612a6c4247ef652299b376221c984213

SHA1
d306f3b16bde39708aa862aee372345feb559750

SHA256
9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

SHA512
34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\629f694d-79c7-4de8-b745-ae2568c795d0.tmp

Filesize
8KB

MD5
e93c3167587f5a75fba39ecc8599cff2

SHA1
ac723324d6efd3879c803660a7186b96f2ee13c7

SHA256
c26cf04ae7f288de999754b16dad86386ec39d4f2d0fe521dce2ed0c4724bbca

SHA512
5ee5b2fb51f8f270c3c84449e86ba27ff79ffaea416aa774d8bd3185993a3571b1356b497ca453338ccb6114c589627aa61e993d97b34c48694dd5b2d6ed8f2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
e381ab16497739a08524afa504cecadd

SHA1
0032d6f633daf494cd3f812ea2b9deb7b7b853ca

SHA256
1686f4cc47080695d76c6c9b6f8b37cafeafe0500ee11dcf83d3b94d88fb7651

SHA512
a505e224aff7f066f5851938ca3e91efeb89ee023a20a38f9b61c558b7ba66416e400f2165d9bbf0203c861b3862d7f46c9c798e20b1bad4b34c3f4a05e37bf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
2c8fd24da03128095d447a5c34cb1588

SHA1
eaca6641f27a42bf6634545ea9b7f2a729040705

SHA256
61a503888f4c56e17ac0867ce18b8013b9a7ee516a1b8783bfe34601a7b6bc54

SHA512
adfdf72ddeeaa3087adac293e54db2f15a5d21b579b7a910316acaf2b8d8be9cf3b8f65faf60462e1ac6451d48f8a7fad5a4486071dd75d9ae10ba0278d22dfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
e6ceaffad32de94ac4f2860b3dbafc82

SHA1
19366dadccec173ed7b025f4db470b26ef0d4c60

SHA256
b591a2cd17ef175c2108ead4707cebf8ab5916414175299c1e39ef23520f9b77

SHA512
14bd04cf45bfd88fdb51bbc4544f1a9234b0e3cf0dcaa6590d7c6793a74c4e2f768f71f297b802a8d17e3f69edb94923ecfe9cca0077cbd4445c840ee9ff5e25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.localflirtbuddies.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
eb5b240a99d8b9badab72deef417666b

SHA1
c3cb2f1cc5f775146cdc7d6ea4044c987987ec2d

SHA256
801fc7e6f2e93eab282f717fcb924339fa0e074dff6af853f38aa6cae569390c

SHA512
f175e0968857407f5f5a3383a03b6ea91cf15a3cddab72458fddddfd5b459f64ef39d9094eff40b1daa2e44a2e441253d85d56e849e1b0bd8e2bb7a776e2fa38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
91561d0164fdbd62ba967735760534ee

SHA1
1ba550b0ccfe9a7cf866f5a257bf40fa14f146a0

SHA256
4a0f99ff661cc2181717f659ea1ef63decff83dddb6a389a3fbafa20492d619e

SHA512
229e06acf9c12cd3e6346f99f405b83ec2d66494ee306e36c88d9e617525b9202251709298afb6bf13decec4c6d69c60fe2033adbdedc18663b24062d7679a8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6d2306e60bcf8a7e6791984624143c5f

SHA1
a0dedc4b716c36d0d9a23e916b3cd9133b16544b

SHA256
ced8202c5a4517f0e646055ae5dd3e9facf6e6c8825d3daa826bcd9e882920b2

SHA512
6414e3db050c81dc5ae5c45497e260bd37b0c0c3bdb63886fccdc8a041e8f710e42c88a2a6e1b306c3b3235f096f7f7f630d1aa2a37fad4f780264d630441851

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c3e389fffa5345c68f281174586c3426

SHA1
2541fb42341b347aca56a1b2c536cf25bb6edc51

SHA256
65776be912887aa5eb34c28c1e255c44c0b8f2f82b87dfdd291e40ffc3d31ea1

SHA512
690f89ba5020faca81dc3e1eba154f55aa1da26aac5ef7adc25e263b24c7bf80de442fc27efaa98b7cd2e9914ea783a114afbb081082a1af8bcd13cbf0ea374a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
73b630ed5c42418ffd06a3d2bcb884bc

SHA1
36dbf760b7a4f5b39ce63a9c883f8b9d424c644f

SHA256
aad6440d4a03735b78732fc023b38557a1b8c608b5be33f4798457d94b0e7428

SHA512
f0d50b1105fa73bee7e5a069dd77f14cb3b14dd4c284f5446aee5ccbda7ae793be8ec767465e7bf3deac42d681c1e70fecc1f07535f69819be2a194a3de0a907

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
6819b4a114c9784ae662a18dcd7c1eb4

SHA1
479f62a7bef642282a8c67f05bb3b77086a6b7b1

SHA256
f0b9adcdd58badd361b3659ea10a3526735b366eb45052ff5bbf3dabb8113358

SHA512
ec79adb090fe9e5200d893e5766142906c5094e8bc03a1a79682b186a0a1f0c4c5084ea527c353568ca7b0f93b26a3679b74323779366f69b1e5c7d742fa5252

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d868fa6c656d3e204785a4cc837a4675

SHA1
140028ff314fb2fcdc4fab90c44f7e96e60cc0a0

SHA256
e57146ed198503798b09bfa9f01d200be87d4b6e746be38b768dae55bb3aaf7f

SHA512
decb9a9bd71caccf0ad4173efb344f7c4052bafdd2cd5a2d0d610f44883bb85c3a43456d5287f83af305128d9846c7695775790c02c4c2379382cb5e09927d84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8a0f83b5274a5a9de2663a71e850b56f9a88c645\4c893e9b-dced-4305-adc1-dd37eb6d3655\index-dir\the-real-index

Filesize
216B

MD5
3ecd7871fbafe61bf09a4cc18d0ee4f3

SHA1
8f3bf8b6ac62dcd38b6ec89ff020d74dccdd287f

SHA256
d4ec311e73f13f56e4f8d1e4cf43adebdf5b01c79957af140b4a05000b35dc91

SHA512
d8ca37f1e9f8e57ad6e2c06f68c17c475c231595a838c5082e22216cc680fdbeec7db9269c4442b93a46354ecb34bcfde1b9069a441087857fdb9d1631b3495f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8a0f83b5274a5a9de2663a71e850b56f9a88c645\4c893e9b-dced-4305-adc1-dd37eb6d3655\index-dir\the-real-index~RFe580c4f.TMP

Filesize
48B

MD5
a7563a465d83adb42b577d47c1e698e2

SHA1
165fbf18a8750804530aa9251db14c6f4d0622dc

SHA256
a4227696ec5c63900f267df8952b7fc6d2c0a1c48ab7e0e67de98e73663c2400

SHA512
16851f00df0eb6263438e43f5b5e72e2896c1fcc5591568c74141d0a07312aaddbeafc8b5f4df9155ad63596a5ed0f33b0fd0a53a62c971d0c1572596fdd3f62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8a0f83b5274a5a9de2663a71e850b56f9a88c645\index.txt

Filesize
128B

MD5
be5d2498b24409d6564e9f54d6d830a9

SHA1
d1e7eb39e21cd9dfd154fdca2fe282e8a0f53e61

SHA256
05338749c42219727fb9988094774d2a3ca9c1499657df3eca7646c7c5e0ccf2

SHA512
1a982291aa952ac038f63be815ec9e546fd14ea34a5690d9cb01453c4d4b8eeeab47c0ab8fed7a832e8c67077cec3468cef9defcd87c236e3dec76e167c2cf88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8a0f83b5274a5a9de2663a71e850b56f9a88c645\index.txt~RFe58581e.TMP

Filesize
133B

MD5
ec9763f98a3ffe3f3a506a061d77180d

SHA1
8b7d5981e1bd810f0fcfac5ca1eb269edf628a85

SHA256
97b4c2cdd1a8ba749cd33ed94aad6f39a1144a4fb7331d5ff408b600a6dbb936

SHA512
8b6c62cd624611d9b91d9d32d0773a282de268a018d72168c2d8bb70c2d177d5d98b167647a93a8f80e920bf6899f160adce0f546da8668bfd12bf2d31645008

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
38428dc6ea2c84db63cda5e2d4d4a634

SHA1
f2affde4fd42921d0669f92c3b5a74ed077a4209

SHA256
8c9d2985c8246277f621eb86f4f2b9b5bb4269bc7d969df8005de19532a14cb4

SHA512
4f169b92ebbcd386d507b9175c0084ac6d78f68171b02c83e228ddac9a035a41758884b74c798556505eac40a0a6c8876519f3a2c85b1841c36f23d313d71397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585a7f.TMP

Filesize
48B

MD5
935994604099c76631c882dfcf2053ea

SHA1
830522bbba24edf010cd08e9bf33b0ec4c05d565

SHA256
ddb0526444ddd3a5acdd299985c23529723000c4fe6e092238cfb4e7be98c28b

SHA512
b28c1a71044653955ad619166f7c161256f96d58cf30de1214c967f8ea2d40f17cfacfe4c1818ed713e6548958cd63dce02287f8711fe190b7e13032fc51f4e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1f1d8a1c118e76199abe189ea609392c

SHA1
fb386beb97e9855bd650189d51a5fc8de385128b

SHA256
dedf0036753c15a926e1108fca9ed82f980546c7a5c46666cc79446e5b89b3dc

SHA512
48f71c5a7178f7e85ec5bda10eca78d7f9e554ca7bfeac261ebd94d132dc52609c545437d9ba65997b544790f3bf62e96828d9ff509f9f239bf4ed83aa47f8f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b8ed3bcfc519196ea1c43eb50617a38a

SHA1
39c009a9151af8040b8fa4af42fc6d679a9b8663

SHA256
a1f88161d51dfb5724cbb3b0d7b781926285c3960a6a91e8598c1ae1ccbe050f

SHA512
41f539570cfd0e4a43c5af1ff9669e35b07cd164a23773147c7cd0c7fb4f85fbe34b4a9dfaf51822f564660d862a239aa6888e80c048fa2f6bd48435e3f9cb59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
705B

MD5
6345c41fab1d6f571b1565b6b2483387

SHA1
e562044958a9e84c29164b38b38c3d25954915ea

SHA256
a83408ced4536df35efebbb2c0545c056e2e5f137493de7ee4b0e005d9bff184

SHA512
f0eb0a479c0a444508723073ae9cd35c2c146e7b9190606385cac5d90d6c571ab5390d346a8bceee21b89ddea590e7f6752d1384aaf006d5f5b30481bb080efc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582c99.TMP

Filesize
371B

MD5
bbfedc677d0b343520976b173edf6034

SHA1
c1ccceaad82283f533d1abf851dc8e7364435f88

SHA256
4d1144111a2ea00e93aa152314faadfc81d14473160df35cda58023f3b1ab169

SHA512
df36438d95e6ea741e3b214d2379484895bf1aa627159190875e8f71d680efcf1c0aa266f1b25f23c9f124bedf49a72817c1732c78dc7fd4473778811c7c2507

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
57a4a554bba9124f0b6dbd549c73b39e

SHA1
f1c721053ecc56f4e99bdede940d22fe7d60193c

SHA256
7a2d364da26fbb022f90599ac78a46cfc4ad13a97a8b47d8a5f56f11d3ab13a7

SHA512
c968250b9ea5a3f9e5b674a08592a98e649470656074f6f3f75dee7a0930473ed23624c02773a74f1d6323c90d02a68373cf003d332d433e2feb190dfe0290be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3b10bd0d98a95d6bcfb84783c63a0a62

SHA1
108565a3c207f41b3ebcdbb1afa2ad0528d33aa2

SHA256
dc7af7d0339f3d91b01abc9eb9297d7f80e81019dc6932a376513f6842e80574

SHA512
ce063a4bb2aa786b40c443a02883fa5a9466ad1276d4951754644e3b9693c9f480d1b394a26b211ce0e399fe9e345e4c7d5f13e6f25b7518505ff29d638f4860

Download Submit