hxxp://darkwebs[.]ru

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
03/06/2024, 19:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://darkwebs.ru

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2480	msedge.exe
2480	msedge.exe
712	msedge.exe
712	msedge.exe
5088	identity_helper.exe
5088	identity_helper.exe
4600	msedge.exe
4600	msedge.exe
4600	msedge.exe
4600	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 712 wrote to memory of 992	712	msedge.exe	82
PID 712 wrote to memory of 992	712	msedge.exe	82
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2856	712	msedge.exe	83
PID 712 wrote to memory of 2480	712	msedge.exe	84
PID 712 wrote to memory of 2480	712	msedge.exe	84
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85
PID 712 wrote to memory of 2848	712	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://darkwebs.ru
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ad3946f8,0x7ff8ad394708,0x7ff8ad394718
  2⤵
  PID:992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
  2⤵
  PID:2856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2552 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
  2⤵
  PID:2848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:896
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
  2⤵
  PID:4396
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,6604997079165818903,15400238062368976881,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5520 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:840

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ce4c898f8fc7601e2fbc252fdadb5115

SHA1
01bf06badc5da353e539c7c07527d30dccc55a91

SHA256
bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa

SHA512
80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4158365912175436289496136e7912c2

SHA1
813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59

SHA256
354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1

SHA512
74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
af5c928be1e0e9933210fae6a865faf2

SHA1
798b67fcc9a5333551bd2504f219bf5f036c4f01

SHA256
ab4dac19fa70943c26a3d6a76d8a34352226f2e2c505b93e2f4ea8438fc2bbe5

SHA512
c5dd8c78f4386b57ab05e351a9f44924da47f975f089251c820532d776cf72619b1574b4a4632f7f340863887d5b2b2b9e7ee6e3c60109f2ef767e87255b61b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e3686c6c0b8709978f722224c2829919

SHA1
5ade3763bd4a704b1e305aefff521eb452dfa53f

SHA256
98193b278dd719d1a921bf9f1af163a325763e3f2a03fb420b02ed5be8e4441d

SHA512
5dc0b6302b59da1b2d35e6dbeed5c700f50aa7f0f0d27c5037401c3780ac7e76bf1ce28dce0d5062490d78602d9d0c2ade87230f45c73d626057059603d2be9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9c7586be733117771293d833f05f3114

SHA1
7b74b764600201e67cf5037c005185fce6ce2830

SHA256
5639b14dcbf4b83ed338ddd37c35fca38a174e8ba810d1d532879d54426901e9

SHA512
415b710ff05190915da762fdcf6424d4b2e9a9dcf862bf76d7417b40b1d0ec3e49270eb01e3e90b261333553ede0d627bb80ee9a0e34b08faea8c4642c252610

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
967fdb4d58eb2d99540e6ce90621df55

SHA1
6538c7d02ef52e0ef64a925c8acd63062395ae97

SHA256
0d757f44810c742bf9e829df3f177829d9510c11fea597fc9011d893c4681858

SHA512
54a8c39ea6575b66046cd8b72a3b184cc2ab9d9d87726d734377961df43d90df2b3f1880927bbedadb34930e706705a26f28aa68a42df4f614fa83b221741edd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f90347496011b6b0c327d9301109552c36ca10a0\a9fb1fb8-7ca0-4618-a02e-ef5f8954c5c4\index-dir\the-real-index

Filesize
72B

MD5
8c5c57115389b3cca174d29d0b81b16f

SHA1
9aefa4ee5d1d9c602c108b8c7ca12937f3566033

SHA256
7d80e39b82d34a11d094d24dd6418171eb7da16dd037db044817acd8b9a50e7b

SHA512
4f8d1b73afc6e43508884816bfc31ead934b07434daa3bbf640bf692b3d07d39fbceab6fad985509ba4b05c485c95d4e302223259bed8175e4d15a05e31e8d46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f90347496011b6b0c327d9301109552c36ca10a0\a9fb1fb8-7ca0-4618-a02e-ef5f8954c5c4\index-dir\the-real-index~RFe57a18f.TMP

Filesize
48B

MD5
af6ecfa3e1471bfbeb9086129f40f349

SHA1
e8af33ddd6eb402b248dc2cbe836871ae7c8c066

SHA256
34bf939ebc24e31a9be903bba146c0dd3607fdc87d1401012c25a665a695ef44

SHA512
a07978ba29b9ac674c61253afbb7152445acb860650b8ddfd7dcced139b008c5b77f403ec1a47baa5c701f0ee03e2bba60f9a8b84915a294582e28659933e156

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f90347496011b6b0c327d9301109552c36ca10a0\index.txt

Filesize
81B

MD5
896a573cc222ef2ae681f965a1f2e711

SHA1
7e6632ffe1c27e5676af14f0faf8ecb50cc43f82

SHA256
16ad2ebe342dbf848877ad7c69a163ab4015ad2773c8052995fdc45c5a5b31e2

SHA512
821936c057ea32fa9e59324e987bd26fd1a146b7b719772703eb739884ebe23a8fde36824709483208a666c0c35195a35f99ee79e0e0744aa9eca3f7217680a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\f90347496011b6b0c327d9301109552c36ca10a0\index.txt~RFe57a1be.TMP

Filesize
87B

MD5
cfc0a2642f5312c3fb5704d78ec080cf

SHA1
f23e5243986fa93a3fc79f9609d2bf474804e8eb

SHA256
fbcbc7f35c1f4d20287fd2209bf1c1a1bff20336464583e1a07b1726c8469f34

SHA512
ccae0cf604d555aaa11a2596e2ac025f53a576ca8d266a0c034880cc27e73dc9b97f4b3e3164c4ca79001135458484329075a1834b3d07d58398219d2a6e6e14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9639bbc0582d1d3f6f0757a81078415c

SHA1
0917f0cf8a57114f459e55425812f3f592fef0a5

SHA256
cc13c866b53cd0569ae31f21d70b9346f753b26cd390e867a3325866edcf7479

SHA512
869581bbb5f6eaa57bcf60ffb54f7e7b63fdbfecc871780a784395196c2527d3b3cd1dcce5ed8b907bba29740bcff4f2a9448933325d13a39edb31e04d0d4b29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a0a5.TMP

Filesize
48B

MD5
18f383f7cc237b59f41aeb6b1a76cb0c

SHA1
57001a94c884f4d9c7694b73882f1262af1bc381

SHA256
052fd5de171dd69e4847f163c991324b26812a654a2741bc0c0477d46625935a

SHA512
912109ad6ed8f72b798bb2b61235b1332a9b70fb7952afcd94d5a50389636f877bbfcef76e112cfdc986627ba8a772a74028304cf761295d48b5fcaf9691eda6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
b2da7f55de800b91a5c43b0acdba73d8

SHA1
e35b320ff18c44ed08c1c94bf7712ee58b3afe4c

SHA256
a28b638c7d4310e3b1079e819636157453fdff07052cd1adcd8a6a069326f4a7

SHA512
d64c378ec9f45196832e1b37a0692b67d59cd1efeccd6bd3548b8532aa7ddfd896d5bfd83e6f26373361de2a2d2b3ea0c6cbc4a166749020d76608355de9fc77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
fbe2576ca3b644c2013b1e5367cc5067

SHA1
614880b4c707d39249b0ceff20cba1010920ce62

SHA256
2268e998748f43e9629d5be19000d8e7b594c15088e9fd49dbdf377c86027230

SHA512
58ad30c7b3508c75a3b14db3f2155a34a9f3c84319c5b88f8b5c774e1fe60e12b6a730c7a32ec3e94ffb82b29e6a62c453c712c964182ae3e14a7ab982af761a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
5a9a53b6ba9c97203da4f12cdf8c3e64

SHA1
c6260b6b7ad71c86b8c3b5d57822bf873b5cf4ef

SHA256
2d99f7ac8b94de782f5c5ee24ca68d72b03870549e9920c0fb894f192b2c38c9

SHA512
f0d1a262d72c338b41be8cab0fd429c16436899bf264ee0902921bf57b1271c7d11cff57a09c818fc65bc83c8ea2a81dffa5826307e74140e83e281054e4db92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
01cd8500f5be9453babcf686d3079ec3

SHA1
1474a192dc0685055108961bb67dac91b333bdf3

SHA256
f0ff248ab928d74be028cb6b2cb74e536883087c383a48dc39e289519fec5ed9

SHA512
3b8e278b882feafd93841aa9afeaf1833cabf46df51dc0ab2a775b5b568cf0199d063f6f6ba8fa25ec5f05a8c0f39c166c871d04d5b6fc0bd0380c34c15bda3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
0e8fd05e5b6b24c1b6ba75e01637366f

SHA1
1fe7030f48f34cbee63f4b643930e25baa5085ed

SHA256
50b22091ae409b4fa9b6b31d28a78e58dbc85437a13e83b7d54572590b02ffd9

SHA512
b3490001280a964afcb98f0c94866242a26bce14a08850a926e0387737cfba034d2834d714a8b26171ed2355213e618b1e37f9b53f7be73406b08b82dd5f0754

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
e1e858220c18d8c0486ce62b2d024b6a

SHA1
03bf1b7a42b82a69c41ec8f551f2505ed99006c4

SHA256
6254b90dbba71e3960ecac35c4fb3794a75a18ed4a713fcbe7286206ae095b76

SHA512
2e2afd8c5dc19c52c6631be33d8fde6e64a3f1158abfa784d142da29011b5d980c06d74b456fe946701940c42aa94a80f452c1320e781059ac8358ae8635fd29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
329ba809904712e6c8886ed1d6c52df1

SHA1
495bb5cb5dabb405aaea8e72f3d1174c8b4706bb

SHA256
a8139158fcae7fe4430fdb4cde8ac92ec102e0c498fbb9156390d1392239962e

SHA512
f93de1a8e66fd5ad759d8f57a90cfbb7be33fb6b6c1926a8d2a0337adc3cadfc9e84eba548e5f2590edc265919acbfddfb88a79057d0ac73ffca7611eaad82dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
5f30b5034cc014fb91225af5bbfcd7ed

SHA1
efc88203f2850cdfa6ba0b448cde358248c430a7

SHA256
72883ae6287c003b895cfbe4fcd14fd5cbbd44d329545e98c9dbeedf9e3b4d52

SHA512
59770246004b3298f338af96006115aa747990b0ef20f29fadf6818d77fd6b04bc5c851748f88f02aa28853aa8e377ff7cbce70a4ecb4948ccf72f8f2f2e7b85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
111bbe03c0769f76a68d2e56d35acc97

SHA1
7646fe8437b715706a6cdf743f4a9bb8a38c06c0

SHA256
ec526082c27d849f088561f0dbf66ddd05fa61f5cd165d61ed23f6f707f43d03

SHA512
8ee109b8bd23818b869e7a00bb0b70df8ce53fd6749e58dfde92cdfba549338e316458f0ede209eb88d5d77a67b6afa3dcfd45d390c9097707e008cef9d8b00a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
25bb22861b89436a7f2beb58310c0663

SHA1
65b4a935cff11c7746724624d7d6888a767753b5

SHA256
adf6c303e1c796fe0ff86a7acff94941bcc90ec0605f97d33ee33174b7ce13ee

SHA512
d39dbb75cc4f81b36a3fcb2b95b84056fdb900735891058f727bcdbddf20c45753b88d3aaa3521e10b1e9ef1a4f15186919707e282b2c79d2cc6effb628a1970

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579ac9.TMP

Filesize
874B

MD5
4f6a8b3c4ae453ab4ddb4e1a636ab88f

SHA1
4f1860259689f26db6ec652a4a24abdd17bb31e1

SHA256
6dce53ac3013c0f878bc50f501a74a58653e94a56422d8e7e754677035ca3fb9

SHA512
ef905102ac332ad9e32f70ce3270a00f0f43d1efedd901dc2efc59b351a2758398698007680ef8ef6cdfb335ae5cda3c51b8ac7502a58c8aea0da96de21f4c0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6a6d50e6f8f2296463d74f3dbc02806d

SHA1
ed0a250ad6ec2865b47e9fdc2c50b00ac28fe005

SHA256
095caf7b9e6ee302c9f7c0b1fb89a026182f5fede73baec7b5fb2762038909e9

SHA512
1ffa2ba421bc54e4748cafb393b8d452c6bb37c511aa749baea331fd1b8904fc59ab88dade895d0831f49a6d25d6d0ff742357619422ca853046d357d68fa4e2

Download Submit