Analysis

  • max time kernel
    45s
  • max time network
    49s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 17:30

General

  • Target

    http://www.twth.org

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.twth.org
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3256
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe103746f8,0x7ffe10374708,0x7ffe10374718
      2⤵
        PID:3936
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2
        2⤵
          PID:3840
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2548
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
          2⤵
            PID:3276
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:1424
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:1988
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
                2⤵
                  PID:4692
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 /prefetch:8
                  2⤵
                    PID:3892
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1792
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
                    2⤵
                      PID:3532
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
                      2⤵
                        PID:452
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
                        2⤵
                          PID:3764
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
                          2⤵
                            PID:628
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2228,17073448083114875527,12351834568570438969,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4876 /prefetch:8
                            2⤵
                              PID:2380
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:4768
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:3892
                              • C:\Windows\system32\AUDIODG.EXE
                                C:\Windows\system32\AUDIODG.EXE 0x244 0x2f4
                                1⤵
                                  PID:3976

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  477462b6ad8eaaf8d38f5e3a4daf17b0

                                  SHA1

                                  86174e670c44767c08a39cc2a53c09c318326201

                                  SHA256

                                  e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d

                                  SHA512

                                  a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  b704c9ca0493bd4548ac9c69dc4a4f27

                                  SHA1

                                  a3e5e54e630dabe55ca18a798d9f5681e0620ba7

                                  SHA256

                                  2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411

                                  SHA512

                                  69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

                                  Filesize

                                  1024KB

                                  MD5

                                  690843763a745405d596d0a2ff98a4ce

                                  SHA1

                                  52beb23399fb6e5dd0725763271343c5aec5dff1

                                  SHA256

                                  6c6047589699f05806858a3e250c3dba41c1130b5c7f85fab65aef5d68fcac07

                                  SHA512

                                  58880b31259cc3d9fcd2d93727dad70dbdf2d8d4d62b3235b332d4e7c972fc386348ec20d145f375db7071dec6fcc93c59e28ddf76a41fd1554ccb3a3c0bfc7c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  432B

                                  MD5

                                  a7b0c41fb7f29cdb41e45178955f9c48

                                  SHA1

                                  aae21f6fc41e33f9ac71e94d27528a852ff4ac30

                                  SHA256

                                  0db3d57dcc387c0c81ba2edbb64b311cad52a53cfa66bbb86e94181fd61acbb0

                                  SHA512

                                  18e82c38ed7e4f39ddf763653e16f7a11d90ab72bc48049cc699d851bdd07a87d1d79a3576add1e872f7fc9c950a2305ebde17586bf35d571f8b341124606578

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.thewaytohappiness.org_0.indexeddb.leveldb\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  46295cac801e5d4857d09837238a6394

                                  SHA1

                                  44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                  SHA256

                                  0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                  SHA512

                                  8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  6KB

                                  MD5

                                  07a1aa40c2a7382da4c2e6461b7c08c5

                                  SHA1

                                  2be68db1627f40f4810689a15d5e601b920e3fd7

                                  SHA256

                                  72f75de501ac709c01cfe378ec6f52bb86c1e7f3f3f36a6c07e147302bfa09d4

                                  SHA512

                                  0280858f553a629af13582bf4b89c44b98ef9d6e49c6e0d5106bb896ff46e5560bb6055ff0ef28a5081c631a3f9846bd410f85278603e9721fc841309085da12

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  da68bf253ec4a96b7d250769c56e514c

                                  SHA1

                                  6f10fc33f75629a0692f5b35dd4c44a4fd7f0069

                                  SHA256

                                  d00319ee6055d34e637bed2fec3b363e10c9d96bc8809eb910cf779fbf98e7d5

                                  SHA512

                                  58d89b57652551bf0ef9b6ba3763a3e1d04fe2f07ed6f2b5309eded08b8c22a589412f94b15050d4c96f7de923be31e838e17de3de42039400890c80f7ff8b6f

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\19f5bc57-59f7-4448-b9d4-49137e947b9e\index-dir\the-real-index

                                  Filesize

                                  768B

                                  MD5

                                  7906189b196fe36f3d758fde61aa11bc

                                  SHA1

                                  816246c4235e2c69f2cf8ba5266da5ee578a1ae6

                                  SHA256

                                  29828ea9b13a63717e825ee1df4d39c662d0f209dfaca545b4a89a1f2822e140

                                  SHA512

                                  46f0482c341490cd83fa1163ec9ebeb4a83d7dc67e983dc5504be80a0f641ca07946d71b869d5a5d6282a4d91378715262ae69bb4ac31bebee53f7218668f1fd

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\19f5bc57-59f7-4448-b9d4-49137e947b9e\index-dir\the-real-index~RFe579942.TMP

                                  Filesize

                                  48B

                                  MD5

                                  d2ed0034b84349d9b6cfc4c8c0eb0ae6

                                  SHA1

                                  fa659a0e475497376eba90fcc3cb9dd27cfd9676

                                  SHA256

                                  8e2cf99ada3f46dd96de222858da17e8dae06dbe070e38a1a7aa407a9302b182

                                  SHA512

                                  2fd365799c2771da9688260f7c3fe4158269d029f7bcfc84e91220189da8ce06c3737034ad90642878792e455e1895da0d80c8def0483078b753eb2aeb6cb140

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\71e5607a-7cbe-40df-934d-84c8cf8c4c37\index-dir\temp-index

                                  Filesize

                                  144B

                                  MD5

                                  2b540434ba6f1801f54c9901407e06a1

                                  SHA1

                                  20137ec1d152d24869faccb6c9f2cea034b2b956

                                  SHA256

                                  f0384f25c1255e7d399a5c9cabba7273896b368085eec7a9d3f2cfedeea5bb35

                                  SHA512

                                  6ab1b9c60f6d3f0055ef79a3046971f8dcb39269021aa00aba1b5e629e288966b538808e600a1fd4d540c6f4f64432bc4e6afbf50733450024c0bd28a3f93f68

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\71e5607a-7cbe-40df-934d-84c8cf8c4c37\index-dir\the-real-index~RFe57950c.TMP

                                  Filesize

                                  48B

                                  MD5

                                  3099afc352511619b6898cb0b7fa1f0f

                                  SHA1

                                  db86e6d5af39931448897bdda74fac2da213190e

                                  SHA256

                                  86195832d990addab5fb9266ff0e86adb5d6a2a92811b94e9a8f1a9a9abbf2c0

                                  SHA512

                                  a1559a2bfea7c99de3bd34ff5be0f0d707e59beef424798f8c8d75fc9bf9edcaf07fdbacbb6696d09d8d33a04ae52a59dbef4df35523c50efc286e22f3994555

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\dd93eac6-3b81-49c8-a9ce-1d8bbd43b0ed\index

                                  Filesize

                                  24B

                                  MD5

                                  54cb446f628b2ea4a5bce5769910512e

                                  SHA1

                                  c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                  SHA256

                                  fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                  SHA512

                                  8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\dd93eac6-3b81-49c8-a9ce-1d8bbd43b0ed\index-dir\the-real-index

                                  Filesize

                                  360B

                                  MD5

                                  e103423abfb12066661045e27a426872

                                  SHA1

                                  5a70e8d3a53512b4c168b62a6687e52058e30c7f

                                  SHA256

                                  4c2f9ac88e219d07bb7aa6b5542b6e743ed49706a13ce3291d83494383043d30

                                  SHA512

                                  c844b2bbbc6dfc13aa20a34a5d44da2dba6c08faf3b7acc07efbb8072eb3ac5a5fe75ee334d6cfb7d43cda2a98a11a06489397baa4c9482644406a48d975b722

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\dd93eac6-3b81-49c8-a9ce-1d8bbd43b0ed\index-dir\the-real-index~RFe579a4c.TMP

                                  Filesize

                                  48B

                                  MD5

                                  1590bfed2b42cf09b51d6902c021b221

                                  SHA1

                                  29290b4702abfcf1924bd12a928aad3d025d142c

                                  SHA256

                                  b0d7f4a198bb5d8b2c6f4334adbbf2fbe52cadbcb028fb43ecde14eee283557b

                                  SHA512

                                  2681eacbc04d5233b9df6c7272ff78ddc9e0fd1c78f515105498af6446cf192119be7c54e3b51962e57b56e3f94b449165a8cc8f36dfbedb41d3ce467eea4fba

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  263B

                                  MD5

                                  44549d8a7ceff69505383bc2a08283b5

                                  SHA1

                                  cf6f1f27665e2c8a2009447dd7be8950c75b089c

                                  SHA256

                                  75af890742c91924cdd6d91fc23f1d88facbaa3cb4b586a82f20123a2bcc6e7c

                                  SHA512

                                  2b68627c06a9eec5ad5abe977cdab48b913be007e2799838d1f906fe1cb55af06a4fb31b1e6a90adb75d42dc0cca06aa4b7513f2aa4c2aaaab119d8d95e95f2b

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  367B

                                  MD5

                                  fa0403800a26cb55f25303b2fdb4a7de

                                  SHA1

                                  4badd3cfcea5c25d8ca23e8f7fd0b2332075805a

                                  SHA256

                                  cb1a635fe611941af1445b5336fe8ccdd9601db029f660dbf99101ce61b17460

                                  SHA512

                                  6b338673a018f21d17bb9901bb623ad93e79e123de37f21f21a08d90fd27480cc96f4d8c49dacb30b1645681fa0e8ce44a27b997fead7dba18960030a1b0148b

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  242B

                                  MD5

                                  bf2d060fbfcae0e0712b0de97a8b8180

                                  SHA1

                                  7764b5a89c7eab4b05f054875c30deb8b024b403

                                  SHA256

                                  0ae17427f6ac2dbbb5fcc234835451a84fb07887bf2c5351c42055e1aa5b84a2

                                  SHA512

                                  b3066b40b5796ffea6c80c3deca65e6af36f8ebc72151c0eb2fe3d3a8e7748473f468594efadbf73b9f57a2484364c6c0cba2f065e7b99b4fdb09244ffebe0f7

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  306B

                                  MD5

                                  e0acafb598ce5c6ae576ba8e90617f21

                                  SHA1

                                  8b241223b70955643d0cda659010fff114bf5c4a

                                  SHA256

                                  5d1cd583719fe51a5e4877f34a0165aab35b7958390f7e094ede823f3df396b5

                                  SHA512

                                  7d8ce33ab4b4f81be1d9a6eab8d423db55039d4014b122a20adec594314ffdab490acf142cc19b3c5e77befea78d0b75e6daf70fbb619bdddd7290f7c6695b41

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  363B

                                  MD5

                                  ba7f3a10cffec03eabd58d7cccc26c34

                                  SHA1

                                  89cf0b8dd42ce4c957a49104da3557fae3528efb

                                  SHA256

                                  b3775e0e4a2e806e9f08114e4bbe1e7bd2098953eb38e66947c92b6340f26754

                                  SHA512

                                  46689f02470e96538ed9dddb4a3497a201d551c62822f01479cfa58a7349fe0f38641ed914ed825a58a46397d552ed7604bb8a276011d21996ebbd700278967f

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  425B

                                  MD5

                                  af8aabc9cb48bfb1073ab22271069135

                                  SHA1

                                  853ed13900b182d3c25c9a2f01d297af9af91247

                                  SHA256

                                  2447333e2644a947c018a7b9de40915346eb080cc82f4f8d3e0ae17da698c873

                                  SHA512

                                  c7008edfd63727bff1a8b785aeff518c84391534452fc8632de0a89463366171ce4eecc984e28389b2aae835efd4296eecece536e7c89268d0c7a1cc3e9caf28

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt

                                  Filesize

                                  428B

                                  MD5

                                  1709860795eda7cfaedfe7d0ee9829bc

                                  SHA1

                                  ddcaec0211482b522aa42fe4f18197feacfa0ddd

                                  SHA256

                                  4631dd8756e7cb8fd6e01d7abd35a27a8a421d8485cdac4c58f4d1378631d8d1

                                  SHA512

                                  bbbfe45aa8cd2dbbc3559b5931a10eb813108707b03cc769d56fc40bc63a24db4117fa716a53c226aa197d1ec4ba106551a0cf7d6c2de4627a8ceb86a7b340e6

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\344d5487551c3e70e7fa0c55883d273f9ea8ab1c\index.txt~RFe573e9f.TMP

                                  Filesize

                                  145B

                                  MD5

                                  074e36825c51575d9a89a59e178eb047

                                  SHA1

                                  bc081f54a42f9b65dded3a3d4f6f20da43b215fc

                                  SHA256

                                  08fa6c34791ae294f19e35f3b5b758a779bbb7eec4e1eaafbe5481daa883d558

                                  SHA512

                                  9942a6746397621a9880d6b6cc1d82a2b215a7a726d5be17f70d43198e13eb30e06703b9a6e0e7376dc395a07d4f5fe5510ac8ad0c297547c53ad9698cc8a8f1

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                  Filesize

                                  72B

                                  MD5

                                  b65f2078358deb2a3df323e76dd4d590

                                  SHA1

                                  38ea5494d5a396bb74922db8bec1a3acf04206d3

                                  SHA256

                                  cb74245949b824cbd80935b8f7a7b59a49b1db76a37d582de39ccdd32eef8255

                                  SHA512

                                  9a6744960c4b6a619375313a9dc7fdc349ca448a7e52078cb02d1cba86fb896a5b54ea261272f1eee240310785fb03826f79089441312f690cdb78e33e69cef0

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578cbf.TMP

                                  Filesize

                                  48B

                                  MD5

                                  d222193ac952fb58b2b6eea791b98def

                                  SHA1

                                  7691c2dd3f42ecee8705b9620c0c6d57983c2027

                                  SHA256

                                  0bb1f37b252d7be29f8f4483662cd900d69494228816dc50f9c87350440bd840

                                  SHA512

                                  5eda10ef5f7b771344d1e3d244d53bcafe767a7f3919492459af4b3d65ed9d9f0eb451ec6d05d95ca4d34756caff0c3bdc7de8cdf8ffc6fce5e9a9191c67edaf

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  6752a1d65b201c13b62ea44016eb221f

                                  SHA1

                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                  SHA256

                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                  SHA512

                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                  Filesize

                                  11KB

                                  MD5

                                  ed424c548fa7070c292ab9e0a76ca419

                                  SHA1

                                  f06efb0a5d94fe8e8e77b0231c8ba26ba40458ea

                                  SHA256

                                  67d71629f0c8931c2db6d8afc751e0622f99dbbdbd2418ed378de261e04504a2

                                  SHA512

                                  b85fb999c1aef60f0aef5a3b97c835d83bccc09f32d33a226777111dcfb2369ec69a5f347df3c2a8df4e3154dfd7732eb61cbe26e87dde08d237c2ae7a0991af

                                • \??\pipe\LOCAL\crashpad_3256_TBLXQGNGXCNSJMAS

                                  MD5

                                  d41d8cd98f00b204e9800998ecf8427e

                                  SHA1

                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                  SHA256

                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                  SHA512

                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e