hxxps://www[.]xvideos[.]com/video[.]upkpbfhfe0c/mama_puri_part_1_hentia_uncensored_

Analysis

max time kernel
138s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
19/06/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.xvideos.com/video.upkpbfhfe0c/mama_puri_part_1_hentia_uncensored_

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2080292272-204036150-2159171770-1000\{F6437134-41A8-46B0-9F57-22C9834EC4E0}	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1312	msedge.exe
1312	msedge.exe
1156	msedge.exe
1156	msedge.exe
1912	identity_helper.exe
1912	identity_helper.exe
212	msedge.exe
212	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe
1156	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1156 wrote to memory of 1404	1156	msedge.exe	86
PID 1156 wrote to memory of 1404	1156	msedge.exe	86
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 3188	1156	msedge.exe	87
PID 1156 wrote to memory of 1312	1156	msedge.exe	88
PID 1156 wrote to memory of 1312	1156	msedge.exe	88
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89
PID 1156 wrote to memory of 2636	1156	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.xvideos.com/video.upkpbfhfe0c/mama_puri_part_1_hentia_uncensored_
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa9d2846f8,0x7ffa9d284708,0x7ffa9d284718
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2416 /prefetch:8
  2⤵
  PID:2636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:4276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3416 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2716 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
  2⤵
  PID:920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4136 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3644 /prefetch:8
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5300 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4935787725003811253,15659408572510888827,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:836

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2200

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1816

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
81e892ca5c5683efdf9135fe0f2adb15

SHA1
39159b30226d98a465ece1da28dc87088b20ecad

SHA256
830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17

SHA512
c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56067634f68231081c4bd5bdbfcc202f

SHA1
5582776da6ffc75bb0973840fc3d15598bc09eb1

SHA256
8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4

SHA512
c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
67KB

MD5
9e3f75f0eac6a6d237054f7b98301754

SHA1
80a6cb454163c3c11449e3988ad04d6ad6d2b432

SHA256
33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf

SHA512
5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
41KB

MD5
8a9cbee2502033dc8392afe21bb33157

SHA1
9130a6f41b77760bac78f4f968568d3b15c883d5

SHA256
df2c0bc867aa1f36feaa086f4c10415a53f510bc0ea263ed170edc5884014a15

SHA512
b895742e091c83e08256f512ee62d66d806750ac664d3fd5c52f77b4625c51eb7f339331e89ff50e00e8c711687af30b04b30dbfa3d6172004e0bfb11bcc6b4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
88KB

MD5
b38fbbd0b5c8e8b4452b33d6f85df7dc

SHA1
386ba241790252df01a6a028b3238de2f995a559

SHA256
b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

SHA512
546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
1.2MB

MD5
fc3e5697475cb230af9bb44a6517c19f

SHA1
86ea037f2b31abd24cd39eb01db77ba5aa3a22cc

SHA256
da126cb7e5a42e643909f33591be6c165150e70a773cff3056799cf71060c3a7

SHA512
1fad86e8e3fa0b8e096267b7af6cc87abef5b5873d5bf0176de9b5a1c8701de4e26d6589055ee844d8e1bdaae15ab291ab9de64311e7f66a5525b888cb38b0dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ca9d50d728e35eb9328c16bcca92c387

SHA1
44862c221a7a401a3458ceed2204048d56dd5ab8

SHA256
fea3bfe55f35d25655b41675052c913f33e4ac465340555f6bf37ed95f755b06

SHA512
a2b4441c26f0635f0b939ee05129c1a638c368d75a585e4d663724f6c929bf1efa110d67fdc3408fffcc2e75676beed2a9fda07b7fa62a9b86bd581f340e2a02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
484B

MD5
1d94ffd3728f38fb6f3843714ab23b4c

SHA1
be4150053302760f8b42b37284de196e0250a269

SHA256
200e6f6269e64149a822ceb8ffe48a39b39af3904c22892983d1e07f051a4d19

SHA512
3f4e1e6fb194f249bc6baf9c57cc0993a7c57b3cbcd8463006eaf199d62f718259cf48718a76f44c7a1dd3a87593521a7c6133b5ab8c10f2569de76f81ec08bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e28410598f3698e518e976c3e315ab88

SHA1
9c8640c11a0a55f7b08c28ba3a77d397df477c18

SHA256
969ea994b84a8c54915a062af44c8e19f9c10941212ad380fa3cdbc80346e192

SHA512
4fa2540e67c1d9bb5df9fefb81695e994cd2e1fc7844e59f73ffc9da30e093cfebfa8d78c6e945a0eb85e551d1a9fa017ad34c827e4a6664cd5a0e01b6ee7ca3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
947b4283994e493ff117b055b8b99d81

SHA1
bd5b3123b59d15c7f876c1f15e189658d25271de

SHA256
da8759d0161d6e6899bdb64acd90e8b3961e92bc8d459ccfc7beb25ab14dbb68

SHA512
2e76ed2e05f5fadfd2e4b9ad46f2fe0f4679a568c7290df1b5e1b29adad6f3fd137643d0a8798d73c6ec0690554ea86c0df363cb8835fb51d4fd36194821ed71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1da7041fbdd085f3cddde78bcf9f74a2

SHA1
273c9a5b8b03e5f1f28ff2ce6c03b6f431436344

SHA256
395edd29f320ec468e1958f1cad34f619b1fc199cba1c4089cd6826e7ccf7af9

SHA512
a3a3a7e49e5109cea6bbdae0abc9d7a737904408b4059d6d0f363ab90ce8200013eee5909723f3e3e1a31a48dd485941a11c01fc5e884610abf91b94aa1a67c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1632b7916aa7cf929a0f692760fa1817

SHA1
bdeff7013c9af826c7423b747e812fa9e770b177

SHA256
ab10042eacc65ea054f0adc9b03f83903547009f463aff869caed6a8f692a4b5

SHA512
1a95d3dad025a5daafb142e6b17f847781d22d8633cff87a4b05aa7c2541d1f4e13b8bf365cf815c9577fb881cc7dd294c32b6f93c92984cd40190997b39f350

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
01827b60fcd52ce29e9d2809016b221f

SHA1
2434a31e3e6b6fe376b75f39416ebbdea2e489c5

SHA256
2f798068ab645392cae2820e1ad47277c5c7f49b5eea1c3e4a736ab4f9bbc500

SHA512
085e117a3cd81771d9f797c2304a52cc289284f1c5203d20ac679a314cdc629631a305e50dc8f4b4c387c0e535489e9e274452aec03d561ca16b56605673c572

Download Submit