Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-06-2024 18:30

General

  • Target

    https://vk.com////away.php?to=https://tracker.club-os.com////campaign/click?msgId=ds0i838c6bd137e6a03157c6c728cbc659e734fc398%26test=false%26target=circuitovtr.com.br/dayo/u4wzs/captcha/[email protected]

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://vk.com////away.php?to=https://tracker.club-os.com////campaign/click?msgId=ds0i838c6bd137e6a03157c6c728cbc659e734fc398%26test=false%26target=circuitovtr.com.br/dayo/u4wzs/captcha/[email protected]
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f40f46f8,0x7ff8f40f4708,0x7ff8f40f4718
      2⤵
        PID:232
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
        2⤵
          PID:4816
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3164
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
          2⤵
            PID:4312
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
            2⤵
              PID:2408
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
              2⤵
                PID:3552
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
                2⤵
                  PID:3976
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5284 /prefetch:8
                  2⤵
                    PID:2388
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5028 /prefetch:8
                    2⤵
                    • Modifies registry class
                    • Suspicious behavior: EnumeratesProcesses
                    PID:3476
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
                    2⤵
                      PID:3956
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                      2⤵
                        PID:2988
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
                        2⤵
                          PID:3940
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
                          2⤵
                            PID:4504
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
                            2⤵
                              PID:3476
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
                              2⤵
                                PID:408
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2184 /prefetch:1
                                2⤵
                                  PID:4764
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2124 /prefetch:1
                                  2⤵
                                    PID:4776
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
                                    2⤵
                                      PID:3344
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:2004
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
                                      2⤵
                                        PID:3552
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
                                        2⤵
                                          PID:1724
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1880 /prefetch:2
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:6044
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2696
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:1636

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            a8e767fd33edd97d306efb6905f93252

                                            SHA1

                                            a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

                                            SHA256

                                            c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

                                            SHA512

                                            07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            439b5e04ca18c7fb02cf406e6eb24167

                                            SHA1

                                            e0c5bb6216903934726e3570b7d63295b9d28987

                                            SHA256

                                            247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

                                            SHA512

                                            d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

                                            Filesize

                                            85KB

                                            MD5

                                            008d0ae10f41631bb124d78799baf5bb

                                            SHA1

                                            cd5956db2574b3e718d8e87f3e4af79e2a3b5e0b

                                            SHA256

                                            a0aee1664677fce87357ff299c236f12803be313c1838a312d779ccf1ce0e590

                                            SHA512

                                            e4c1c5a8d88b6e0caa60b3c6ce02c05b0b2653c478a788d9d6c330d34439a5f91acecd67dc6baa4f40cf8f4cf21a684a13162562df8e2406cd06ac3145c6216e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            1KB

                                            MD5

                                            0a6fa025a06c5ff3c65ce35d670b36a6

                                            SHA1

                                            c2288bb498f0323eda3df1a70aa5abcd67af3252

                                            SHA256

                                            edbc3edd510036e406877a4ebb7397a9e0676a8c619d5a3142abb0e75f70a4f1

                                            SHA512

                                            2f04e0c12c100d5aee6cb6a3b13d1e21afa809e44a445cda2486c348913d35c85660ef10152a51d82b49583ee2be41e10256e72679aeec461c3c792a0a7c7d33

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            888B

                                            MD5

                                            b101bd3e793b2e0a36f4c309af04f77a

                                            SHA1

                                            136b6d02e96ac7a0b1ae5615a0f5492895b3ec48

                                            SHA256

                                            e759c84a5483f521324934650a7d6dfca59e366bcf10cf98a04812d8c30acc41

                                            SHA512

                                            ccaeb183c45c40a87e8ed649d256688657782ee1874bcb057cb75a81602510ecddb745eb18c4c64db32ea91adfe416a952876be8db83c53c27db706210047d4d

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

                                            Filesize

                                            41B

                                            MD5

                                            5af87dfd673ba2115e2fcf5cfdb727ab

                                            SHA1

                                            d5b5bbf396dc291274584ef71f444f420b6056f1

                                            SHA256

                                            f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                            SHA512

                                            de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                            Filesize

                                            5KB

                                            MD5

                                            8180d20f747ee871b2915adfc410a620

                                            SHA1

                                            8dd2734b58d9178d1844a988d310801c571d6cfc

                                            SHA256

                                            f3da45c83d2c201cbb06a69147079b99e0c323ebe1e517ef5866052827a625b7

                                            SHA512

                                            4bbe6a4272e91c4278f39512c590bd2b753f493e5c30197be4194c9400647dd3ed2df6ed618e349930cc4327066b83e819602e6cf73d48eac74bf92b470aae7f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            5KB

                                            MD5

                                            686875a641906abbb972d29b8a6ed86f

                                            SHA1

                                            44235afa4a5bd1eb53d663e3266b623d54b72850

                                            SHA256

                                            973c7a7f5d59d5a95a087d9781ac0bebc83f68e87ab2ddae02022fe0fc4737fa

                                            SHA512

                                            bcb381c5e82b26761f7bf3841aeaf4d6a347007a53ba12b2072882418587e4b6be25501a2b86b9c4caefcb39b13359042896cdbc8c8bca1068785551081cac51

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            48ac448faa15b5ff8f47ce7782b92631

                                            SHA1

                                            cf3f0eea0bd2dccaff696650eddd632ffaaf0da9

                                            SHA256

                                            07fdad6234ca102675cb5e8d1342541fc79b37687f02e8e90aac2dc9b873139b

                                            SHA512

                                            63bbaf20083cc9f7fe39377ea67336a1b24451aa6a1b96c1dd0f0a410053a21b20a0659d514f7d32b414c32371127c0be2c7ba9740279a7ad972bf47697caa6f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            11KB

                                            MD5

                                            bde75131a1dee9719f6c73a5125c510d

                                            SHA1

                                            3b3dbbbdc40274562629544f580efcb1fcd3c66e

                                            SHA256

                                            2a208249492db042e056d52f8fca314dafabbe2ac216249bfa9e97f13280d81f

                                            SHA512

                                            993564c159a5f247ec98203d893dddd581e5c96a0d7435c100089e17223528520d7726193e132a6c5ecbfb741e96fb16f2e610d86bf9e815be9ec9183f207abd

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt

                                            Filesize

                                            99B

                                            MD5

                                            627b3f7e5ae2dd24a12b71add2476e0b

                                            SHA1

                                            fd4c277d5015f6d0cbc567c4c047707e2c5be79f

                                            SHA256

                                            62406d52ee8e8b4fb66e68c0e7a58f1eeb4fa412cbf430efe9ea8edf32da111b

                                            SHA512

                                            492e23e34143e43f18276b311b6d2c53e71b34aa531df7e4f905ba46122077e0f935394677ae6f7ab31f3ccc4dea83581f4339371aff382494f94a66ec209697

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt

                                            Filesize

                                            92B

                                            MD5

                                            1b877c8c03aca3b5fafd09076c3be9d5

                                            SHA1

                                            94743f5f1c670e4b6e35016e728498d4ec98fb84

                                            SHA256

                                            699e8ca1765f1876c4e1480a05cb703896603ec8319672f1bbb62bd5fc360a8a

                                            SHA512

                                            ac498e35ff9b585f1b85f43f4069b6c87bdaf2ae25175382d4d4a19a04bc4ec67d454d5839efced66fd42143e96dbe8edb680072bed0829f5d1bae231d59ffc6

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\650f2d7e-0b49-4198-8610-4e36dae21190\index-dir\the-real-index

                                            Filesize

                                            504B

                                            MD5

                                            bc91469983de1bcd876da986521faed2

                                            SHA1

                                            4ef6c2ae52723ae3cd81387a948fdc4c3be10169

                                            SHA256

                                            39dcfd89f79e57230c535cdd86905f8b073b9de56427a3d6fb06ea8725005aa8

                                            SHA512

                                            cc64b67d1aa168e5d1e402995ba625b481d4a1aef7815d12c84a5bab3d717a48fd3f44a1594e332b76986af0ed2efbdf5402a9b9ff99c1d3f847cb8cb5ed0f90

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\650f2d7e-0b49-4198-8610-4e36dae21190\index-dir\the-real-index~RFe5812c8.TMP

                                            Filesize

                                            48B

                                            MD5

                                            a5c098bac2adb8e107617d5a59e63705

                                            SHA1

                                            886635fc4787e6ea4bc6b6ca28b3da3c688ce525

                                            SHA256

                                            655048691497a4c059fc749360f87d9405e4aead4242702fbda847c6e91816d9

                                            SHA512

                                            cd63544e4233cf421d63f222d9b54b4ed2fad5c95fa646494bc23dd2a5567123209e5bcd9d2d2f974023c63fe72ac7949209d7e491e762f0696d4651dabe6071

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt

                                            Filesize

                                            102B

                                            MD5

                                            53afe4328fe10e440966d31a6cb6c702

                                            SHA1

                                            5276e255a2f10e6a945a655b78cfb99e4458d790

                                            SHA256

                                            c7f1a36b26d87de2e8119b0f581b2e89487cd1ca529fdd4f09078247efb8efc2

                                            SHA512

                                            e647cd2eaee3e6172b01d6a295a43169083d3d97a79bb6473078db909959b62be2fe335d803ef71d12bc26d4a67cba826428303d87fc81ee0ee3ad54b089e7d9

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt

                                            Filesize

                                            98B

                                            MD5

                                            f5c9287f85c597bf84a1216394c6c09e

                                            SHA1

                                            4a28dce4c0ea05d6b6cb7f7fd6db68b3f9aabd46

                                            SHA256

                                            c7f42692dc81383cee37633b684e8cb6d3c9bffe128934185ab58bd526193c9e

                                            SHA512

                                            c1d45e34044097a041f4a15b47ffe799c2ca80c67c883f92697374a34d343f320a9403e5ebf9ecddfecdee2a40386410eab0dc3927f726a709846781b1153d74

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

                                            Filesize

                                            16B

                                            MD5

                                            46295cac801e5d4857d09837238a6394

                                            SHA1

                                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                            SHA256

                                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                            SHA512

                                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                            Filesize

                                            96B

                                            MD5

                                            377667737f4457a649803fa3f94424de

                                            SHA1

                                            3748ee8749a984807bbe7f1c3f4a98d473cf9a4a

                                            SHA256

                                            b5a56d4ced945f34eec75163a84da76b079019ecd5874ef635897139a617e4ac

                                            SHA512

                                            dcb8aaee4eb16ccf606190706eca0066c112e7e8d3bcd9b50284ae3fbae7115b9183cfe51f08647c81c927b68dfae8971b0325bfd1e4002c74e062601cf71a00

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581393.TMP

                                            Filesize

                                            48B

                                            MD5

                                            637d10494a0898d36152eea7f71a33e3

                                            SHA1

                                            844e32e8fcda9b3c0c84f26d598577bb0015b440

                                            SHA256

                                            7a7934435cafeb15974ef951cf57cd8b62440def5e01c0403850c0d3eaf79a09

                                            SHA512

                                            b7d38609f10d198620eb147e105ef1233b95b8e31d915b6f749f176a817a5d71ec43b57f7a52d1042a14c20d2feffe0434769751147796da460e4ef780729aa7

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            5KB

                                            MD5

                                            6637df16e88080d48ef9b0218166380d

                                            SHA1

                                            788376ac4ff5f3b99b373fc5ec2bac8333be8c03

                                            SHA256

                                            a3b33141ea4aa5863e417039d77f9ea50208a9b0029dd1ac34c5b65e2d443978

                                            SHA512

                                            d376a5249d3ccc5c09618c39df2628b89c37fac4658ebeebe593d67698abf5389c6ccedeccfd326fc5aafa8cda301edb0af22ce95e51031f4593e40736437121

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            07b5c161ae65675760b0c0e0b83d902a

                                            SHA1

                                            3021dce49f3fdd0843193d60d1ddae6403934e1f

                                            SHA256

                                            f8c269527ab7287347c56b0871a3bc333f74ce8d810eede980dbb6e7a845c15d

                                            SHA512

                                            6918744f3bb8c7b9d880772310a47ada8ef63ae30e51eff9c016e76d824548cfe7f12f63e2ef4e76c6c1822eb26e0b5ab99f86157b411c19f9dc5a056589e60a

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            5KB

                                            MD5

                                            b43d9d11d99abbe1388b529c03458e9e

                                            SHA1

                                            fa3bf8258c1eb18dc679a678ea493f966dbb23b3

                                            SHA256

                                            2f2bbdc5c7c66f5e8bfb0ba529bf324644c020653bc016a7ca308ffa3ae7cf13

                                            SHA512

                                            98e2426f8b9878bb98b7b8fec0403b6d1cf745713cfa4f3b7ff72e2251ded36896329b1e11449296a4a2ea977a66540359950cd0d291dac3d838957e2b7f5329

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579ccc.TMP

                                            Filesize

                                            1KB

                                            MD5

                                            ca5b931d68591f0189463f2a7318db3c

                                            SHA1

                                            39ad8185f7cd4d582bd26a01d75558e3f90e654a

                                            SHA256

                                            2569a331f6dfc8502c673ad762e6c773bbb8ce9659fb1f263e86c47b22d8df2f

                                            SHA512

                                            441ebc3d8400a4537f29d0b33b3099cd027d4dec8cfe8ca2505ecbe0ab232f14341195c4295b4a7120303593c845f50f4705fa53bf06d6b085ed580af23aa96d

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                            Filesize

                                            16B

                                            MD5

                                            206702161f94c5cd39fadd03f4014d98

                                            SHA1

                                            bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                            SHA256

                                            1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                            SHA512

                                            0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                            Filesize

                                            10KB

                                            MD5

                                            9e1234394d59a2ea6c9ae7c0f1f542c7

                                            SHA1

                                            2c93788252ecc5ec3833a5f3d41a930f3c673ad6

                                            SHA256

                                            b8c3cfa1a59eab235d67853bc10b009950ea069344ac11598ea37f0e86461f8f

                                            SHA512

                                            2cc269e0036002ae578acfe92d0482e7ee6114fb1f8e1d7e98e84306b15661da63176e430b7706f6a73bcb0bed398a28b98825402bb476a03349bef0f2cf610b