hxxp://app[.]destinyitemmanager[.]com

Analysis

max time kernel
145s
max time network
154s
platform
windows11-21h2_x64
resource
win11-20240419-en
resource tags

arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
submitted
27-06-2024 17:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://app.destinyitemmanager.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 13 IoCs

pid	Process
1844	msedge.exe
1844	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
1632	msedge.exe
1632	msedge.exe
4572	identity_helper.exe
4572	identity_helper.exe
5084	msedge.exe
5084	msedge.exe
5084	msedge.exe
5084	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe
3040	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3040 wrote to memory of 3516	3040	msedge.exe	77
PID 3040 wrote to memory of 3516	3040	msedge.exe	77
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 4140	3040	msedge.exe	78
PID 3040 wrote to memory of 1844	3040	msedge.exe	79
PID 3040 wrote to memory of 1844	3040	msedge.exe	79
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80
PID 3040 wrote to memory of 2912	3040	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://app.destinyitemmanager.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8481c3cb8,0x7ff8481c3cc8,0x7ff8481c3cd8
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:4140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
  2⤵
  PID:2912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5932 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
  2⤵
  PID:2236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,17758955819024010228,17698508503291474373,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5316 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5084

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3432

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3876

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ade01a8cdbbf61f66497f88012a684d1

SHA1
9ff2e8985d9a101a77c85b37c4ac9d4df2525a1f

SHA256
f49e20af78caf0d737f6dbcfc5cc32701a35eb092b3f0ab24cf339604cb049b5

SHA512
fa024bd58e63402b06503679a396b8b4b1bc67dc041d473785957f56f7d972317ec8560827c8008989d2754b90e23fc984a85ed7496f05cb4edc2d8000ae622b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d0f84c55517d34a91f12cccf1d3af583

SHA1
52bd01e6ab1037d31106f8bf6e2552617c201cea

SHA256
9a24c67c3ec89f5cf8810eba1fdefc7775044c71ed78a8eb51c8d2225ad1bc4c

SHA512
94764fe7f6d8c182beec398fa8c3a1948d706ab63121b8c9f933eef50172c506a1fd015172b7b6bac898ecbfd33e00a4a0758b1c8f2f4534794c39f076cd6171

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
36299e19b3270a1d86439847ccfd92ae

SHA1
b5a7106756256a3123f6394b41748f46181be29d

SHA256
2b022eb0cfb87b60d311ee5a78ef8841728a1d2a18bb12f51e23f0acd218e294

SHA512
46ea543ae5ad788c761e2e188a0ff04b8d7ee0aed2b683c000254803e896f069e389b22633e90ec906be488a48b5ed14e4d655da703aacb0de578b08bbdafe27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1004B

MD5
8c2ede68cd075140b7e0b3a98caefb54

SHA1
b3f6854a5496ffab46696c6bef8a9e45c7e04db9

SHA256
26a378994df9a91514c90e1cd681e9c90850e0edf911c9b504b8dfee5e20a269

SHA512
ad7616ace79ba5bf24e3f2fae25bae08e71c54a355a14956062cfa8d48d5051fce2703a06d13131d54c9b0d6dd8265db4f9df1b3c745a97c9608a0d6bb2c99b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
6e1126ff171b366ddec587069acdfe7e

SHA1
038466691ee8660d04e22eebc123ead6eab13757

SHA256
18c2e1e21d0026cb3d2385d777cea3c503b14e6c4d095413db70096418250ca6

SHA512
27276fd7cace3e7a38bf2093442f28a20cb49128abe588100b1fd31a8b014903a5a6e6ee74f78efafda3ab06e5442e7af0eccc364671430ade7431fb50026ffb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
eabadc9674f71738627ca40f21ca6851

SHA1
d497be072b31a21276d5414fa58df32c4e373a6e

SHA256
c200a609261b7f3dc218373204101c370b60c1a3322df7b15ad08546d918ede2

SHA512
3962f51d7c2e97f19ff36907da419747aad33f0972cf927bc980b8e1c98eefa5eab06910d127ac14a1918d43307d738cc10f969a5f42b2e1a5c33afa8ddc2d56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\70477a507793840dd7b87591946b79e8b8764a59\aede7b4d-e2f8-4257-8648-962930ccf212\index-dir\the-real-index

Filesize
2KB

MD5
7d07721227b452e8f31ad1dc18def500

SHA1
491abf6822fd320b944492590eafe4b0859a3527

SHA256
15d8c7bdf5951941d3bf6ba55447c2eb6e2a63dc639170825527882091724a69

SHA512
2bc6b876de0ecc2f1e901ad3672bcc0036849f1f59b5eb89eee87b7d449c104682e4540ba844b63705cecbe07358f319b3f89a874eeca5197502303f11ea0359

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\70477a507793840dd7b87591946b79e8b8764a59\aede7b4d-e2f8-4257-8648-962930ccf212\index-dir\the-real-index~RFe579e43.TMP

Filesize
48B

MD5
384f26d29d59207d6afa264e08a2ca27

SHA1
d1bbe2beed39f30898fc56d029416b43beb79d01

SHA256
685be3462cad9ec6366d79da251f208ffdc03f9846585274cdc9ff46dbd57317

SHA512
61964f05d19e69e729470153e733fe5f6168017e216980913999bed80f567aa64531936ac3369b6dda8347851b2a5b0fec06cd8548c7a30822d4d068a72b705c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\70477a507793840dd7b87591946b79e8b8764a59\index.txt

Filesize
143B

MD5
de0ea36a65c79a24d445135b733d72f9

SHA1
1681c2f807e9caa9e0c0228b5a4c857d467930f4

SHA256
c9ea0172248b3648b4a9c4ad81b5548c889d97779f7930d22fd6daa7d8167481

SHA512
337d573bf1217fe18d93e64000b9e4c5cd9691be87fd349edd65cbe14f7c7c9ce3f5ff81f47860992703d7b8cdaef43006b982244fb364d90ffb5574eaf1957e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\70477a507793840dd7b87591946b79e8b8764a59\index.txt~RFe579e82.TMP

Filesize
147B

MD5
8c51fb9f8adedbdf9215bb868c3be57f

SHA1
046bbfc91bf66a38960a22b81c98384f6ccc435c

SHA256
56548b0893eaf74b0a11ea4166365a38800c06da088aec0cb6be37d89738d0b9

SHA512
65790751632f3a3347d29dbfc4b1ea728beb2f0839a8754d098fbb0aa97113ff20b8df3fb2a6c0d9d149082b4a84e81465b94c5196896cc93cfd938a23c29e6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
f346a91f1e27644043db0f0dfaeeb0c3

SHA1
0c3d66570bb948d2be17f31aa9befdec2a05a7b1

SHA256
3d1a93a5db9e5c532355899c2b8a8f06f0c9d7ec6387640ec6d6b179709d463d

SHA512
3d7358d32503012836fdcf9b6df1d58e8e6daf00f913a0fb12b82f54c5e4b9c25bf7872774022e8ca57e08abff1d41ca889fac369e1e6178a4fb58f3e17c93c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5789e1.TMP

Filesize
48B

MD5
425a8ed9bfd18a9d308f57f2fe591f47

SHA1
c3836a674a043daef6763d1bff6e2e2be232493c

SHA256
e53f7032d7aa9063f71666152028de95d9951e7ac3be07b40f0305915dc34edb

SHA512
e598f0e55d10f0c8d2143a48c35953e34ab4b45bfb5a14f58ae299ad30bcb49135f562cef6518f4fdf5e8a14cff1be93391bf834bb9b25d14e5e4c6a9e333408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c134e3cfe786b69f16b84d3408348b8a

SHA1
bcf8137345d96a4689df798282fee91ebb9e2970

SHA256
a332ea38d5435fffe66432fe0f06cc2089d1cf4826fd4ca0e2a02aaa3ccc61a2

SHA512
4ba564d5413d8e9f4514725bec941ba63128198e4c68291d60fb54f750c86f462f386f0733da0815bf1c7561ed1d9d0b7c90e5dea9e1063154e4911488217473

Download Submit