23c75e988d1579ade684b8fc3e9ebea0f2d62b955d190c974c4a47112681048a

max time kernel
150s
max time network
157s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
01-07-2024 14:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

493KB
MD5

937cffd4aed2741d390f12cdaceedfe6
SHA1

6e4053037c6fb57b01fb8aadd59f1b4bab4413dd
SHA256

23c75e988d1579ade684b8fc3e9ebea0f2d62b955d190c974c4a47112681048a
SHA512

8296f202f1538be8425c725e8be4816e692aaec686c89b525c67d2911c4da968047676f3801bed62f7bd95f54d258d775ef42dfa54d93978981c5a4a4e58d444
SSDEEP

6144:5DoAwoAwKAwtAwoAwtAw5AwBAw+AwMAwpbQ:5EArADAEALA8AUAaAFAJA2bQ

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1276817940-128734381-631578427-1000\{17CBAA5C-2D6D-4C7E-BAC0-C926B31420F9}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1276817940-128734381-631578427-1000\{2929F191-0FCB-44AD-BF0A-CB8622449526}	msedge.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
1196	msedge.exe
1196	msedge.exe
5068	msedge.exe
5068	msedge.exe
4808	msedge.exe
4808	msedge.exe
5040	identity_helper.exe
5040	identity_helper.exe
2360	msedge.exe
2360	msedge.exe
2664	msedge.exe
2664	msedge.exe
4916	msedge.exe
4916	msedge.exe
1804	msedge.exe
1804	msedge.exe
4984	identity_helper.exe
4984	identity_helper.exe
1980	msedge.exe
1980	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of FindShellTrayWindow 51 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
5068	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe
4916	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5068 wrote to memory of 1300	5068	msedge.exe	79
PID 5068 wrote to memory of 1300	5068	msedge.exe	79
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1680	5068	msedge.exe	80
PID 5068 wrote to memory of 1196	5068	msedge.exe	81
PID 5068 wrote to memory of 1196	5068	msedge.exe	81
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82
PID 5068 wrote to memory of 2584	5068	msedge.exe	82

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7fff721f3cb8,0x7fff721f3cc8,0x7fff721f3cd8
  2⤵
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
  2⤵
  PID:1680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2472 /prefetch:8
  2⤵
  PID:2584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
  2⤵
  PID:2528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5672 /prefetch:8
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5668 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,8236928155474213165,6645673772060935886,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
  2⤵
  PID:4760

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1780

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff721f3cb8,0x7fff721f3cc8,0x7fff721f3cd8
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
  2⤵
  PID:1404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4344 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5500 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1904 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,2507421082102123130,10769335990391094499,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2080 /prefetch:1
  2⤵
  PID:3636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
64f055a833e60505264595e7edbf62f6

SHA1
dad32ce325006c1d094b7c07550aca28a8dac890

SHA256
7172dc46924936b8dcee2d0c39535d098c2dbf510402c5bbb269399aed4d4c99

SHA512
86644776207d0904bc3293b4fec2fa724b8b3c9c3086cd0ef2696027ab3d840a8049b6bde3464c209e57ffa83cbc3df6115500fbe36a9acb222830c1aac4dc7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a74887034b3a720c50e557d5b1c790bf

SHA1
fb245478258648a65aa189b967590eef6fb167be

SHA256
f25b27187fad2b82ac76fae98dfdddc1c04f4e8370d112d45c1dd17a8908c250

SHA512
888c3fceb1a28a41c5449f5237ca27c7cbd057ce407f1542973478a31aa84ce9b77943130ca37551c31fa7cd737b9195b7374f886a969b39148a531530a91af3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
95bdbc5dc4822a82bea7b5cea04f5d0f

SHA1
f433f87c50aa995150632159071abcb6278de446

SHA256
8449ed908a843b90b16cbd3632d8321fab7625c749b3cd6f70d56c36d36b0a82

SHA512
b6b20b8a7afe77537b4ad14153af756443bda432c17a5b811bbe10fde6edef1c7870763f655f78285af3dcc2af9fa2073c2c3c16d35b5d5fc68e6bd1672c1e22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
aa08a03d3970ab266ceae92505a792a5

SHA1
56c3560282031e6d40e3d5ee1153a51dfe9483dc

SHA256
d4b91d70d267763ee90ceddbd0c537b2229cd784c9dd8498b894f2c2c2cd4cf7

SHA512
e5d93fb1b1e2270fb87789f9cd81d66e393a5a32aa91d978f7ee1ffd51c9d7b2e38760b91df2c7c4b1b6c8909d09d5f72c15643994e7b0f68dade1f9ceee2baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\90d5e8aa-3ff0-4366-901b-0b0251405333.tmp

Filesize
1KB

MD5
434d754eef7d2d27ecca2bae3280e70b

SHA1
45b7db65c02c61e10c4eca7562a2e3493c70b407

SHA256
b1f9f90b4ca94f929c03c4b45d25e3fa9ee73c9c261df50253366087e18ae5ac

SHA512
2448aec5dd4797ccd60e5e33e84e652ca09898a5d297482be4d00d24b84525dc437df5a4a6e9a280bcf6f24a5fb61a4ea751ac24d18d164c502c1bab37a86088

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
7b6e0f968a38f8983a5bc96bc1fd9e16

SHA1
8f4575f9a4b0c765e2472dee784414eaea5b1def

SHA256
5abd1f9f62e043823429df81257a85f040960a869fcddcb708d3cb25e9bfa74b

SHA512
a05e84e4874b456786702a33249c9907138cac9b517d61978627271627ed5fb11710c760123dd396e25a1af9eca8bed6f46dec1b8e1c3a79b5948e5dcca111f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
9ad6352cd12d7dbba347c6f99f34fbe8

SHA1
1db7b59455c78502924874cbad8e86a3c59ed4cb

SHA256
32fb5e11527b7620652f0a910d52b9099ea64c892cbcabc158de2dd6eb2f6018

SHA512
feb0292f6e9e4b754127dec85ca3fa173e9600b4d2b854df8b654c0fb8df7a6e4dc2e595ad613231124732c0196931ad380bf3296e27e27b653c3d611b1fa3ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
86ff36e24b303e4a41abdc98aa39bf79

SHA1
82e61b9dd218d128aa99c5523c6e13c3a02279e8

SHA256
cacdc9ca452b71ecd42af2050a1bae6745e65fec7db3d73acd27f03b11875335

SHA512
81fd2402a5e8cc7c0e53cf87818feadd528453729c578c03755259d1503f67942d2c946f195ec414f7ac3e4923deb69b8fa0eb2059e6f0f7653d83843a4a191d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
4489ba4caa4a386820ebf668aa2f5122

SHA1
fa32c59e0e35a30026eba5bae98f89bba0d0b698

SHA256
863c4f686d5824be665697ca7e10353910d588f7889d1154b707421da4612fb0

SHA512
8e47bf73d1ae1b75b52cdf83538b0a5ed403267bc8922c5cb215962f07f423dd3e08d4e35c404244bad4b0e0370b82e72edca9b605902900d30f500a613c8dcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
67KB

MD5
9e3f75f0eac6a6d237054f7b98301754

SHA1
80a6cb454163c3c11449e3988ad04d6ad6d2b432

SHA256
33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf

SHA512
5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
41KB

MD5
db017f895f6edccb6b4fb37f7b41c9ff

SHA1
813fc0a101ac1444be29925b12886e5cba24f91a

SHA256
502ff981c025b86b293c4db5e45876f6fe0d7f0cba454888894b362ea2a7e726

SHA512
2bbff3f7a1847123953d0b285297c6814a17442d25d75fc88f2a8e0aff5827b591df89e656264c3c5c12862a086fb2a549e1df2155f4ea3ba82319df69b713c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
1.2MB

MD5
620dd00003f691e6bda9ff44e1fc313f

SHA1
aaf106bb2767308c1056dee17ab2e92b9374fb00

SHA256
eea7813cba41e7062794087d5d4c820d7b30b699af3ec37cb545665940725586

SHA512
3e245851bfa901632ea796ddd5c64b86eda217ec5cd0587406f5c28328b5cb98c5d8089d868e409e40560c279332ba85dd8ce1159ae98e8588e35ed61da2f006

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
32KB

MD5
2448f641fbbbdd88f0606efa966b052e

SHA1
25825aef444654fdc036bb425f79fd1c6fc6916e

SHA256
03f060bf37ba360360d6a7413d98e485e7d8e6f69e6a1de300c788d439b78d02

SHA512
d56e3b19d3f4c6d6663117000b99071cc453b6fd93f708bb8cb92d5adfa0eaab749d8d6cef4f19fbba548d31edaecfd0a74ca55dbca7d5f5f1fe66879b27b9d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
74KB

MD5
b07f576446fc2d6b9923828d656cadff

SHA1
35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103

SHA256
d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496

SHA512
7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
aec30d618af1d9d1f7f72b61cef72e53

SHA1
1c9f66a6687dfdded334e21a1b8a4b43778eb22d

SHA256
321de38dafd7456da21013ba790afe8be89df44b5f42e829171cd8f964fc41c3

SHA512
799b6c11ea6fa781a43b4d142bfa8a47ab5816367183d25c24b83335c18cbbe48d06ebd855aaa1fe5091858a1026519c4fcf53b80740f549f2b6dfebc7b52fbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2b944bd8beb145baa67e0f735054fa26

SHA1
cd055c5aaa6d2935fc39356c8b9bed852961a7f7

SHA256
ccbd11cd36fd48330a426320587155e66b7dabe8263d2a39a7635bd317a78d61

SHA512
59529f39b3ae5fa469f84b3b296f2314afbbf7527ed99b68e979caf9d1e235ce833e02e54cd957fb694af0fbfbfe85869a9fe7ac68e7a51301a8c24e4089213e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
28KB

MD5
1c8d96f8179cd17bd78c321bee474feb

SHA1
fa67385e4375e915b39fc3b50b209f948af5dea2

SHA256
191ed8c8a1f56667fc7137460a42abbeb5420ce3ae3b066a034f09eca429e847

SHA512
ff4fd5aa3040f29d6ce049df9751979d9fc25497dc9887bf03531d2ca5bbb5d619533172018608d70980650192e0ed2b8b7c8a626489bf9a8f6b746acc37360a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
28KB

MD5
fd26bdee16d0dc37c39c890bd2bd2159

SHA1
1437462e225cffa902acef4f521c42b32d6b92b6

SHA256
d7880fa825b24b380b2f7828b5f15462509364a3fad4f151c5d7a5739762d67c

SHA512
71ec5f27a3ab210a0431154c1756cfe236057de51427b72d3e640b50d01628659189f6cc26141fd06750ef12fa55414408e4a3b07db7aa05417e9bd683ec75c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f5fa3561e0e607e095ca88d50b019501

SHA1
b6abf7e647cab82bab331ec5e3496bd9ddf023e9

SHA256
f9953ca3b9eb7af6f50b5de46920507bae3eb3065fab741bdb9974947a039db7

SHA512
470a9bf658ba2339815d8b4fa7545105cd6c6e21eba34c9690c7cfa81fe10c4f0c80bdaa5a7f6d2d532e0b336ed4adf8d87d89d2b4a769c06d5d0e8d3de32290

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
62e698368559a5d0366278b62057311c

SHA1
309da6a5432f40e85f901049f13d71b091bd251e

SHA256
b6db55ea0fd54bb9fe485fec68f0369b798636612e01c14aa41e1750c564f7ca

SHA512
2e9b4785f421bafb83aa2bb0b6f38c59bb73ba7d3550da9dcef9f072eef03ef72654c3fbb14d96c731dd8c828ba2ecc8bc9df11c1c2467b8d3c2de8788b3e696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
4KB

MD5
8ddb77d8f8a83ebadda8a2a069951796

SHA1
e0dcdad2f17574c3226aabdff4084a50cc90b588

SHA256
94ee5e0d1e2914041149c07ef1011a637af0398e224c7f7b6de0a462dc828cb4

SHA512
e2d57c1bf47d12fd7165bb6aef72d6cde4dd79b81cb30678b81a9ea0b44830439f75c8714607a9a9467c31a0a57df919af8c6114b4076a6e29066786df932abb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
553B

MD5
83326ffd3093eb793670fb9ebfe94b7d

SHA1
fa47df2409a46e099e4fad3e5428d2dd42b5b088

SHA256
b35b2e94097d5cf4c0a862055a00ea4aa5898dbab5c28c20d361c260a2667079

SHA512
494703dc46252c2e4a815fa4e11d224dc23a93a24da2e70dd4d6c28e33d4094fe666b3481fcd9298a3fb1019bfecc1ef2d7148736ccd8643c373317dbdda5027

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
334B

MD5
f61bbaac3270eabd750c6a9db233e9b2

SHA1
c14480e840ea4d205b4a4fa8beddc8be918e571a

SHA256
c3489a4fd80ef691856ac4ae0c0bbe74eba05907026a06c07fc358a087f3aee8

SHA512
80b681f2c012e71f437e46ab73cad6f8f117e3c7b79d82f1afedb8b6bb0f6b6ec041fe18fae46b78963155cb7fb9ff36d86cb42759d888f4aef2da44a2440049

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c3f3299494e37bfd9af412ceb6fd58a7

SHA1
e29153cdc617a14168ffcc446dacd27724ca4aa3

SHA256
5bc833d06d284ae093da988738927c567b46e485603fbff409fe8558a244b5fb

SHA512
c21abc03f730e0a0b0ccae1a40d1703299914029d16e02bbc4b7a3fe6b8b061d3200288321abb5190311ffa70848b96d430eb85a0d617aa8ad51f92da31dd31b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
95cb455a4d90ee158ee17083095fd915

SHA1
99ba51d8a94338a06d1541d8207fca0a35915e34

SHA256
6d294ced8a86f301ca5080ba937bd30bd3a4fab5d43d94913ad318c6b4a8a55a

SHA512
0f9d80dcaa55b5d4b7eb67093ef8afacece0264ae00525e88ef3b1e7906799e61802d651687c5f7b2dabfebadefacddfe16541af4ffdbbc9b35253791fce67ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b5bcce625df693d60e4ca3cb07f45413

SHA1
9bad4e8673e3db2b0be4dcd6f1c677dcee76d028

SHA256
aeeb700737ad901e55bbf1a1dff283e867574c02fb31ea79b1226e21ede85dbb

SHA512
9efb2672de155218e029d594af8a7f3cd6a19b02b36d26966ebd5587bf5995c6928fcf3f636c3853f9530e7efc5bc2d7fe52d58095aa45e0799755cd9796e02d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
741c452208f1d2c3c343041ff1c2e180

SHA1
89835c51d68edfaf833afb310942e3d585b05616

SHA256
3ad6b0e8b9cbb58d68a47757ac9f78ac2bfc2e730da59d01da8f57d67ad73c61

SHA512
96f0a67c5ea551563470074487d9b17986f4590048aea17ec885b30e9d45c157c75b233a97d2453cf18137259ba330ea2baa8202f3aca7a97644b14030ec5932

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3c6524bcb22f8c9a7e5e4df3fb371bec

SHA1
8b26a1ce21894e96115e14a902e398179b45574b

SHA256
16807f20e55c47147ddef7d2eb88c222e8af72c5a34d3652902a92703ca5a888

SHA512
d360fd680b592b7aafc46b890bcadf31ea1ebf3c7d5edf06c2739c5922354dc6bb0e647b9ba13f2be7ab2399aaa7c231e2feb42da6920d1091701d4fe0240f9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
96ae9deed51ea139e5dcd213d1b316be

SHA1
cb61279492084a7fd0cbed1d80de7f67b5f26e5a

SHA256
7fda1fcf3e2cfb183098736726e3a25c3b2e5dba99aede66d6bd606f15272146

SHA512
7959fa0e887a2e03e28ab689c4b5e1aa47cc8ca7dcfdda82027932f359edf7a1403090e1cf1518daaf736a22d4930b6f1b277f7c09ad6d510cb6e3b1ea661df9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3fb63a5dec9fc1636ce20670274ff89f

SHA1
e72ae9156a22a894fbb3962d602cf763355eba3e

SHA256
e5b273a529261edc864934438a039d691bdb54100493ef4521dcbf53f0e5744b

SHA512
0d3e1f0311d7770168d55359e63f7526ac55d69ad6c242f8afc0f8bcec1c83b8e735401d53cf705d092ad8701c25335990936a3ea2fc78dd13558624491c2084

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1507d76a0eae987871628898261835fa

SHA1
5e4a39080f850b76fab21e666d82ef41c41fe585

SHA256
2c69aab52493f265d9f1b5f444264c750078354c104d0d94c072be827d93f59c

SHA512
ae2c5e78490c882f6600587158433dd5827c58a2792b813eb3d15248145989894de0087de5da83d307d532ed73eb58fc790c6409a8a5882b11337b03da194d52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5fee6dabaf64ef94eaaa3c6b7342d630

SHA1
ba6134954ecc219caabf15d24fb4534b597d7019

SHA256
270052df6860ee0084830f6f5fcdd221627f3b60efa238d3ddddbfa2e3bbbbfd

SHA512
77acd6b7c8eac050980ea84f8fae6eb1a1e09b54ec60bba9b193e1eded550edd391c2b3199265188f51807e9ee0edbba86bb0e7153f86bb804db17a58e1ae13c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0cc0661cbdb2353861b1a7f3513f8cf9

SHA1
6dd39b0e3619a69b39bc74340f4be4b99b60bc07

SHA256
4f59bd48c30bae5fba97f9e3eb20169967d3be836693aa673de4d2338ffe94e5

SHA512
908c3adc44a562fa5528806d199db78cd1ad42e626f4db24d2440c3e63961e489dd62dbb13d1cd1a12c652406c2207b105fa644b85ae0cdaa00c411283fd5c31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6f71e289f7c3c96b145fad3a1692fac1

SHA1
d7d6aaf6895e1b30dfd3f34f0d9d3d6e3b4631e7

SHA256
10c786227eb66dea3a5f761d58f52c5dde79e149617548c844d46dd2fb358780

SHA512
0aac1660ecdfaaa6474e16788f5c09e9f700514a66cb13d8c028d075535603e95c11b0dc0539bfd035eac3225ecc8079ecf1f6214dc0edb20f72520c8bf53c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
948f39a5cdd276c230d402ee9704e664

SHA1
b50520fcb21eec6a185e5df77090a968ea9117f4

SHA256
c6fd4175e62c1d809aca3f019d9af7c99c4fd03b2c92cfc448105d9a48c95c34

SHA512
b8efb68717ef8d6ad30ee88473d5ad9de6f82919ca72a6e9a7f04598efe6508af02cd83ff8dc4f07b0e18ed50f35000437210d320beeec307b91c2104567609c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL

Filesize
36KB

MD5
5e8b98665f3adaf09c890d22d54a471b

SHA1
ba7c8afa8426e12c38e2d3315462aad1d226c01f

SHA256
2baed3b80e66ac997497e8f305c646a3b7b727e7402b58672c7bdbff5e06a45c

SHA512
b0552b395b522512ef455a69078e8784757e20f6f015953c5a08c88e635d90bf7d6f33bb446c38155962a678bcc0da5c1576c821270e7c6e0f3134bbd09df19e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\07903f33-376a-479d-959d-924f4a8e1e8e\index-dir\the-real-index

Filesize
1KB

MD5
b789c84d47ba7fd1d2edf1d218cba159

SHA1
4aff99f765145edbd322f3b02171d9411c3178d1

SHA256
d50d7c9d31c6ecad3fb9b06b1d476bd4152de4cfa073989603955adf68055a4b

SHA512
257e739dd66a9735bedcc2f1cdb9c886cada8ccbe36d9e1df369f44d517e7bbb1af55093ee851bac7bb1c525b0a4cf3c6b5080933489f8b50ced36d535994115

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\07903f33-376a-479d-959d-924f4a8e1e8e\index-dir\the-real-index~RFe580395.TMP

Filesize
48B

MD5
17cc77ff29ce6996886352d788e1dc12

SHA1
8b6e8f6256adea9c0b194f15ebe687ee4a718157

SHA256
3293d2d00a9b3534357fcda36e45c774ceacc1b45bc409cb8114af0322b55c86

SHA512
12d53c409d86dd530060aefc7ac177c0f85fc0657fb402551cc54b87ab7911bed79d6dcff64ffb39ee0c1bcf5b79625fbeadb9fcca5cfaf5352495f46aa030db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
73B

MD5
f94bf52ac8c856480119be0940f57b6d

SHA1
d93840e755b9187fd8a12dfd2b2dbb1bf37ee1b2

SHA256
f79d2c4d066034a4a3a2c17283dc7cba9d171de567d2b70d0a3a57b7d42bdab5

SHA512
e78d2b10810ca78337dbb1e7e707961f257560a0c311a5ab18826213a9b87c0cf108a67c1b3633e7d438fd9a79eae9f134cfae30d124312eb14ca4dc000e30ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
130B

MD5
6dfdebb299b4259bbfb48d9f611d6608

SHA1
ff134012703848449af12b162847f3c0786e0f71

SHA256
a30e76b763b855f1755f916eed66da4ff15f42ddf1086f498b8b79194bfa0a61

SHA512
1fbead9d149a65a3d5cc84f3c390c4f41703259db3fa52b3e82db4c9c9bbc28886486ed6f1e6c68ad6dbc4151aed21e71cae1649cb9aae027ed4ce11de46e72c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
68B

MD5
3ca9a3c8e5c46e2348f70551c57ebc8d

SHA1
05e7f9262b060239fb1d34ed27a98ee303cb0ddc

SHA256
a1c6810e6425ad4325261e34c8905d4cbf62b857c0cddcd9e38060f80745770d

SHA512
2e6aeb8df2acf4a69a11d631ba88b922ec0152627af6287f3fb84c8245276d9ad0f0fd05d4b041b029d4e81b4d557ddc3addb48c600c6eb948019f51b82ae592

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
66B

MD5
4795d44624e19327892ad031f322ba19

SHA1
f6ae40cbb4a42b8e04607fcc21b6e4be5dec0195

SHA256
c201df8a9dcc86e14660256b0dec2bd871ad5420f3d6f3641f214881462ae380

SHA512
04fb6aba814b7ec0ddc33ce47d593afe0d2091a21861c493c05bc547ae577a6090f0f3cdda2f9065cfea773ffc84b6015ebb42b370892fa380e490f77b83725b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
1KB

MD5
c03f344085bfa817f4b62bce44d22917

SHA1
714b006eff9832c3a6cf91402f3d1c6427d4f761

SHA256
a0c4dbbd72cd94b379003bfd9693b832b4bc3808e7ebb2689d6b9b890a26ee99

SHA512
fa311515eb734dbb72bffc8d59c28a99e168666fefdcb1df83e9faeeaef5c662cf7646c7d2983f0b24df44956d54c05e00127c679128d10c47ce00b47124fbb8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
322B

MD5
1c16aa6534f1affe016b3b54084fa176

SHA1
f05d9c4159e5abaab862e8b21c123e4fa5eed98a

SHA256
50b4ca3ce7bb123d35dd964dc082789cdfe4a774db93a83b071758ca657212a0

SHA512
bd62a7a5261153640ef19d8db2398a67c6c7c41e6c9673b6f05e2b16d232a6cd1ad29a77ca670067ff253127448d75076d34a60fea198e4aff6b7152e4a5ae68

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13364318037642305

Filesize
13KB

MD5
6f09b27b2ae70f4dcea5a6f47b8e9dd7

SHA1
13f4d3dff25ad33c27ada4a8f0daaca69a11d9fc

SHA256
b3cf51d2867886d22cef505b5db2409cd93660c2842982f11213afd2ae327ad3

SHA512
418a9936c142ca4ab8b58c33650857a155142f60d739e5dc9b1dc6b07462cbc52ee38f6a8a88ac6677a44345247b1483db8e2ae02c5616c1823432e7cf5e8071

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
f5846fdc25f0b8bc6dd2dd7076742d54

SHA1
70641fbac8d0ec91164a1c6b48631686168a9a2b

SHA256
41ad16730f011997bfa7b485f05e4a7eda1787c4298844168b4c4bba4bdb6380

SHA512
33acedcac555a457a2e7bd2b9cb0f2d75fe4f4f6ef48b8ae5c32c7683a9a738370da23c2b43499c9b96fd838052084681c38a22c63687c67cc1832bb41e5fbb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
136f1f7ffa72b2cc39aa30ae344025f1

SHA1
edce3e5bed722144876a64a0839fde84a63647df

SHA256
fd8c75c3bb1c55e6fb19bdf073e3d57dfb1cdf779aa00a2959af1ff2674c9049

SHA512
e505fc9e939bf7752ff08ceafd612a02e89b85fc5ef476080ddb3a43e32faf899990c80cd37e7a795b8cce0981f8e9fa4d33cb2f1a5aefd394715548636e42c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
3ea7b5d0a5a6932b94a6bf969676622f

SHA1
fd0de9dc7d040ca3f9ad0666ff2fbdb289d513bb

SHA256
2acf8ec46ab16e3879d6de53ab1e09b06671932ca69a8fa7ede11bbc7a936b28

SHA512
bee10d399cdffd9dbe9070b2ce0dd1a9cb2d39de4fe77127bdfed9d4ae8c7f2b355cf20ba186a489f3a0ec11ccf59603617f3c03d3d345fc7abd8f79b2d3f9cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7e0a5a3052ebec9c8e2595d5d3777f83

SHA1
372dfe49a709d12a371509ac551153576ff8fc76

SHA256
678bec733084223596ac84aef8ee27bd8cebb2dd961dc35c05b88b36b6eb1ce8

SHA512
321dcb82122ef61c83b7ea50c5c35b0adaa873d2a59ee721555d16bee65c5e359cefff252e10c4798bc59871ce641ac729e1e6cd4d714af809e56d1a6a309a7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dddd34a4eb88c8cab27c02c431cd13f4

SHA1
db085a15aeb8be6bac3bacbdeb2199b42094fb69

SHA256
68d2c1063bc894cd0d3929fd4a529438aff2f3ba7ceadd3e60c6218a6c9e70c8

SHA512
dbb4d2a32d4439f054ae001d7bebf13140e836caf426d48d60375c38736c8d60bdbb7e8ec69b713a914c845a2a00f64cac4da7558355a7d5028c24561f444815

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e60d699d872cbe1596608cf6e4c59c66

SHA1
365ddd5dd424bf6f1223bfea7c247bcb5563b223

SHA256
19494e51eaca4de6ae5b52a392fa35621f965c9ed24964fceb24cd82e1d6b608

SHA512
a10ab47927237381aab7bb29fb2963c664e51b9e57622d65249331a6cfed33b5914939da7e606b7586e2bf0e2014fd94ef215bdca441cf7c8224c5ec28b26b91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e844acd4ec17ae05be984c3f161e6f64

SHA1
149e9629cfec0c227b279c3662374c78c41bc7da

SHA256
24928422fe0c04171bace22ee6f5fdc60a16f1baa2b796bb38249684809ddd54

SHA512
94d5f64ff940c146b1517c535641a8cd2c518c22234cb9a7d437d4bc6a794d6e683875cea1fb1656d54a1193a1d46e0ed0692d379e8ede77ef23a837e219a2d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582a57.TMP

Filesize
538B

MD5
ac11aec1cef764f8a23637708cadad3d

SHA1
718937c80c702fd1d356a6d9825488c4e53e28fd

SHA256
4bf8de115ba67858277703be6f9715bd4d33bfec973627a51e860ed0e8776872

SHA512
99ef7d8db17c7e0f42f7766532cd6b1c428f16ce417aaca6ef1debaef7f48567da3c4ba497c092bd884f390507e594c5e427b69045477aba9860f72091dc0d19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
ab537fe18516225bb02f63932fef0d26

SHA1
65418a24757c2e8e4d77acca0f9c0ed360790fba

SHA256
c4e7079f3d0fabb807157e49ee7ac4f4bc7c0294838f1ff02c1319ce0dbd720f

SHA512
d5a7ccc8d8e857992e038d1a536e46b105ed74a31c7fbcb687c96a55e7de6f4967d9ff44d0336be842d5a108d361d9d38bc3f577a6339bae3ae7750f0e8ca690

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
112KB

MD5
274c795bdedca4ffcc9b54d83fb47249

SHA1
d7084fe4fe93af008a1c9dab8c05af0bed41a264

SHA256
b228061641fa0a69f10c47ceeb3ff711ecf0c32df9503b4f5f09437d5a20e4ed

SHA512
5d9b1de17067885c9abeb2541cd38def37795bdfb26fb5b6eea0d6a7d03687ac10bfbafd6255ee13d3c8a3c9a8b004dc45e3b4a115b8ca51ca7eb06bf7de4985

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
64KB

MD5
d44b8b71bcf653a214eb6ec4268d150c

SHA1
0043025f6994b00c67d100d28e1b616b48dad77e

SHA256
92073b2b8e0089cec5ba0dd4a15ced4f1134dad0128b0f40569adae498adcf2f

SHA512
7f14b5674d53717a7914d8b64a3df1cfbbaab2a7f0bab8e53fe3c03e257870a14f20bce0ebde4c2574a10d8af998f3af1cb2623d4a8eb0b2d6610778d0e41093

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
19B

MD5
0407b455f23e3655661ba46a574cfca4

SHA1
855cb7cc8eac30458b4207614d046cb09ee3a591

SHA256
ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7

SHA512
3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
2cf4b0440f9a3979fa15136479548125

SHA1
0f68c98120bbefc43f5180f2482e57981043ca1c

SHA256
701ac0092a8067e2eab57dc5e4a567a9197e870454dd474d360355c422b1c876

SHA512
d92fe656a2d64b0c421198173fd2dad77c0de24a65b86b908e1c29fdd522e67ffc5cf0cf95dd20e30dd79ba8676a86ebf0939debb07e8f082fbc2e62f75dcea4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
318B

MD5
976c229ff58bde64e028e08ecdb518d5

SHA1
6da4b3d9c776f65cd76cac08145dd733a0b98399

SHA256
a9065113a31a540d2b28bbc4d11660f5bdc9637dda947d8d3a9858feaaeead7a

SHA512
354dccc7679f49f8ba2b53c764313c07fd30a4767027717385f3c8a20935ea45f1207548aabde07631b2f90ae06152dd621f48368fcb6346a5629b5b855b8c4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
be017a5984123ee1b85462453c33cfc8

SHA1
2b29a05e8d80a062b581346c669d962bb1367ac8

SHA256
f6feec82096ab204171fba40331d99cb6577726c3adc49c59cbfb326ba609eb8

SHA512
bfff8f676f725e12239c0e0767b5f4e71548a210bef899d87728e6f89d9e4de0bd4623ae3297c35fc3a3799e0c3b121185f67ba38d493fc3ca645e1695e2754c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
72ecd186c4a1ccc821547116e3983bc2

SHA1
1958b40062104821f19868f9c4e37f0efa7f9fcd

SHA256
0efaf2d21d3444b4bac5296c893d24c71b58921ee85675474cb3a58c308d3607

SHA512
6ef28eff4e3bb8b8537d0edd338f93a67ea6fc08a27f705a6ad7349b9d5221ad580294c587d605d420a2c23cd77acd1be4905900eee82ce889cbb9a156902872

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
9593e002fd480209acb208cc913a27ef

SHA1
9cbc8729ee9d19584cd71702230df11dc30590df

SHA256
1962e4c865a6f683098c8e689ee2edd79e39f2719782f48e65e9e34b1e1164a2

SHA512
9a2c4a5caedbb490bcbe9b7e1ee04064cc4baf6d0e25adf030bb25a157cff96ec04807e511238b6cd986f8cad2a4210958aebfcfe1e2f59ea70db79e3d96ea14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
0e6218e0f634afc4d7f1d91e1ca520e4

SHA1
a8ec4a50a8005ba450cacb4962fa66aa932a0351

SHA256
e6b7267b4bf632c381f5e5561b85984ccf194f5d0bfb1cb3443ae36bed6e241f

SHA512
5781f26780b17aed209ec684a68d00ff61e63c03ba663dc9a33e56ce06ce007b6df1e73865ddb9a0448ff5f5c33c38960e07bf9abfb2bf2ad13af483b43a90a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
20KB

MD5
7e86d5c1bf2ff36b15bfbd8fcf748b16

SHA1
59a1515ddff8caec85c4f27ffb17b69a42ec6226

SHA256
82f03e141e82546b261c1a24cd9ae3cfd4b19a7b4f343a296428deeda88cf856

SHA512
943fdf966d2ca4bfb35e01431e7bae1611e86d4bbf9c27524ba4502a9a93b8c0bb39e7760a8ee76993c4099da1ff49febe0b48468f134d4121f22a0ffb41bf2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
20KB

MD5
2a029687e73114ebcb4fad10c0114e8a

SHA1
f09cbbed46b9f8c731568bdcee13024e89bda397

SHA256
fe6e92a5b020858bbdd8089533c6f22703bc5927e22f689c384164096705b11b

SHA512
211dc45e2bb5739bcf863c44ca8132f92e895b3c95d074929aa4338698d53c6ccb3a8e2f23180260d9226073f4f5cd21a200010a7a224de7c8ac2e1cc853730d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
20KB

MD5
ef9588ca82f853399e5968af99985e74

SHA1
80d9df4f75c3e789ddf10584d9ff9de2b6154cb0

SHA256
9d550015f47a4d5d502f8a2f5b33bd9cbd136f4fea7c64754c8cc5a9651f7fe5

SHA512
a77b6b0bcea459ab4fc1e5d0983e85b86a6b0835849345f6afbfb27a5e84d8d1a38ff16e21ecf862e95d0a74e3fe97fda28bea66752b8bd64fd44c8ba680a5c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
784fd1a91a8e72dce17534367e29d765

SHA1
2cff34fd37f7b79b6258f03ce40e43719b1b111e

SHA256
1a084de3c878b6c620dd87b10c2eee061a65c8b1eb62909592f5108a41efd818

SHA512
5ceaa246287509f2eb828a0d64f81f12ffbfa40366b8a68f0314e5c53f95c20140c2513244c156808d12294a4d5b4c22c2d861f24fd9e6efcb5d8590c3ccb63f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
bf0c643cdf69893e4d4d627a995e8873

SHA1
767c49d7eac00949f98c41e0706e087370c6e41a

SHA256
c589b72a4b164a02b8be5d10fc0610293ea411309c419f1a4cf52eddedff600c

SHA512
7906bc10135586c1bfd4b2877a2b838ea5776d4b19389b42b2e24c58e1a259559b28cbe2efedc801036a809e45009335c71669dc23c3e207b1a4e2c226e0832c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0bdb6cdf1e18da37a03b46dcc729e145

SHA1
38e69245e5bbc405d45e405dfec90f3aea26a6ef

SHA256
a85a1c2d0a82100134100e7054f754285730b373467012dfc31907d7769531cc

SHA512
307c9f8e6e2000f2d51188e781ab44c8adee378efb1dc2e69a9b7aff400747be9568ecc7a43a341c54b7ec171b6704e510ce7f51a3232f58a97eef15a15999a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
bd7a0440db98595aacc05c920f65b3a8

SHA1
f3df9dedba57f1c156f613e8eb6cefcf3fecb5c0

SHA256
c91ff1fdeea3b92a8f5d6add8815a15daab8ee55765786dbeff65572aa761bd8

SHA512
0b1b6d029e236035758a426ec14d3de9720d8a953ed5fe49d27fc379b6a649d604d6022ff6853a055f45da1e6511c20fc0b6426a28c8f90a0b8e5684a9cde386

Download Submit