hxxps://www[.]youtube[.]com/watch?v=ZJZX0AzS6WA

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
04-07-2024 18:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=ZJZX0AzS6WA

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645929144262999"	chrome.exe

Suspicious behavior: EnumeratesProcesses 11 IoCs

pid	Process
2412	msedge.exe
2412	msedge.exe
1620	msedge.exe
1620	msedge.exe
1856	identity_helper.exe
1856	identity_helper.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
4388	msedge.exe
4388	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	4144	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4144	AUDIODG.EXE
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe
Token: SeShutdownPrivilege	892	chrome.exe
Token: SeCreatePagefilePrivilege	892	chrome.exe

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
1620	msedge.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe
892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1620 wrote to memory of 752	1620	msedge.exe	83
PID 1620 wrote to memory of 752	1620	msedge.exe	83
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 1616	1620	msedge.exe	84
PID 1620 wrote to memory of 2412	1620	msedge.exe	85
PID 1620 wrote to memory of 2412	1620	msedge.exe	85
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86
PID 1620 wrote to memory of 5064	1620	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=ZJZX0AzS6WA
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9aa2a46f8,0x7ff9aa2a4708,0x7ff9aa2a4718
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1996 /prefetch:2
  2⤵
  PID:1616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3356 /prefetch:8
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  PID:904
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,14934241119679260289,9558381197785585803,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:1376

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4676

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4812

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1664

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x520 0x4a0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff99b4fab58,0x7ff99b4fab68,0x7ff99b4fab78
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:2
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:8
  2⤵
  PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:1
  2⤵
  PID:2852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3932 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4608 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:8
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4712 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:8
  2⤵
  PID:2144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:8
  2⤵
  PID:3452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4844 --field-trial-handle=2000,i,6162435915799525087,3491601467995215804,131072 /prefetch:1
  2⤵
  PID:2488

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2928

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:1528

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault128b2c4bh95adh429ah8b18h4b663eb6a90b
1⤵
PID:3712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9aa2a46f8,0x7ff9aa2a4708,0x7ff9aa2a4718
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,16828918965778356922,16920576815554322123,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,16828918965778356922,16920576815554322123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,16828918965778356922,16920576815554322123,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3400

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4232

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -s LxpSvc
1⤵
PID:5724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm

Filesize
16KB

MD5
099ed4034c6e48efb1c787711a368588

SHA1
15fe76b830c56e44e105d8035bcd0e31b96e4c6c

SHA256
50e93e0faaef0889d0d9b4a75f027b93a147284732da4c934a338d4acb7a20c4

SHA512
b9eeedd578ac018dffffc1e0ec425cb9b3b80fcfa1e65b7abba0045079f539511764c9c404e25acee9485ee4f5a91a3ec66a65316eb954570ecc2b2eb23c2c64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
c745f8fa65c90d143c35b67addfc1168

SHA1
8e0865a42adc5649750cdf410ed0daa334fb58cc

SHA256
591ac903b37f7b349d761eef4fc19451034d6d664bd25c710586ce5cee8b7716

SHA512
d6f3c7ffdd31222ab1269282a247f7fe1ec21cd69b07c829d660efd6c6511f1ca9e1b38e09e8fba047c0b4b5c513fe558ac915b8ae8805e5c0995d8698eac1e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
5d469b3e49391341e45035b87be97d4e

SHA1
33ae4d9ed39b178acc9d653e53cd2ce84bc4373c

SHA256
85113213259ecdc3494f1b5e9a73131fa4b36afcb5bc993e10b0bb1d36b4caa2

SHA512
3dd59fc1e52ed596dc207d2b31abe5b471ef1663bbce4501dea193d96137e5bc15ef4966aafbc1cb0307ff6e8479ac150d81858ba8b058dfb4ddf67727010b86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
32dfa3a880bea5cfbbae4c1516ab5efe

SHA1
204024dc7175e773f499fa7275466ba90a9f952c

SHA256
7aa3d5ed7b76b08b4f8e57dec416bfed232e51f6fe699db28887d58b08a15142

SHA512
b834b3a9bfb72949115ac43c17273ac92977a49050a4a4e2c2b72e1f5f6960b407da24dea8f958d3e40b99e52dd4fc1fe919020f6337038011c64c72761a643f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
61189ee9980c58f61de167d77fd378fe

SHA1
406ca92e568317ae6a1e5e6e21e6debc207dc40d

SHA256
83dfb12576b173669f0537c66886b1c84a744d932fda7fd48b70d5832b534398

SHA512
473ecb93feea9c70bbfac75a77751b8311cef11daa6314193e14576fba4ffdb7ba63e2b53f5f2dbd4004b716a64dedde5cd5da6bebbb0815797581338cd20b05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
2a16f5d064704f6d9f727f2b8d79c7b0

SHA1
36ad2765b0dddca15281e8e28ec311759cd47f1c

SHA256
9805dc64e321405429fe31625202386ae139b42f45306914f50b30cad44671e5

SHA512
beae8f75e50897b523ce947098b891c858355c9734609a30d06af40629c03c1921b9156a417ee0593cbd751a5bc2688ab166128cfe5386b91e5810125cc8b308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
d47d10ca8e485d431e265a65175f342f

SHA1
fdb18b1a5b785dc280f091e6b67665cceadf3cd1

SHA256
69dad2a24974671f11a83788611a79197c0156f07e010ed3feaa64e62a909b79

SHA512
0fcf61a306501a7afebc4201fc9ced12784c61df1a81532c908f7d36cce0218b3ce2af4aa2e301f02b994e05503534a0ae8e4298a721ff59a42763cb06a76991

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
69e4dd566ca644829e420983e3797db1

SHA1
8cb6cfc275bb01b392c7cc349948f5f7a0ae4b5c

SHA256
30f35ce9122191fb70e0f2dce209d94a9cb7b76fd2615e305e5d00580732fecc

SHA512
53ee3112422ea3b66639e2d5f98172bb8796abee13bf7c47302e4381f0f434ff2109ef23e57163a0542d17d568cba532016dfad5c52eee988b6fcfa8ae69c1ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c001aa093f7d5377cd54f51a5aebad88

SHA1
39bb76ed479031a8a8607de3b199139c26ed419d

SHA256
b475a098deefac3aa9765e34917c8de503acc5d1b9576b107beae957c6bf9ebd

SHA512
d10c96d94e342bafa55dfbde0654fcb55be6864f0e72c64669cb2ce5cdf0f03fc002d0719ca629115f4bfe904ffaaafc50eb7cd3cd12db59da1195e955673c78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7aebd576eb3db5d7f2a33bf26d7244d7

SHA1
703a79b1f58a07048dcf0f214cdcef220b6e92aa

SHA256
fae910c9daec5a9e136871cd734a2ae1ed9104eb375da219ac0f2765ede5896d

SHA512
753c748a3b78ea11c3656f8b86ea6addf123804048d21e6e752676ca5b5f0813190868377c639773d81e1831b8efcb376cfea37dea2154f9db2796721f5c2462

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b69232cdd4fdee44aa81b46a475810d7

SHA1
63a13c60c73f46bc7b4a8ede53b869de9836818b

SHA256
25bedfd611495202df97708a21e502e54d93ed8a52e865a9ed13f81b66241c98

SHA512
82d86eea16430248f7bf846c0b8afbd093132b7339e6aaca1fbb9acc81b6b99f1bb344c8b62f98e75a8658fd0165a6b756f1f6a48b359b6351546e390ea8a97a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
6fcb16a4cb70980f5550bfb23029ef3d

SHA1
b65820e960bb63ec2b0366c516afb7b429e7e364

SHA256
c2a16d494be87fb818c8da84af1fbd96f8d19a1e2fde804c791b1de018303a44

SHA512
1e4261d392891c5f35008993cdae19886a68e9ba47fa5133eee89d6b17c43c9ced81c39ac3350190a1fdf3f52577f1769039200007d7a7001fab93fc93b4a0ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
270KB

MD5
0f373e270177b2558023a1fa0a824344

SHA1
ea304a0e37fd77be56f775e363a38a0d83c12cdc

SHA256
1d843199ebbb7b1fc10d1a4c60b103edb1bdd68ed5cca8255923c8db4e419961

SHA512
994c5502b71fc251fb65299e0f0a0e63e4909ccc67bced5bc5c37fbd9cf2a59c0fd46f5fafd780e8e6801ae6d6006c8b83c8bb176e0af3f41b57199e14308fd5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
270KB

MD5
f2bb008a9ae363d12c0583192f9f92fd

SHA1
6bff1645db34fd9e93a11d6e7801370c45f4905f

SHA256
c0e3851022285c1220cf1ce335ea679c2dfa139e44be632ac89244955060d948

SHA512
36d7bb1ed38e0e627d299a1e0ac0cb5b67f5cf20d56a811ce4b0de0b81bf816d23ec9072134045ff08fe953be7d9d1c5cac98f2c92f223f10b457965ae705965

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f61fa5143fe872d1d8f1e9f8dc6544f9

SHA1
df44bab94d7388fb38c63085ec4db80cfc5eb009

SHA256
284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64

SHA512
971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
87f7abeb82600e1e640b843ad50fe0a1

SHA1
045bbada3f23fc59941bf7d0210fb160cb78ae87

SHA256
b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262

SHA512
ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
caa79d90cbe8728c3de2967d178584d8

SHA1
9683caeafb85ddea7536dfcc9240929f0638b7f2

SHA256
9cd611660cd46b4fed84b16505324b5e7f5a2bd5b5f1db092b1e29c018a03d37

SHA512
60321eacf30124bc3b8bef185212fa6c63d6b08fe4fdfffe297e56023cb47e83d06ffc058ec88803fa479adf2d162f9fb4c7341a1e4e2e090e658c89d2cbc8da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1795831d-494b-4adf-8bf6-5a219b8e58a6.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
227KB

MD5
e09df5a23acd241007ec35851474a7f9

SHA1
9802085247211e3c82c5e6fefc003e7c1f21227d

SHA256
846921a45a6d2203548059f9b22a5a5513105e43098da955bf402e681020bf56

SHA512
765b7cfa03aa7d750a18ad63c072c069329f4a7f7a594051c01700934497533ad07dc503c8b3892d5ac97f14b8b85a6f4868c7e5a1a4d2e40a7ae4f7514d1009

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
32KB

MD5
af5bf693b92c0d2c8441b3a6640c4ad8

SHA1
12ed4ac73239e542ab8d7fa191dddc779808e202

SHA256
b9f2c3f2ec75955d96309f759eaf9fb6bf576c238377491dbb92de1768a26012

SHA512
c2ef099832fc5e8f1e67acbd550b0590c0fb5c291761280a2e74e6a97763906b9c0c1a2295f285462ba3a0ed7cd5658f296e5f0f9c5d11a97ba210f352f8a438

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
32KB

MD5
cd3756106418d9e83a2baff9904ba221

SHA1
4c2ed1c1ebe119027db0fbaf7a64b408f1779b4a

SHA256
57ec0895e1bcaf08c769e2d6872f3f3657972f87fac081063445213dae4541ee

SHA512
5bf43ccaaf99505f7e8ecf2eda18efe260125accbc12f655601e2acabd822513e153f4b81cbf03a65d13572f11e9f13fd471006a0ce8f2665e8a594ff2d769dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
17d8ce1da71e7f2e71bb463c9791e11b

SHA1
194ea118b6f05af1b18338c6004f77a221ad2729

SHA256
c919f428a0790f94e8ec996eca5bd3f50f693f50c5f6baa26b282b370938d547

SHA512
ea490023c1c82d31c93b4f3572c73d0acbb248ef65475ec822597dd95e9efc362b1ff3275881827fc4e4938399d776b4964b9ad8484eb20196a808ea3bd379d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
20KB

MD5
62eb24bb313f51618a427efce4b76b81

SHA1
b724338eaf23b903a478522ce7cf091557e3a716

SHA256
91c1526fdc3997c1c9166cd2734dfa88849ad15274c232b187ec61b7370a76da

SHA512
d4600ebc1f85d3974fc30b246ba31e046dc1ceef5cfed8e6d7c5935af977848db0fecefe05c1eaa712d09143711eb9520aada0c2188f3d7deacc63d7f75561c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
8aeb49af3a3df8add0f5768fa3f0713a

SHA1
04d7a510d3f947f5b036c8cdb679d79ef6445534

SHA256
ea0b90e347ead398e2613ce332e7b330600a49fa6714892cccc8455de2799b1d

SHA512
b6c6ce7597b1351e753fae9244cecec444a946864c84a43183d5ab351c76b28053d9bd040559ab5ef2f5e2da21d6b55ec1f956a4606f59a579774876552d51e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
1KB

MD5
f160f4411c40da583f70b113b722fe79

SHA1
5c20694d94589837ce32b6ada71c9e990af0ee2d

SHA256
9565ef6de02074f69f098690afc79ea518072b123908cd127b1d7e937fff73f1

SHA512
a4dbc785a5a892cc640f8d08046fb16d7343ae0f5224bdb6bde49a0c86146d4cded3c1b435361b7d32fd28e432c82c1e95e5010bf16dd74f555b0550f5f71f48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
334B

MD5
440f917543872547b7eb9697aa383f01

SHA1
bb8025247bf6235ca3684658584a6666a000fe6d

SHA256
f9ff51bff11e976ba90fd9df30ad0a6b7c7402e761d24105718dc36b4c62b125

SHA512
6885eee853dbbfe3c990b6d96e7b6b640dff9a00543b6f5b39f01af74f4ff7cd37b6c12ee385da0ec5ccff6dc606ed7aa8db8f8b918e5a236b1be24b91458a66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
f3a9c196fe63dc341db24bc9e700be5f

SHA1
b0be154e0b330579c3740103526172eafbdf5db8

SHA256
6ea4875a0e1079da16827f03d2947d492318b73b887fd13747f06b1298b3ab24

SHA512
a67520685d286b131f14e5981468b698cc98223a040f97df2ce415bc67e0eb8a17091ff2d17fbcb585b77de9d4b1b5625588f63b48299dc74e6052ff3a54bf77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
36ce8989fc6c58894a1876e1d575c4fb

SHA1
0ad17bc4af38c9104d5c5e307ae3acd9558f9b75

SHA256
8a9f15c8d9e6d49cd25411df2224e4135890885218aa73a93fa7b17978df62bf

SHA512
4e1adb321ec8e740ab8c3d19f281806cf054586b86c7e5627681a4bad1875ff56a2af5119509fb0db96cd19d1363d82fe1da93f2f9f5d80eb1fba0f243660d00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
07fb08313de83d925aa2cc9aa2a8a1b6

SHA1
ab3db271e1bf1ea8358d86ff51504be05f351e39

SHA256
abe25a6ecf7e5c2741a194401fb9d8ad71604376d81aa461fb65e37b3b2f604c

SHA512
6f96e454893fbbce239b1faae062071395a71a8cc2eed7b2294538ff854826043f781cf353c684b0b2ac06fd36bd6ef9b7580c3564cccc34b07120be25b3c388

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b5e9ec8ec4aac0eb4c96ecaec2ddd343

SHA1
3a1d91b87a7d8c565050aff3e7965f34b85cb73a

SHA256
4acc333d830864a37d065d6300a5856dad022505fdc48ae45ea879a53c079f2d

SHA512
4816760e93c140bcf9847400ad5fbdd1d4b439c42d992a17382bec034835cf054c7ee22834d402f0ab58b3fa682b258f24b24c93e6527b45807f3cd8d246fc40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2c0fec2219acd94a18e563aca53281ad

SHA1
0d7c1fb3223685787fa3332af2405057132faf1c

SHA256
79ade6312e1474042215c8ef1a8d6bfea60f776c43b9633c295e703be14ee783

SHA512
47ddfd84bd42ebeb6f7e4dffc232869ff633e8eaa7f5ca705817c97dafcdc46604c564f9ff2f40873f21c9c4d1e2f7963c3ddbf34267710edc015416f3d363d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\091eb8f5-369e-4c3c-a880-1d0ebe921439\index-dir\the-real-index

Filesize
2KB

MD5
6fdee97e92d8d8011d34a9a0c158a4ac

SHA1
1df6623d72557824b1a7f75d60f4a10f65f42f3f

SHA256
8644da0b9745daa39c6aeae864f1109923a4c1ad3b61914577485290d3a2df77

SHA512
40adf22a4de8dcd5cb974ddf4304450d61c7c3ffc3bd89e2537624d180f0d539f656356b848ff129b9c5b2fcac38ffff6f3ca4512a146c186ac8fdaae36dcfd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\091eb8f5-369e-4c3c-a880-1d0ebe921439\index-dir\the-real-index

Filesize
2KB

MD5
001670bedb0f3674ef31a16b940d09df

SHA1
78bf7ef310a6a5f239b9f9ab6485e09dfd98355f

SHA256
924ebc008de7756805191554e88513e88e1f40a0edcb00c3bd1ef17b91fae484

SHA512
7fc34ebcdb9f46b8941dbda501069808a2d5f8fe9d1733b820847980c5c1eb99361ac6869345ab5cef73eb6516b1c9aa999225d948daac1a7c2571cc358ad7d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\091eb8f5-369e-4c3c-a880-1d0ebe921439\index-dir\the-real-index~RFe576e69.TMP

Filesize
48B

MD5
4e96db883207c1210e218720451a92c3

SHA1
ba6b812bfe020c5aa2309f08511503af93ee0e11

SHA256
d93c4438d20672973d2db38f441e9d70ab9c40a4817dca90168306bc28ce77d8

SHA512
faa30754d9d4b3f496406c3e339d3dd7126439f6757e88a2346607750b29590777e7b4c19e8bed3d466f1365b09e7d8dba2629542f1f109fc4f518940fd944b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\64802d20-0545-4eff-9000-b43becc4d54d\index-dir\the-real-index

Filesize
624B

MD5
997e354a9f3d5eb0a18b62f3cd3f6787

SHA1
30332e694dfe3e17e82e3c5432683f4502e40991

SHA256
34079297f2febdc841f1b930012e59393ce5863b12f2fa1335356daaea8c7768

SHA512
00dfaff4dc7a581b117f4d83f1082206a8d48924f300daac13aff4a77f7370643b9e1346ac8cf4f5f160d21421e1ab39271ebccf1f4684a4d5030606d0ac8e5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\64802d20-0545-4eff-9000-b43becc4d54d\index-dir\the-real-index~RFe578983.TMP

Filesize
48B

MD5
5d76a0ac38d57be6d7faa4f04e42d419

SHA1
6e6946359652239f4c76e105534b030333799423

SHA256
bf0af715438bc08c930a853001b3e9b9d8acceda49ce7e66c2f3c3c06a68857d

SHA512
fd68f61ab39d0dfc4547b530ff89a8ce546b3ea75130e33c0c361529a9a6c1a149ebca7395d7d6451cd4f41f065a87fc223747d213ce1ca6251ee6bfa3f9bde2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a2d67108-ad14-4077-8ecd-802675e10054\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
78f6ee4ec0cdd08c19e13d6ef0c8450f

SHA1
b1d8db120089511bec7b1b76c429215e7a734ff2

SHA256
7a2faf21ce217d6e2e2717d2518de66adaca47e6bad15cd26347db8e4cb594aa

SHA512
9f9599c3988d097172601c12a06bc52493b89ee00f028b3c73ba94825717d570c2710968bd6c9d1e966332a7915d8df20c287e45ea4c9a1e0e19d707630adc9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
148B

MD5
5934cac983072c13f49b01dd3103572a

SHA1
d667ef15e3c6e5d7f32235215557269b7186aeae

SHA256
1c321ae03daf32b4dcc3fe8ac4c13045a85396ceac0989f53882f23432907c91

SHA512
513f4844f8fb4ec45bbf0bdd2987ecc20e4e9e56843b8218cf74130d5181c9e9f006d823d76836b2f78bea8d79218d8743d7eab89f941c55774ce69b29840379

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
157B

MD5
d223f2dc19b348abba8d38442921a850

SHA1
5bba387d1f3197f71f4c0268de07af8298b489d7

SHA256
feddae80be4142225c872412878addfd8f851102912ca446bae4598adda1ad43

SHA512
66277c3ad4be1d97bf4b090f070003973f945a91261c40a049f3cddf983bb7f86848cae33e69b674f978dfdb49f39232873198426dc7a96660a0d8a48b1e02b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
e759396de422c5f3b80e34a3293ab865

SHA1
32ef2009002f75d4d4f03ff933ca22847a3d071d

SHA256
afbb8b250e4af082337944836a412567cf91c7ca5885ae612c125564d078d943

SHA512
425fe925e89e8d79ceb773cb773193408c8e08ea0b5ab05ffff74d2aa47e8f5e2377843793dd7db8ec6299dc4135b1d06e05473c6642830316bfc2df0de393df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
f7fdf7481fbf09789d409afc3a4ba353

SHA1
7941952faf3d6310d30b7d916d9fa51ccf7145fd

SHA256
323a7f0343afbd7a82bdeeef68cd566559212bae905d7895f873d1c3588554dd

SHA512
368d81a8014c099464682c6a4dacf946ee6e3b64d6ca49f63d2d51d3fe5fb1b5b16172e10413eb337dd42194acdc20608d8f6295bb180b393ec1bf0e8b76c0bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
03386ec9aa638bb94bc9e9fe0927a7f3

SHA1
da5dc6052a0c9a5ad662d7ec1572a10b10bedcfc

SHA256
921d0882c3edb9e99ab1ef80fbb0bb5907230c254203c3683514905ad881e107

SHA512
594cdced30ffc588eccc79113027449f739c51620e5c10f5442e64085b403c6384f2c5256dd7c5a9c76b04a0904b01d1b031f5a1c3bf31d62c278b539c404204

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5750c0.TMP

Filesize
89B

MD5
c26d21f224d31c119f64b7b81da219d2

SHA1
f96b3b40b6791fb8a7b5e943d151d5c6add67261

SHA256
fd55e2b85083b22add1a76032bae40802e575c55b962a5545c6e29fdb5ffe6ae

SHA512
1ad3e8bafdf74c65f04dc950e04b559cf44314c95e12b83a2632e832e78349b438b5bd41332eea537a9261e1dfe4e4e4d11cbf116bc4393a33254a9833823feb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

Filesize
2KB

MD5
8db9623d74560a14c0c7e1cf44f5b6c3

SHA1
f73e57628350bb4c7ac82c5abf3994547361997e

SHA256
0497dd123513884cd217da654419fbb1a22598328e840dc83d2aa3887ed960af

SHA512
4b48d3a315cda568ee7cb3b880b4d962a14dfbce04072879f12ef01f06eccffd95d2c18be1a5c128d9be05eb9ea77263ad69835a98b70dd1f7a0ff7c857fbfd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
295B

MD5
59f1031da3aff0abeee1de41522cb799

SHA1
c486633724a1f0fedf9fbd7e7c381f59c36ba1dc

SHA256
6d3e4c0ee61f57a96321bf7c006dc0effd3673e0352ec3c4ea0e032f584abdcb

SHA512
5f21f2cd916ddfb3c25679005878d537a67a6e4a4bce04689fda77a8810fe1e6a8fef8c824b7d7542125a33455b99b1c244429e97f672949fede020a51cdbe3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
5a35e6050b296bc0cb635b89d11d58e8

SHA1
4570fc4a0ae0f4273aecfc1fded7a304c21b5289

SHA256
6b391cf93559f3ebfbf18a2e3c30a07f85196c5809e0304c0e7470e583821020

SHA512
43cc3e26c2bb90ba76c527215afb1435f566a564535af5afaa972157437548e6f1cb91d76386ac7d23109bc732d38b27dba53f223b08d7cca4ddf9ce682585d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578973.TMP

Filesize
48B

MD5
0da046b3e64e45318f6e1061e16f7c1d

SHA1
1e3718316faedd5442c3578e08a02d92b66ee2ca

SHA256
ed080f6bd5782a98bc17d95003a0e3422ffa5d0a1343c560c99b51fce2de3a99

SHA512
84f755069c0e74d397a7d8ad948ff531603b5e5b8b65a6d847f213977ae2663e34bc42a0bf39b535e261bd4c4d51f52fa0ad50f397f77e605b863b9a7ccf8049

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
100B

MD5
a19f8c9459102d721283ad934ebad03a

SHA1
45ce395364baf550e77dfd8ca86d161d3aca4110

SHA256
4505980141baa028ecbb621b444ffaa9dc889449296784159e8db562d78d407f

SHA512
fa5d65d94207e854b34f0f986381a231da0a9426a7ba76cc68b4853690b003032663097cdb6a789983708ab4fe97641cc656555dfed241637d9272200c0965df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
d3d14c146e39666e7a9008c0fff9c655

SHA1
59a96f236aa2191ad0056eae20601da81954de0b

SHA256
6b2cab076442fbc83c0280e2b656d7c6517f56fa81c78892b02fd58c253d2393

SHA512
22cb14d1431fd61727965ea96fdabf856190446ab8a7d58caf389e219051862b54f81f51bb8db96fc5eac2a851afa5d4cd7cebb63e5390ac7a270073710c9aba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
779b919a27af1819162d362622e329f4

SHA1
5bab49c00c0b3f7b9b99f0d03d18df0a84f5be17

SHA256
19f93dde6a5d363abbc561321edeeeea6b14dad6ec308560d832681ebd51a8f4

SHA512
17ea93a7ab7000b418f01583d04b181b3c9448bf448f601606f84435bc72e1c8ac5a074f89ed96c6738794ded27cc90ad64a8052b2d09fe093a3c4ec1082e2b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
7bc8a00d73fd99b244e5f4822fd201fe

SHA1
9a7c52f7050093b5d47c7bb50de2439745403f4b

SHA256
74b06463b19c05bf828e2cdbc78b283d0cc1e002e06f6a9c6763a610bea63611

SHA512
219b0345aaf5af1899330fd682d6aa6cd7e410d3781917f4c81bc683dae0cb010ade6cbd1d4c5437424a07fc539f273ea60ee2adccc8cd45639ea7f50e8b7120

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5789d1.TMP

Filesize
706B

MD5
740af2d2988b40184cff5a8dbe767e59

SHA1
caf09531a9a81148197f3b4afac7b95edff0bfc5

SHA256
5e8ab10dcff290c22c1bb884e7cd7d2adc8aac2f2539607a24abbbf3dc220cbb

SHA512
89cdc3f88c4afcca6103ebaccd8671a3bca529c5380eb0eb7e5b571dafb190cd84ebc4521a37e9cdaad9b4cf243ee4211b08003a2a499470e4041cc3dc3763ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
cddbea9fed346927bdf4de335725e40b

SHA1
981f959d6a911b65729c6c9e04500386857f5445

SHA256
9191ef627bcee9ae7230c0849228ae79583c87a9c46559d98eaab98dd904e606

SHA512
08790580954338625aa4a81a8e274a2917103b87a918d5e30aebb0b3303ee9b141ab9b965b0b7925490b0480b0d5a82e5ebfed4c7620b41e54a4007ba2f9fca5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
93d24877f80ab6714c425adadb38699c

SHA1
c830102033016be5c102bb487001d0b1269d3259

SHA256
66eb6049e3a45142929840eb5ff6e7b37f5013ad3d779298a3c28babf029fbfb

SHA512
f06d41cb1564aa33db09d3c8c40e9a95adcce7b758ee93cdbd70c4217f0cd98061c9ff4c7b87028cd86df64c9e28a403819628c715f55351a28274eed182e67e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
08384cf617e453b131bfdbb58ed35c05

SHA1
48ef3965b22b3308fecd8b2f68bf684a4ec90586

SHA256
62317108ed712e6bc639e3946a5896be22f6263b96ed0a2780ffe59642c400f5

SHA512
db98cf266ce3e6cb0be10145981d50a864fdd6397bb0c4487ccbcb57e108aa5faac1910bfe478dd51cb481f9d85bc82dfbd24afec45e42fe98d37793eb55ce0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
61eb9f18c27506d3b2cfb0b8b7db939b

SHA1
ffd555e94b0fac14593beee95863bfcd3e6d534c

SHA256
6b746084e469e1e6d62cbb8eedb97682d1f0c8d5a0b17d9f61086d4d12f47ff2

SHA512
02056b55a3db92aad7c9259beeb9489f3e82b36c9bab9086d4fdc7bfbfddd3660a0a33c03c5db40f761a011319e6eea04a8266d882283dde77599daa58dff237

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
17KB

MD5
913728da90cf90d8e78af59c60b47c3d

SHA1
f42f2a545d4fcaf4f76d0f060f52e33a47df7f1e

SHA256
b0b478f9aa6aaf8d5811e296047ae1f8ee07f4c4998fe9d7b960755ea1fafb82

SHA512
3af86e053dd56aef03e6f967a49b1a0d492616a71e2e49090e0c8e5cbe58ff37ccc55e91f06bf34096059a49f3de84b0bca587f3f17c366f97c0f7a0fd17c974

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
17KB

MD5
6bc4851424575eaf03ebe2efee6073ab

SHA1
2d014fe2feb929d03a46322645a94556ca5c9e96

SHA256
abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e

SHA512
af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
17KB

MD5
fc97b88a7ce0b008366cd0260b0321dc

SHA1
4eae02aecb04fa15f0bb62036151fa016e64f7a9

SHA256
6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e

SHA512
889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

Filesize
16KB

MD5
a33b3a3fdf5161be5bd861804961f557

SHA1
68a57897f1686a3e62ce9808165e18f31661d077

SHA256
ac33d8bc6d9a5e769472877d7dd3d035f8088274b886b16cb1898b106da48560

SHA512
c94c29a5a9da89044504fe06702f00a7fdd5bc7b85e1733c0cc9a363a812c8d8f95672ea7731643229fa4ae2f1a632c73096d90b63799f5bae7639b41151ccb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

Filesize
18KB

MD5
8951c3500755262a4ec181c5b25c86b8

SHA1
48e1e5d6cc17bad46f2fa770d620c5074f82c6f0

SHA256
93b9a2345f96229ffdefec524ead46a8dc5442cea95c996806cd25845919ab47

SHA512
6e8d6235eeb73039fa3bd59da89efb41c33e651fb8a2ae6d49857b810267ff46acd54c2f7f150cb1f9b47c2ea1e904e3db94fdaae15e44b3806c4fe496363902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000006

Filesize
21KB

MD5
f368ad6f7fb38c5f6b872d9f0426464d

SHA1
52e3b460e4029837293b9a542d4bc24121efa673

SHA256
a52b5ae6a5a8c4e00aee9a5a927787cd75c79324edd5999587e950c2cc0cdb45

SHA512
26d2f48d704b26862123d5b11c5be05b23789b871a6c58d37844781fb58386736b50b27d55a34f3cadaa1820ea682dfe5c95910c3c9338022da4c2322ce23c05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000007

Filesize
16KB

MD5
f55234db88c6538e3f4ad45c114435f1

SHA1
c4dba9a32f50f2d9a27ce81a1d62f7587751e6b6

SHA256
bf139ca7efd187c36f3ec33691f427205a63ca2707af18bc25430637928d713a

SHA512
8a621fa5044977bce987b8259dc850faf83f4e82f4df1a7a689dbbb0b9b065676842f7ac462b77f66c3ef892c3272960bf5de4c0dd4f02e85430b368867feda3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
44d35a8a7c6a5257db71ee71b4b74948

SHA1
53c42bb10692505d641743f83e37ecd48ba65657

SHA256
90a144370936108140564e810063c6b04e3e706fa772aea7783ac67bba18fc02

SHA512
4332154b5a6a37201c8611ca1ecb6374c9c48bf58f3db61fd2569a2f013de311123229234af9dfb8821872a0714d91ddc29f88a25cd9fd5d2828800216c269ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
40e8f0f7c8754c20b5344241a7b35526

SHA1
176bea8a99e6ce46425f92714f80932a372242b0

SHA256
1180e1f113632593aa31f63afbfa8535f99f186af8025e40832360e3a72b7f70

SHA512
3e1149f1f2c1e753b6b075644e836e158fb80c59175554c188989a49c5ee66169bbf5db314821037bdfad0581be64138c10934704b0eb615d3feb98ea91d8e4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

Filesize
4B

MD5
6a49a1340c9a2bcd58777c0afec59f71

SHA1
233b92303fffa9d030a6c74c253e424168784961

SHA256
fc47fe77fded5464847f78f20110b28b09bc83640b9847b686864494566b843a

SHA512
a12883cead2ca253002efa93365e4049832525fef05bda5536d681afb0070f7ec671535a660b493467fab9680aa5abe3c0f34c18c4a0c316bedfdbe6c7b20517

Download Submit
memory/1528-934-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-930-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-940-0x0000021C3F4E0000-0x0000021C3F4E1000-memory.dmp

Filesize
4KB

Download
memory/1528-938-0x0000021C3F4D0000-0x0000021C3F4D1000-memory.dmp

Filesize
4KB

Download
memory/1528-937-0x0000021C3F4E0000-0x0000021C3F4E1000-memory.dmp

Filesize
4KB

Download
memory/1528-936-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-935-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-962-0x0000021C3F730000-0x0000021C3F731000-memory.dmp

Filesize
4KB

Download
memory/1528-933-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-932-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-931-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-943-0x0000021C3F4D0000-0x0000021C3F4D1000-memory.dmp

Filesize
4KB

Download
memory/1528-929-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-928-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-927-0x0000021C3F8C0000-0x0000021C3F8C1000-memory.dmp

Filesize
4KB

Download
memory/1528-926-0x0000021C3F890000-0x0000021C3F891000-memory.dmp

Filesize
4KB

Download
memory/1528-894-0x0000021C371A0000-0x0000021C371B0000-memory.dmp

Filesize
64KB

Download
memory/1528-910-0x0000021C372A0000-0x0000021C372B0000-memory.dmp

Filesize
64KB

Download
memory/1528-946-0x0000021C3F410000-0x0000021C3F411000-memory.dmp

Filesize
4KB

Download
memory/1528-958-0x0000021C3F610000-0x0000021C3F611000-memory.dmp

Filesize
4KB

Download
memory/1528-960-0x0000021C3F620000-0x0000021C3F621000-memory.dmp

Filesize
4KB

Download
memory/1528-961-0x0000021C3F620000-0x0000021C3F621000-memory.dmp

Filesize
4KB

Download