hxxp://mycapital[.]ge

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
05/07/2024, 13:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://mycapital.ge

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3544	msedge.exe
3544	msedge.exe
4144	msedge.exe
4144	msedge.exe
2740	identity_helper.exe
2740	identity_helper.exe
1356	msedge.exe
1356	msedge.exe
1356	msedge.exe
1356	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe
4144	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4144 wrote to memory of 3568	4144	msedge.exe	82
PID 4144 wrote to memory of 3568	4144	msedge.exe	82
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 1468	4144	msedge.exe	83
PID 4144 wrote to memory of 3544	4144	msedge.exe	84
PID 4144 wrote to memory of 3544	4144	msedge.exe	84
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85
PID 4144 wrote to memory of 3916	4144	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://mycapital.ge
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8db8c46f8,0x7ff8db8c4708,0x7ff8db8c4718
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:3916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:2880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:3184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,10648132087208861475,13629931345028064049,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1356

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4428

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4076

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\09c046d7-114d-4dbe-825a-1e15f84bccbe.tmp

Filesize
11KB

MD5
408e4c67d26be23fb462d04c9ba257fd

SHA1
5c0fb08c505d759455d5c07413c8087ee87171b6

SHA256
3d69a0b266ee3ccbb6a6116353d8d0d734964c40530586f58ec6196e85378933

SHA512
e631c20790648f9d95f1befaaaab4b0536a4d2055eb4a08275b6aebd92813c027d34ce42280c9d87eff4b14125b9805b5a8d20bcccd6c4ca6c20a52a8c5c70eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
210676dde5c0bd984dc057e2333e1075

SHA1
2d2f8c14ee48a2580f852db7ac605f81b5b1399a

SHA256
2a89d71b4ddd34734b16d91ebd8ea68b760f321baccdd4963f91b8d3507a3fb5

SHA512
aeb81804cac5b17a5d1e55327f62df7645e9bbbfa8cad1401e7382628341a939b7aedc749b2412c06174a9e3fcdd5248d6df9b5d3f56c53232d17e59277ab017

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f4e6521c03f1bc16d91d99c059cc5424

SHA1
043665051c486192a6eefe6d0632cf34ae8e89ad

SHA256
7759c346539367b2f80e78abca170f09731caa169e3462f11eda84c3f1ca63d1

SHA512
0bb4f628da6d715910161439685052409be54435e192cb4105191472bb14a33724592df24686d1655e9ba9572bd3dff8f46e211c0310e16bfe2ac949c49fbc5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
312B

MD5
e1625fe193f65ccbd90a11776edb5c2d

SHA1
b13d5854d3d65e6739838654f7c835e6617d0700

SHA256
b35b3ef54c2ece2c30dde172b80a9a459b9cef4478cc9966b832a585c4731408

SHA512
83da30bec00b2dc15c05d713364c1956b1573223957b9190a44e2bd3d2bf10d98b981b97b98f1439f3d845b1cf640a64ff9937d768378f02ab5c1274c6275402

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
cc0503a295de6b4eb8ac81ee9d595d48

SHA1
3ffceb87d6dbb0a67804991678ff8329d438e62b

SHA256
fe06d9cfc8a469ef4d04bd2769695fa003936b9fa2791874cae37732cf865659

SHA512
0813d40301f2e7750532308ce627408be15414ac32409913c4f26b73386d0dacd57e9bb04d3e2570be0bcc72eb1ca828f000833bfd3ba8b164e2dc57eb5aa1ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7d55b83255de302e81e1d1fd215e8f95

SHA1
c6fc401e2e75235dc8836d514cf9730159abc5da

SHA256
8558dd546035f878da510a5b50793bc1bcd30e7c76ccae2088bd81e79495374d

SHA512
cedef3ac1e5ed06059ca848c2af45f8981059234fc0c8e46e7107986cac236b0b0907ce6928b2c0eeee822ae7c8c3e805a4a31433e160b854350c55f31baf256

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ecf84b433d748693d05ca3bebee49892

SHA1
2db91653b110bbc1cd539cb98315102e7c192d64

SHA256
03d342eb252d647871ae6a047bc58174cc09a2f35eaa309ea75825c0a000e026

SHA512
f2e267d7649abc202ce3b97ed083e511597a6ecd3b5c15195055ea68f80b027b0a8007e31ad435eb7a6816bdfaf2a576bf3ed45ca729c1f1347d9e214d5607b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\643b8ee8a9391d09b8fac5af2a7b9559b705f684\index.txt

Filesize
94B

MD5
edbf613226672db4aa94c3c87627621c

SHA1
eed39b800ab80c7d77df8dfbd315014113177176

SHA256
267a1473c061819462052f231460dc6176cb1712f640378ce0a9354cf981df6e

SHA512
3172e08e0cc89a9352c61a9830fe2a34473ca375eb4722a57b8181fe904eca1f7cf55b16f07a7dd57346d454f311d3cc96d3fdedc90aadb9cf7293ee461177c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\643b8ee8a9391d09b8fac5af2a7b9559b705f684\index.txt.tmp

Filesize
87B

MD5
84e57c09061760e895f17e5e5da5991c

SHA1
45269c952655fd68635dbe789c19006b283928ac

SHA256
dd1d21f5fe96667d0d4d565842a4bd5297eb3076aeef6705c4bfd3a7df2760cd

SHA512
be6da80ec5c44fc48656092d378b5b39ff45903475ac090fde3e1dd225f78ea1752a55c4e65ca334fa5ef2278756ca23388a7ff6450a93ce1f3e5d6a753a9b34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
a5190366bb2c79ec04286e0f0df69cee

SHA1
2e374284fe67a6fa14c1d8dbe5a3ebf6899ed355

SHA256
a087becd44e5903aafae59191d51b4e8a4463f3aba9bf77ed1b8a9d805098dda

SHA512
0f1a92b72ccf13d532b9367fe460c8335754495993b22c425bf410a7fda482b1a4d19d5e9e5e9ff6b4d1515fbda41913ecdd63f7ded157198f600f3bbcf358d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581160.TMP

Filesize
48B

MD5
ed05cc4dc2aaaa4c4cdf11e709c2b017

SHA1
4ed063303524af7886e0604df696beca159ac701

SHA256
a5efe759d040a57d14caa590ac26981fd908e234cdcd5caee03879b1d3f84fda

SHA512
862f9de6a1212758cd3e1645eb747119914b59c36b9121995154e9bd3d2652af16a76c099ca8793195cbf14cc9e3447f2cec05a65ac49e9ef82becb02ca33cf8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d7c2703a689d0f6c5e7641be0dfd11f6

SHA1
1ce256ddb91fc5f7b6f16940dd2175bf0f3e9c8c

SHA256
30d89b21fe800991fd9840a5a0e3c7c6e34cb515d3cde5d52c66c2a41c039427

SHA512
376b768a9034b78bf8f5cb3bb22176f55359b440dbd269303e473f57f3e51ae6e8ca390649f211cd3e00b3974ef1fbdfba31ebc202399ca15beea530103587ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582b9f.TMP

Filesize
1KB

MD5
0b9dbcd6774344c4bfebf2921759626e

SHA1
dcb7bd75bf818015c58e9b4d65c3ac7f369dd26b

SHA256
6ea84c8dd0e512664f2b22012d4808b51c76c487a1efff6cc970d94ab3f1e92c

SHA512
de24c8dfcfb3f1079b7992107eab6c5ac426500260bd96ca9a1606d024862755958ad6eb1349c2d4117b57ada48331e5787a5afc0ebf698cf31bcb358d185c26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit