hxxps://github[.]com

max time kernel
2700s
max time network
2616s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
08-07-2024 07:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
82	camo.githubusercontent.com

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133648967065271133"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2547232018-1419253926-3356748848-1000\{0A9CC933-0673-4A94-B16A-FCD69352B36B}	chrome.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

pid	Process
2964	msedge.exe
2964	msedge.exe
2036	msedge.exe
2036	msedge.exe
396	identity_helper.exe
396	identity_helper.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
3492	msedge.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4356	chrome.exe
4356	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: 33	2896	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2896	AUDIODG.EXE
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe
Token: SeShutdownPrivilege	4360	chrome.exe
Token: SeCreatePagefilePrivilege	4360	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
2036	msedge.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe
4360	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2036 wrote to memory of 5364	2036	msedge.exe	82
PID 2036 wrote to memory of 5364	2036	msedge.exe	82
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 968	2036	msedge.exe	83
PID 2036 wrote to memory of 2964	2036	msedge.exe	84
PID 2036 wrote to memory of 2964	2036	msedge.exe	84
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85
PID 2036 wrote to memory of 3848	2036	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2d8746f8,0x7fff2d874708,0x7fff2d874718
  2⤵
  PID:5364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:2480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:5824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4852 /prefetch:8
  2⤵
  PID:5508
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 /prefetch:8
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:5952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
  2⤵
  PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:1272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
  2⤵
  PID:976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4020 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,10465765641434332447,16614728207267345970,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
  2⤵
  PID:5920

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5804

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5752

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff4068ab58,0x7fff4068ab68,0x7fff4068ab78
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1760 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:2
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2328 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:4036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4532 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4660 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3224 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4936 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:2540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4924 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4204 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5800 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:5880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5824 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5448 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:8
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1976,i,11809632022524714174,11039876307360352662,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4356

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2220

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x4e8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2896

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
808KB

MD5
c0637a08f2ba40c56260782d2bb3ace4

SHA1
a2bf4298414a764ff1342b3f48f45b4dc1669a96

SHA256
d6ab12688ec8cfe7f9235b18c7d7a4730d86278ba1efae0d715c0d054465781e

SHA512
736d1ac8987102028baef59d43ceb2fde71b3aab2f8f2d8d306846a457e2ac224908968ff7bfe34bb05beb7998223d393244cf5da84f9d64f8b71c9f0b2ca6e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
32KB

MD5
af5bf693b92c0d2c8441b3a6640c4ad8

SHA1
12ed4ac73239e542ab8d7fa191dddc779808e202

SHA256
b9f2c3f2ec75955d96309f759eaf9fb6bf576c238377491dbb92de1768a26012

SHA512
c2ef099832fc5e8f1e67acbd550b0590c0fb5c291761280a2e74e6a97763906b9c0c1a2295f285462ba3a0ed7cd5658f296e5f0f9c5d11a97ba210f352f8a438

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
32KB

MD5
cd3756106418d9e83a2baff9904ba221

SHA1
4c2ed1c1ebe119027db0fbaf7a64b408f1779b4a

SHA256
57ec0895e1bcaf08c769e2d6872f3f3657972f87fac081063445213dae4541ee

SHA512
5bf43ccaaf99505f7e8ecf2eda18efe260125accbc12f655601e2acabd822513e153f4b81cbf03a65d13572f11e9f13fd471006a0ce8f2665e8a594ff2d769dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
55ea3cfad0cdf1c10982ebc9d09c22e1

SHA1
deb22e590ee27462158ee07a5ce424bb47f60f0f

SHA256
56b53c5cd12e28d3a4ac554bbb9b570bd6efd22c6045fcacf9aec4b3c4326a95

SHA512
4c52c3fb516aca1d016fc349f586ca8f7c61c5abcded7fe0e775fa54309906c087479a1abd3783f9af5c010687019e390b52836c0edfec499f451a632cccda22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
838941dd612df8117defa8bf0b11c29c

SHA1
034d797c1fb34cdeeda03679c17af757f3422773

SHA256
aa4c54f15115e437aba8593d63ae0e1e922e238c3a6d7b4e198f4c178a983d98

SHA512
a7e9e373c565909224265a3aa6ba7bbaba9e6e211afa4d510315d7f0d1527490520ee762003dbddb4a61d1b614ba9eea166fbb4391ef182c6dcaab3281e04496

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a5dd9a52a49368bad2d0d7b3cd408aac

SHA1
1eb16695b5337fd19eba3baee20ffbc26f8d4078

SHA256
ffcec5090c2526c5974809e5915d882e316088bbc8b2a780aa331d45f3b7c720

SHA512
0a67ae36b87b6acbb5a55a4abda1a67466d63d19afa84066d0da5b5940588a0a1422d76986e8001129849f70f5d4675ee59940a3895cbc0a8a742198954fd433

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
adda57cf38f3ea2a4893e4865457e5f5

SHA1
26817c24f1f9862e22968add558e4f5d6c99b15c

SHA256
230b33df6c507fb480c4bd0c3dd5e8eb64e5545a24ec25140390ae3a194c362b

SHA512
8eb0fcb652c414c9c439266ad1a9deb53de568422d9efe8747581f36d06c8971352961068c8544239a7b6929a9bc702b56adb1911f956d6fc06975e028172ae0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
57a6eaed47faa3d88056e08bf4d24f32

SHA1
360269a3a7a985687c66bfe4d57c3bd65de52c9a

SHA256
eb090df1630671a533f7ef7b0c71627a9a36bec9f915548da985a2f2295a8ebd

SHA512
8d2b413e9675d209a0a78caf88e976927358c4306a5784a02b7399c65a4b55b8428b7816fba6fa216087c567794d5153050bed016856b2473eb3d12181840382

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
db950e80fd24e014e5035fd7440b18a8

SHA1
bd96cc42b53e946be476611784c45892de52a740

SHA256
9d6853de536a06e9e48fdc1062faa85751bf7fb4cd9cf1ad47b9cd1b6792c7a5

SHA512
87aa2703f62d4f51dabc24a4f8cf9b39d0b4b5cabe3db81a882412e0c00e111e1945f5c586d76ab2eddc014485054bdd64a859e7b8b90d2b6da7d44cb08a5b14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
105e3e77a9e3c8378c249e448da50550

SHA1
bd1b099f634840a089ea7067f57ac62df14724b8

SHA256
4c4711eff8fb8250570b9c31d0007b0f76fc5ac784d8d27b500b84b99665f389

SHA512
00da52cd8ad8db688b2a4718cfac962b9bd4fe973fa2040c41bd88a6ce05ef166d59ae0d8e365a2caa92ee8b353602ffb4cb127095012e25b7cb7a45efb2003b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e8d881dd6135d5c5b84a96c9eb4e9398

SHA1
f032170b9d0ff50875bed2c67a2b30afe54a3b1d

SHA256
2dea8e1c74074cfd50b8e375f07059a60e85d379fd8659b5e6c6ae7e1dbcd789

SHA512
159195ab000affad8a218c35b74e1a5ae288d6eb9ee8c98d590b0b4dffb622eddfd609e00d826876bc4d8e037bb7c3a52e30f6bf122924e6f2b8d2449a704181

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6059b80c5db69effe1fb45cb12e2adf4

SHA1
e22d1166c43700639ab78f1a117df1c499f59c7b

SHA256
8552569eaf9dc2d014b745ae1556f792907bdb8412998a0fd2f4e6fb5b8a304c

SHA512
8b033067df471149f2911a3509578b74b640120ed5c1733cbf54278a94371818b45a459a1088b9cdccee2609f33b0803543c9c28f4b5c6400ef67ccc9eeae4ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
d65ff09458c261e80df5d0585a430adc

SHA1
37f12c574b0e7734ad82a0c998aea3ef2dbf4d24

SHA256
3ee49df063f71bf8241c4aa164945343a200deb6a334df96323d971b252410ff

SHA512
ef55896ae2a50923bc804b26f6eeb072eeefcc03f47d9ea4d2bbdd649a9862fdc6941006b93974a511c82cd5d336fa792cc999031bf2815a0d92e150c4d16856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\573e169c-f862-4755-9ab4-3be861d4c341\index-dir\the-real-index

Filesize
2KB

MD5
a07fd898fae642ae67986093232c8583

SHA1
9f11dbb09e5db301d884dff0e773523fc1597b4d

SHA256
2ed0c1fcae3e4a21c55d607f8512426d384b12b817232629ead42825898293d9

SHA512
0f41a447c6a0554d3166e1edde9805d1e74f6b06c531dea4ff1b87ff00144230fd9a9731b57b563ca2f7f22632e253476d197c93d377f59977224f1a251e6afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\573e169c-f862-4755-9ab4-3be861d4c341\index-dir\the-real-index

Filesize
2KB

MD5
c87a28fb19249a3626fb926ee843aba9

SHA1
0546ea42a259a438a4d381cc51c5ef662c219bf9

SHA256
d1c9f4a2093558de954cf922b498dc1b5176d8d4423dd2eaa03037bc434fea4a

SHA512
134fbec3e056c8b9e59a67a2c703633e7a985699ff256fc77048bb3f53fb4deeb4d491b80688d97382055f5dc350db5cc9ecf2c31ed06b09f0305a869020f6c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\573e169c-f862-4755-9ab4-3be861d4c341\index-dir\the-real-index~RFe5b0c12.TMP

Filesize
48B

MD5
bc8707d9c48bfb6715e8ab448f2c5d6c

SHA1
4c355c5e6810a01dd89f484b06c46d06333e404a

SHA256
ae7826345c80087d0983231be39555a581d71a812da9d56c62d9933dac3a5503

SHA512
4e57df3078266be831d6ca6675e348e3050c478c1ff52bc2d9e8e09676676353a764ba524fd3223c485865e6e2f7091aad9760d18a144b06b5d17f43f4f1acac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7def24a8-432c-4e9b-b701-b8819cbb31eb\5c86c598a4cd6a5e_0

Filesize
2KB

MD5
00833986fcfc8d600aab3bd95205966d

SHA1
c22e22fdc50db54dd5b159c4720b7c18845fe406

SHA256
c42540fa941cc9f253c44207ad6311854acbd4e5ed2161535dbe087edc9a5a04

SHA512
6b0bdc11b4d9984f45fe08ff050de982e432a5d95baaf9b32f969ffff553ce87db0e26f1dd60c8c0f893cb1f1cc4ff4f7901f4c4b56edc93435e7729e230fe0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7def24a8-432c-4e9b-b701-b8819cbb31eb\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7def24a8-432c-4e9b-b701-b8819cbb31eb\index-dir\the-real-index

Filesize
624B

MD5
6274f844755238280f61b5e5120ecf25

SHA1
5a916feab2364ca58b3caf794524895a5fd9cf32

SHA256
7d418cfdf179b7caa81d3ba841bdb6c12795cdb9e989bb43d43690f4e0ed8ea1

SHA512
efc8f735d4c854ee8eaec78ea1e520afbefda0d37c21cba3d21e6aaa1e511ad09697c2bc5d9e7e4969d2f4ab5e5d5b8b8bf456473ba6c8f0cdf43d8679dbde56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7def24a8-432c-4e9b-b701-b8819cbb31eb\index-dir\the-real-index~RFe5b6f12.TMP

Filesize
48B

MD5
74f175017097325f2499c5aa5ef626c7

SHA1
003459b1ca09f236f8b57d21641855f2d77643aa

SHA256
585b8808b4c44572ae0a878c12f53ccb07c3f416e9678cf911dc65466b12e38e

SHA512
c1a613a155f12cf7e483995bd471b5abd763dfe84594681fd050111a8ad7f48e59fe152c9f9dbfb703b9c4d3df09a3f718293e2f9298c6d635be25ac6d034b91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
dbe11082db8f7ef04858e859c46fb4d4

SHA1
e21b1119b026aa452c6558f035773e934d7779c8

SHA256
4ad646e00e6f474b4a70ea40171071eec3b175437f5fa08ca027602f5d8ee322

SHA512
e0def4c24a29f2cbce7f8272135c4d89fa8be32ccb7087db55ffeef7d53ac6e3fa74294a300088931fb6efbe49ac64522e0a5a3d5c300f98042b38660ddf0da7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
72e0c689dcd6d0c448d571c7fafae77d

SHA1
263ed2c84cec8ea02edd6ce2fadc9c8f133bbf37

SHA256
48104f75cbeb5ae571f010804cf7d45d87950880c5fb4f6627fd7f416eb61734

SHA512
9da19d69d0c533a72f5423471c65002e293f4422f2f200531e1489ed45691448d434f566743cee03a8899d30dd3601ba808b9ed1d1c218ebad0b78fbeb809c6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
a8675c7df237f03b38bf3941d4ff9d33

SHA1
dee9a8d0ab434fe9b9632fc0a9d6f2271955a494

SHA256
8c0890a9e57330db633a2e688ae595045e80bb1fb4783acbec0bd11b74919489

SHA512
4c23bc73750e3f45616fc3541020dfa0955a70ee6cf2a8bc253880c3c03713ba1e1f11e819bb7578f28cd4866e5d2189b4899ef654c405b9d82f3263f063e665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
84b9028943cd199d84aa4d31d26f9eba

SHA1
a7ee941e876745bff495ce0d9697861981e988cf

SHA256
c3a200a9460d6f59487fbd9f188bfe7c5cb5aca1096edd04c415eb291c03ed6b

SHA512
71857740801ae6b233a389a7dea5d9753103dde92e8316c56eb332256ad15dd9f9bfa8d64411f4235b3efbb7941c98084e59d2e59e01c64fea212e8df46cf4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
dadacbdf12f4c4cbeada2655664bafe6

SHA1
36d677ec16825c7fa716b952f1923dd740cfbff6

SHA256
81ac2a0c7a632d7531773bbd1b32612df11042e108d08a5c1b2dc23f8aa27575

SHA512
6f6fdc43216ef17f06cd64cbb7bac5723ece72c8ef70549a69e5683b367b2f2cd31b05fb83f7edadc510f9673eb46dc2e5c4e2852a0fe8cc6f496d597589908d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
ec962ba090e4ff247c68911812d61aa7

SHA1
82505f02c87f81dd525dfc6cb7d4f4a6151f5e1a

SHA256
6692b316620c1dcb6bb409793c9c62d2ea7c8de3ee02c6256669fbfc120b6032

SHA512
8991854a7fdcd749fdf7caa490f2f4f1dc285f68c048a9cb80e36871d7058d0d25866f5572e92b13d3ee60ba8eda169fcf6b6d4c72ce9de834c3a1abd7bf2246

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5afb2a.TMP

Filesize
119B

MD5
bbd5daf4cc0c0b6068213d234671a9d5

SHA1
ba5c07a8a0ca9a7d39fbe0d7f29a08ddd4bb0985

SHA256
ff8ff1e5a1e2184dc40e2498a44d605660f599a45c98a23d71fa2023da2dbff1

SHA512
a4685ffe9a914f80c2ff72aa8e1849d32ec0f3a0157cf96d0aa008edf629f6ca050a9f134f2079250ba8a1f4eda04252ee8d2db0816d0eadb4fbacb2bfa9700e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

Filesize
162KB

MD5
76305bee9c9fb762788ee913b2c55237

SHA1
40b58a6afccd31fd51d42295b4d372ebd920eabe

SHA256
04490ec9640bbc566435af5b6cdfea3af0ccc51897135d82049608544aee3823

SHA512
1deefc07d267034d3fe1ef4792b882f1b642588e425ff773c19c175ca0176201438814e14603bdb7ce4cb94c89a76683faf8bf23406bef93c610f5764502973c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_1

Filesize
388KB

MD5
929a7505124b8c37bb407ed6f125a15e

SHA1
f3d1a21d349241c87a6936fb5e21477fac333deb

SHA256
1947c64cfc979a8560c9abd5785fe95da0915043e0364f3d00f29c6a41664eb8

SHA512
95c622711d4778f97197724b60017c56ca126d973fa04fff9115d8024b8138bcae421069494b5cf6b21447cb36af4f92ac916525016b076e3438bebee129065a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
16KB

MD5
453fae3d0c4d568f156d267d24979ac0

SHA1
bdf5ce89aa8413133fa80a25758b79c56e400f75

SHA256
50dd2418d7f8d998823e35ff54f6dd140dda5334341873d9710e58be4e710094

SHA512
b6b7e4179bda9febdd9c1d8b6f5dcc3b31b5e9a05a7e2a6e589bb5977ac62cc36f0f5a4e97efe4331cf36559e8b53ddccb601b4c57894f46c62f4a0fd5b12028

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

Filesize
11KB

MD5
76e0c9cb9dbb32a25e5bce6c3006c068

SHA1
70556c6982eb5f7d64864087094a896698545986

SHA256
cfa71060cd5b35658c63727cd7dbb7eacd067ab354ad7e804d0fbbf45e608e1b

SHA512
716bf13377e1ed29c146da44332831c7616aa76fa4c0f7b3bd57b3cd995e8fbe58250fd315acfa57630544798631f8e9266d85a6890b9ca349a2ae32b093cb44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
991a50af22933bb07050313a0a6a5229

SHA1
8a86d9da8c450cb5249e293eb503c6890b1e6318

SHA256
9e5a11820e0cd4cfa4e007645f190f2c10fe2a8b9313e1f5d69410c0c9b68ec7

SHA512
e1c3d9003355b7cd017962f9eb07a0380e66f516f3f54881a01cfc68037f906d7181e6854825a44daccec9fccaf334ee6bd2083031c6f64591731f467389439e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4360_1164190191\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4360_1907816841\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4360_1907816841\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
347KB

MD5
167a3310c280b9a049d9e1fdad38cb57

SHA1
b8677c80b3e78920633793d397a1229815342b44

SHA256
96784c7863c2f528b6bfe0040bb2f825738eccc67a7bbda9d98a08b1ed2472b2

SHA512
58c9a70ccea2a3e717d761e1f0cf24667d5bb4373e403cd190e19eea52d3cd3522af5a1bd1abb0c21de737706cb0482b283c5b3583460513370afd0d05230759

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
287KB

MD5
74d5c2531b93a7d7c0fe797a2751f8bf

SHA1
6dd1e10ebb456a2d4fd4b8b02808cff07f182cc5

SHA256
3629bc91ab3fae182b3b3894956055f62a5bcebd3411521806ba9eaa46614a34

SHA512
a891a2547ed82976f0874b76dadc8d71aacca41c75145082a6d96cbb3fbb6d61b085d7be142bb854e46b59e48f01db60a71a010f8717f969c7db5bdc9b2d1997

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
287KB

MD5
98a2eeef403448a43c8e6d62ba52dcb4

SHA1
fe5c89ee3c81e460d6e675cfd4391a70017efec6

SHA256
a1fabaa7415c128b146e910c9cd84034cd49f2802a76eaaf5b73906956563714

SHA512
d68ddbdf0c780fc23f7bd3d3c5de8ddd43d42c5b0499961829556d321f7fc31530f680d21638f783d2a882a6a1e65f2ecc01b40c904e07fc5b42e25e28c1b956

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
146KB

MD5
2b5d1e735cd743625325eedd089e866f

SHA1
270644d2f86cc00c9824c848dd3165dd1cb333ae

SHA256
ea358c226a9ac2f5b6019fc098b7fc544c196764a4b97249c5bcb312b4eb8f93

SHA512
084ee7e50cae636f77558eb9edd27722a9956957fa92d5a2957e8f4c83597784ec3c88ed79e9328a2a23959c6d861e688f4418703e044cb52a2148bfa49e5072

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
146KB

MD5
9de8f567e3d8bfa800fadef9a0a4d11b

SHA1
565e708a134e25dd6396d9a30167bf8475c3f677

SHA256
6c0e6d60250a563c722a6ba1cd9811325a377fc64bc2afb2d3fd627372c04420

SHA512
8c3bb2e679be578a9aa645a5b406a1af34143eae7f4bc378dd76877d0f0059f0ad71ccedfaa7c55376028d034513dbc2b088bf0886b122ea2e88772b7cbc21c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
2244629ce7978a6d59f36a471a31474d

SHA1
01b4880c0cb84baa0e1000cc0ac733a9718595fe

SHA256
35cd63b6ff2f1459675a87c744f4827443c45eb22db441728b4a5263ebcc7165

SHA512
add887f7b42119eb857a00efed765b333c8d90f03a46dbae8681fa5bd787e8d330231a0f52815e78209a3f81a3ad2354ed1c707c3b34cdc80945097f7cb87675

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b84ad.TMP

Filesize
88KB

MD5
b94188885458ca759b1873d199cb334f

SHA1
a7fbdc04351f1d0cc6b3b0ebd891c5298cf92b73

SHA256
1e25dceafe7cf580ba6b86ca861fdc1fd1475022adf6bd6b849f639365d4d4d4

SHA512
7b3f835812863c890407d70760c877fabe1ecb56ef06c3198cd2554acdefd44af952da4df311d4f5253498e88855239d0122063ce77c797c634589d75cfc0f11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f0f818d52a59eb6cf9c4dd2a1c844df9

SHA1
26afc4b28c0287274624690bd5bd4786cfe11d16

SHA256
58c0beea55fecbeded2d2c593473149214df818be1e4e4a28c97171dc8179d61

SHA512
7e8a1d3a6c8c9b0f1ac497e509e9edbe9e121df1df0147ce4421b8cf526ad238bd146868e177f9ce02e2d8f99cf7bb9ce7db4a582d487bbc921945211a977509

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0331fa75ac7846bafcf885ea76d47447

SHA1
5a141ffda430e091153fefc4aa36317422ba28ae

SHA256
64b4b2e791644fc04f164ecd13b8b9a3e62669896fb7907bf0a072bbeebaf74a

SHA512
f8b960d38d73cf29ce17ea409ef6830cae99d7deafaf2ff59f8347120d81925ff16e38faaa0f7f4c39936472d05d1d131df2a8a383351f138c38afb21c1a60e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
37KB

MD5
f31a1ab9f483d9db21349522e39dd16e

SHA1
01a275d7fc1c4f578fa506c8e0bf9b7787dd4806

SHA256
463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d

SHA512
cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
37KB

MD5
669b1563b95fce26d9ddc3c7e9bdc538

SHA1
275e4ae2606a0da908003b77ea06b24ea8b66214

SHA256
d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667

SHA512
09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
20KB

MD5
628ba8d31375849e0943894669cd033c

SHA1
4fa6d50a37fa2dadec892474d3e713ef9de2d8a1

SHA256
80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6

SHA512
d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
20KB

MD5
0f3de113dc536643a187f641efae47f4

SHA1
729e48891d13fb7581697f5fee8175f60519615e

SHA256
9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8

SHA512
8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
21KB

MD5
8680ad8cc782b74ee7a15f0a042c76f1

SHA1
ec430c456dedd9a2360703a826491fcd69f6dd8b

SHA256
af745264049ea73c66c1dc7783e59fcfe94c0506337867380ae638e694cfe5e7

SHA512
7869afe9f737bc31a9c33b03014f4d5239cc48a798deabc0fdc835fd6736a99b17d181e57866ac960bbdb0d1e3e8610cf97bb01762435d8808ca56f1e74dc2be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
0086c842b02e9d90762d9eca2e798035

SHA1
e2d6ae49d29ba3f1850739c171b57c3a3ead3585

SHA256
70bbdbc92d53a9d7d5e46c54116b65457f9f9900997f6957f47b3002f1c90250

SHA512
cb0177d0680e672e4badbb41be984457fd139c1b68c70427f5b49830cff16f5f7199b2b22330784cc0979cffc349821f392538d1a82d159a9b747d8ec257dd09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
abe303bd1eaa250a2318c320980c1d46

SHA1
7a6ddf6971fb716917f8d1e6a7938b775ed5eddb

SHA256
8be731a8a0dbc2f0fa3b9b5677003880dd2b7298de94f2554ffaef3b4a9bd536

SHA512
0a96666adac03f23a66b1d41ad457123e0bc13ff09d68450764726d7353a608e6eba77157f60fc2d6a02edbd8fc11d1fd01fe75f6b740eed5b6835adaeb6383b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
409B

MD5
7db19416800bc044d2ba8f7558fe68b5

SHA1
e225f754b5386ab14efc32c59e3c105c7e10232c

SHA256
07d20423206a633941f52413e48d13c609dace6c0deae33e980a88789441a0b3

SHA512
521306758c0d7c9525684420054fb3be3cfd1b95014fd9a233cb0b615cfe94c268299c9971f4eb3bd5eb5cbdcb2862acc0c596c1d680b68f7647e1e8d9eb4634

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
496B

MD5
047e72b446be4e90386aa7920a4c51b2

SHA1
68236cd2b8414d4ba94541904daec688ae87a417

SHA256
decbf87b75893e31fbc089554eb39f2ec1fb2b05867f63144e2a694e3ab350e6

SHA512
8c2c18ff5a45a92c27b14fd48757164e41311eb34294eccb85809bfb67ad31a16ff8673ddf860e1ca4cc4121865c26b2d8caaed413fe059ee26fe856950e0791

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
59b11647a1e40ca9ae48cb5433d77915

SHA1
84f6a7fbce7c2f77fa87dbba98c25f84621d5710

SHA256
abe4f29b4a3bed3437c924b2a2ce091edf5d4a5a487e12c8b502859a61faeebd

SHA512
2b95e3b86bcd0e786e6ec0c694406b6a53f96ec76796ceaa0cacbe0ab2616632db68b425382370dded508ff3c8571f9e13b53ef3eb608f44c2bb8f2616b1926b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
eb84fcb0dbb8bc981e828e15ef2b24a8

SHA1
9c45dde47a661b242b7328293705df3901246b21

SHA256
c154c368ef615ec2442efa69747bf848fc616a064903fdac83b273cf12e21bba

SHA512
bdcde5f7b3167b0ea5a88faad7a59f42940563adf8474601695e44a2efc95a69539f743dfa70cfd37a5714c98ff4a7cd8e2c74ab2b1bd4821e124ce4e8d75060

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bc5c3c4654211de936cd871bcd414eab

SHA1
683fb5d9ce8ca620ab6838fd9a8e7edb09616912

SHA256
22d120f0c0b11397f4b0dbfeadda65d3a365569d02bbfaf28c7658f310a5f9c8

SHA512
de2f2420cb90d12b6708d2833e631a4bb960b5128b6be5dd872456f3071acbcfafd94758b5fb7eece927ca8ac05ca510b6c524dbcc4024452404678b38f06852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
eb98cbec27a4d22bd743f7361fef64e5

SHA1
a4eed23fd7ee1b7f2b92684636d471f55e06fb8c

SHA256
f6629c41466398050a6e78db6efdcd7f4837f5fb4013b05fb026641eebb0a826

SHA512
4a9c655588dbf007df8fe7b055e326500976a7a796a167772007f02543714c5c1d748dee7d375a85a1a9a939533984aad9b967856ae55af1d4122a20df5eee84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
021fd8c9234449cb46dd094301cd4756

SHA1
6427cd85f18ce3ed8dbebbf45d54ffa0a9dc1ff3

SHA256
c9f7bf88f2f36b06519737fd0729534e3d73063788ad787d9823bd54d3553e62

SHA512
4c4c043a59057d3f872c22e6798225a33fc55f51e8b631879039fc6386bcde786475e5e1f4bb98c1901939fd70d4d4ae0620766d22192ec8306e3b09a0ee0d52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
80df7eed9ca309dd698b1c520bc2baca

SHA1
be6d0f90598e624e083f6244367a58e19d9dbf88

SHA256
ddec454a2ae1e5d6d904fad7756c06e9051422f3e661179c95758bdc2784681e

SHA512
60388b4dec031274c3a7ad1395432d7226ffa41531ef00a69f2d6c384c5a970a1cbcec3e4b602aaeb7f28f95616d0a8a3ec19b437b2a37ca06059161dd023763

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f11a95c5f4f81edbeab648d14bdf413f

SHA1
e213a3f6af58a61520bba3f522c1cfb8985f173d

SHA256
3703693b2872b760187bcb9de659f1fb32fe9330f64f908c202d7de31cc6e808

SHA512
518a51191482241b8135bd7e2eff760ec2462946fedfa5da7fd76c3910689de880ee177444babb7091d662eff594703e69de135bd8218fe7f209e297bc2f8214

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a10f9.TMP

Filesize
706B

MD5
fcc24663b84b51d720b7b5cb67bb9381

SHA1
1a44d164341f1e4592249df9046032d0395de506

SHA256
cb711aa7b4765e746cbf761f5d37fd79cbf27db6b4db57a0d4669d4820ea0f36

SHA512
c3c6a79d739efe35df4729677d9c7e0544f8031e9e538a3172f94334e51bb1ed8af1568d676879c83488b9d09c6c19ace609f652fa575085c88f13e506db9991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
334d06615d00c3bc6d4ec092d5d2e822

SHA1
6482ba29d9d50039c47a1b7d31420e55369d6fd6

SHA256
9795f916a90fb809ab7e22f6dfcad72d070d26f55126da0770659ed71b5006f0

SHA512
1f7b906eec82951c569ac39916e229b197f3cbf43df443e3dd8b8c04cfb7fc6461526c27fc4a754e57e9157aed1d90538a955b3a0b2fc4c007211f85e185ebe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
7183fbb24c484157fbafe4b83f016625

SHA1
6cb53c1c4a4aa911796069e5680b5836922bd931

SHA256
8070e919f972d45b989da9af00696799cff60884dd4d2cb826dd843c30b831ee

SHA512
297eef01b8186805f0464d68a52a6daf58b91515f554521e1befa209504da2a4edb3cd4252c573c58827779dcf70f768ca31912c7fc8a7ec9a3f05be21b532a1

Download Submit