hxxps://youtu[.]be/sIWP8eNsVxo

Analysis

max time kernel
30s
max time network
36s
platform
windows10-2004_x64
resource
win10v2004-20240708-en
resource tags

arch:x64arch:x86image:win10v2004-20240708-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2024, 16:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://youtu.be/sIWP8eNsVxo

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1952	msedge.exe
1952	msedge.exe
4680	msedge.exe
4680	msedge.exe
2696	identity_helper.exe
2696	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3492	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3492	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe
4680	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4680 wrote to memory of 3684	4680	msedge.exe	81
PID 4680 wrote to memory of 3684	4680	msedge.exe	81
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 4128	4680	msedge.exe	82
PID 4680 wrote to memory of 1952	4680	msedge.exe	83
PID 4680 wrote to memory of 1952	4680	msedge.exe	83
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84
PID 4680 wrote to memory of 3852	4680	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtu.be/sIWP8eNsVxo
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe0d0046f8,0x7ffe0d004708,0x7ffe0d004718
  2⤵
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
  2⤵
  PID:3852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1
  2⤵
  PID:3396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:2652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,4712012369827734043,5225140236651608214,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6104 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2696

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5012

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1996

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x498 0x490
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3492

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
97f8be9c465b0ed67c2415868506c354

SHA1
cdb221d6debcf55615d3b5f30796e32065046dd9

SHA256
b606a1ee10b65eb9077e7d2f3b34a0d7a1ed6a4802a169fe55449c975332ee02

SHA512
a0fe0ed30624658127316873137f4fc488a5916005e5e3f1f55b7d6442b54010c08d7037b94d0cf3c3316b1bb4acf91bad9e64ee6d15302e3cdd62bb18730542

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6ae84fc1e66cbbb7e9d28b0e12d64550

SHA1
100430bb653c896c11b94ac0bf2297a389ea5ad8

SHA256
856a9c0ac8c29f738a3501b6bd007fd8cbbac211e461b91f4caff52dd41da75c

SHA512
7fe7a8639d96118b843e67a6a6d397271b181dc6b049e6f7de77bee9c9214690b1b7f73164f7e463e117406dc978334ea02397fd639140598f60f89c6aaddbe8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
47KB

MD5
127b7a9f7009939d0ae5dd1a48386985

SHA1
f9e981f2fbc6df7e304803153fb6fe40f0dcb6ac

SHA256
9d8e3219c036313e8b27ecb7b91befc49de6a32352a5349656945a7525a89962

SHA512
b1a442d78f6adc7a67f8ee299d46817309798ff2a38a66af2ff03eaa276b3a7967fde34e801dc8488ed75b3110fd01b3a9763f792ce75e21fae190d4779c1287

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
227KB

MD5
e09df5a23acd241007ec35851474a7f9

SHA1
9802085247211e3c82c5e6fefc003e7c1f21227d

SHA256
846921a45a6d2203548059f9b22a5a5513105e43098da955bf402e681020bf56

SHA512
765b7cfa03aa7d750a18ad63c072c069329f4a7f7a594051c01700934497533ad07dc503c8b3892d5ac97f14b8b85a6f4868c7e5a1a4d2e40a7ae4f7514d1009

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
32KB

MD5
af5bf693b92c0d2c8441b3a6640c4ad8

SHA1
12ed4ac73239e542ab8d7fa191dddc779808e202

SHA256
b9f2c3f2ec75955d96309f759eaf9fb6bf576c238377491dbb92de1768a26012

SHA512
c2ef099832fc5e8f1e67acbd550b0590c0fb5c291761280a2e74e6a97763906b9c0c1a2295f285462ba3a0ed7cd5658f296e5f0f9c5d11a97ba210f352f8a438

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
32KB

MD5
cd3756106418d9e83a2baff9904ba221

SHA1
4c2ed1c1ebe119027db0fbaf7a64b408f1779b4a

SHA256
57ec0895e1bcaf08c769e2d6872f3f3657972f87fac081063445213dae4541ee

SHA512
5bf43ccaaf99505f7e8ecf2eda18efe260125accbc12f655601e2acabd822513e153f4b81cbf03a65d13572f11e9f13fd471006a0ce8f2665e8a594ff2d769dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
19KB

MD5
c7444597254c3ab4b9a6aebf59420d6b

SHA1
af57edf5ad540ae22782b52fc0f71ee59ffeebc5

SHA256
fb8bdf02d52305589b64fdb41330d16b0730e28a61b6fccf7fce6f142792deaa

SHA512
f23810b709e61804ccb51ad153f220703a02e255ac7ce48cc108c809f84678d65bc22e87312d9b7b3598c30de79ef892ecf5bc301415f6ea795810f58a418e85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
3b21e68f6bb7d356d69baa361ca5e776

SHA1
2ef2465e7b70f0db552332b0a4bc05b14c635042

SHA256
de9ecd3682429c42b926ed7a345d9728ab6a078b238ccc2d6bb15adfd1758d79

SHA512
1cb13641164389961899b0761b7a733f3859369f1d7da4a8409a2487f39926eed64f1bb30827abba901925f99e5cd9ad87a54fbb21abbd325aa64c2494f976d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
79fad222d60639476c5080f83bc27209

SHA1
e0c3fe5c16aefe65c977e05ec21dc69908891232

SHA256
c5037c723b9783e5836932068d3f7436bdece4c4a3d762cd4efd128e48e061ba

SHA512
6064e774abf40af24f484964396067ccabd15db0796c763584c1a58f976239f41ad9c3fcd860cead9ff611a2c9f0bc7fb1ee65f60eec99e3ce954703e0934982

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fd5dd4f7af935721bdd8bba30cf74e6e

SHA1
0a7cdbf73754b0c5967b2f66fa205c7145b96f4f

SHA256
f5e723292a02b5b94d115125731e09d201846535d390b563a15ad8fd23b47977

SHA512
60d6fdae9cb8102fe7f96539fa5cb71b989c2275323e2945a4ed149af78c943e9927ba29af22e10c0f672a93ad2d40a2d6c569f5889ac4e531da72d6f7809ff0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
e1046e029dab139b187ec8af59af0bc7

SHA1
d6c373c88063044a048218a69ebbc33704f0e78c

SHA256
29aa5dc0de0702d6b10a3a110cab18843e67a7429f84f3e42511ffb84f531b74

SHA512
98a7cf7975c42fe50d1bfa43b79a512d5b558627624749abb6380f22c12d4852b049522d26663fe1eb2244ccddaedfc4b7cb4cbbdc3d133b243d73ac111d3757

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8147c653e3a5e2c39481348b2f9f78ee

SHA1
6a765072d332c044a1bbfaae00cf9c5b40550da2

SHA256
7dc3c09de1ee8b38d250df5180accdec4fa2a6aca635141949a5ace247ab4d54

SHA512
6d548b7f8fe21913c47c15b3dec346eec29150aeb83481c59aefac1fb7ea37eaebe89e20cd6f607ba4d224113b9aded87276196587dcce365444408e756210b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0198e6df0b3fbb9c1563ddd71d057e45

SHA1
488b874b102a5c74b3ddf5a3b547a525e0c6cb73

SHA256
e0110da3ea140988edd9022d8463f658048489ad21d4f4fe8fef1db7f4792074

SHA512
d89fab5121bfc77008354b2c7521ec39375ecb5d6942a4fff0952b0def5ec843d9ad2b415a2421157c06d9bb595407852f29592a1e94ae1e5661a91cd425e842

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\57f77bf8-0b9f-4f23-b21e-d5674c9cbc83\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\57f77bf8-0b9f-4f23-b21e-d5674c9cbc83\index-dir\the-real-index

Filesize
2KB

MD5
36479b0a4ca8f654918f334f912f15c9

SHA1
40ef295c15bf2398a3edd3a4c33125facc56cd6d

SHA256
21fc6c92fc5073016cbe79267ccb5425f537f780f3d5e2478563553d0e96e143

SHA512
900827e9a311d1d4f34c07777570a187268507dac8d7537c84e17684a92362723631c90cabcedcb86789ed897c7449a12b3de988d7ac35c39f024802d5304cba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\57f77bf8-0b9f-4f23-b21e-d5674c9cbc83\index-dir\the-real-index~RFe584f54.TMP

Filesize
48B

MD5
9ae16a6a4cfafcc0a063d7db4c2d2e18

SHA1
e23e39122303f7338ed7884d1eb3628f2a18a75f

SHA256
675a37bfcef972956d5176e0effefa09d768370173be3cabcb030fb7de848a7c

SHA512
0f4ad579a96eb9f0c398f47248b3b7a9940eecee87f2c6004a23af7f802ef7039a753ac3e2f04a6d8183817be0ff9d33e333f9fd3d6a6444d349b7b71c05afc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cf40cf95-2b52-4fb1-91c7-f63a7d3510e8\5c86c598a4cd6a5e_0

Filesize
2KB

MD5
df8fdadef13d50dd4c9c830606fb3b19

SHA1
67a176d746b084663ea35afbd3a9ef41d4f6c8e8

SHA256
204b1198d895aa82b5e641e6d16db278bfe2f5f53c8b5ef0c10b89332235f2bc

SHA512
43692a18a661bba227d209881b1ec0447957a69c01c7a1a1f2f2fa21b2e748eedd0997a64a0894549bac799ea26bc3b241f38a6b4a46ae60d276d9aa17564d72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cf40cf95-2b52-4fb1-91c7-f63a7d3510e8\index-dir\the-real-index

Filesize
624B

MD5
34faf46b266f4fd7f5f57d7594b820b1

SHA1
e7287cdf336829098d4542a8e69f5b5ee22e873f

SHA256
b16b2fef1751b1688bcebf9bb8fdf59dfde8027deaf971ed266a6a158e1ac047

SHA512
0b85190de6e0eacb5fac9875a04bff8122cae43cd2b2eaf7f90e87225d8eed40a13aea1808a1861c7754c2986873cdd7d913f2b2b0a25cabbfd24b4f4119db13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\cf40cf95-2b52-4fb1-91c7-f63a7d3510e8\index-dir\the-real-index~RFe584f54.TMP

Filesize
48B

MD5
bb87bea4c2216fece979610d87162a68

SHA1
abb2216a4a20cd39831ede2ca9a4a1444b088ecb

SHA256
b958f578af68129c045462890056daf1af26f68a569d37263a61c13a04d3dab0

SHA512
10811f5242434237b816b734a1a950911c28e3c01eb63596ed3fc94ffaeacfcc6c9253de159feb7a1c3ed6d105fe3195cee6de031481ee3f34905660b0aa11ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e4793bc8-e277-4f36-8cd5-a1c86f3983a3\index-dir\the-real-index

Filesize
2KB

MD5
e233a5c74e48bec5892b5f442a86bc4c

SHA1
ed9a624464864909364373f8f94a3152cbda22dc

SHA256
03216b198cda7bf364c233fb929c9052a8867b24cfae2d67cfc7455fbb16c2b1

SHA512
a25c122597b82d8ef352071a3acb6c8ff4c9c71cacaaec9a33ba81c07ec6be7754e69a1d0cb0bf6481736da42249d0a8e498c2da3d9bc0d46baba19c16c26b08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e4793bc8-e277-4f36-8cd5-a1c86f3983a3\index-dir\the-real-index~RFe57fec3.TMP

Filesize
48B

MD5
764ff3aa22b1fcfe434d683f519f093e

SHA1
cc7feb0e54aa112cae05334ac385253e4f7e94e3

SHA256
02e93404881832e282fad992ece07afa2acbed7a5ab215565396b0dfd6a90922

SHA512
c93e47d58447d90c69266e06d1b1aecd492e7c56bae1be6cc9a0c25071959060a737381ee2fd6106b3e19f1ab3d1764cb5a623d5eb308798b94c6e535e2b1b47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
a7db5634db141987c9dcb2789133b554

SHA1
b7fcc662825a8473d06263e6b6ee1f699e4294aa

SHA256
9d4284062539320ac0f7d8e9e121998f5b617c838f0241be742bf6b1dd57ede8

SHA512
17119249dd113bdf09284421d263743c18cafa0890c3e445c0bdfde92f711c7f1d6f4b618deac0175d974496409600bea5af2ba1f9c05c863fa89981d0d6af27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
8051da6a09ab656bf6fcda2d9ce74b81

SHA1
82fc7ab18d3cc1411612b965942342f07f7804bb

SHA256
589d75c86988c9e3fd2af9a27e7381b5035b0a69aaee0039046ec17e82446bbc

SHA512
71c8bbab87cbaad6252105a89f7d99212abdf955d369d5e33045e5a16920dd60d068d6c5e2882b4a29705f2f89e130a18c630997ad5ab561792079717a747a61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
26B

MD5
2892eee3e20e19a9ba77be6913508a54

SHA1
7c4ef82faa28393c739c517d706ac6919a8ffc49

SHA256
4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

SHA512
b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
6d335bdccdaef183b1335a03b1cdae09

SHA1
146cc9f151be4de9cbebc034f265354aee4801ea

SHA256
ec984e10be3f9a4bce42901558a9ee08156e5047cb11dfc39fbffa79aa8c8aea

SHA512
43094c2ed950175a80b7795933c9f277b7a5de8cb52d7b09fd7d5da1fb6a22be5c631c55b5dde129a414892030332da78d81dfcb41bf9156af25a2ce535bea05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
e715889f2d9ddd31135db267415f8b2d

SHA1
012c1180f550485791a682b7e353acda99b9a791

SHA256
ab0f563fd7fde31f234e66f2f31cb09489c8dd0b02f0c005baa2723c4353427b

SHA512
af8ec2b6eec8901cc19971a02f7ad1f68b6fe992aa156491c58af888e4eb3c1514b17c902a1bc6dce681d8f51e89daa33e80b2c28cf3638029ca32e1bc6822fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
155B

MD5
11153fa2689fac34aeb36e144ff458c1

SHA1
03407da9f59f19a82d51ff3a07d6ebe2b7d2fda3

SHA256
0e0090b4ff9d5d5516ec51098fe0ee6327f3753cd85ff3d5ad68cf2dd9d2517e

SHA512
2518d9a5795f207ef7e07e1c69f9be6a68608e6ec997ad0e68d2d521d99f2dedfee21d797a2ff18de400820c99ed49d0dcf8f5564ab91b09f3e8805eff5ee228

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
0e29c20667e5684c443df513415f3856

SHA1
2030ab2408e380f327af1fc11273c4174c825db1

SHA256
b3f7f787ad5e2a1b110624d60832fdfaf135f0c7d12e5c137e56d1debed842a1

SHA512
500e729d1b561ffeda85e71905598ab73006a482a997cb04f7c6f8e3cee53a8c20d44b32861da6060862cc7e0dc86a1879b10acc61735bc19337e17d68c1179e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
8e37c61fdcca5cf98998c2ac493dfb9a

SHA1
4bc74fc0854a7c884802e53907c7c987ea39e6dc

SHA256
3a90cb996145402dd78cac08d4a4dafb4324846ad70a08a12ebb0aebda00a8c1

SHA512
09d1d7bfc0970c3a0f70cafe2a1a5ee739c3142c563c0e84c77c288dd9b1d9e3f63e302ed3e5850e0e2d468621c2df73c6316b006acd95d1ddeeca698b02d8ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57e84d.TMP

Filesize
89B

MD5
62132ce8cbbeaee4f80142906f43f0c4

SHA1
f533998df83007f05bbb6c568009765abf3c1a27

SHA256
99f400bade6737e8a92804227f4e445072439c71a2f76701a0f1d062a6878c3e

SHA512
64b3c7022190e010f9e2aa1fee8b0f8d537d68e64475a30df8a37061e5daca0679440f2cf353152067da5411b094b8f4c03f3b72b0df7c041b4ba137e681dcfc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
b9647a5063c98baf8e30a9bb705f6243

SHA1
ec3f9b5ae70f62ad026931d0e3428498cb3eda73

SHA256
1ec0720480d340f94795447cf59be7b792e649a8617774e945d56c31cebdebe1

SHA512
5774f8a9c4620165daf4a08e7cf80f77486d486bbd48674d86b719ad748855009d9285ca2bb65dffd75d7ef8b525ad7a80cfd1d383426460c42901627126403b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe584f54.TMP

Filesize
48B

MD5
b39fbdb50efa40847532d51bf5cb3f36

SHA1
d9b7ec015b04809d91dad3de0388b52a293d7e65

SHA256
bc70506d57a82e491b7ed3b69f3940fdbe2bc1912459359b9c2e4fb21dce795c

SHA512
9ed598afd4843b189a9bbc6f58459b5fd57fe73cb9ae0ecf5919fe08aae1b502bced940672395ffd42d3217473b569fa9e778b101bbb4ee65b0049aff2660a41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
808678cf76ee6828c69f522dee1fc5f2

SHA1
38a859e19212196f4c96e53123311ebe649b027d

SHA256
8a7d444b114bd1225b7ed323d79501675e3d2f8c1549d2ff9f5502fbb7ae300b

SHA512
b1650b4866016dcaae0d9a5da76ef1354fd3e9f2208a3b2c3c38cc33fe6c3cfcdd5042ab082a418f706bd39d0742030de22aa9bf0c048de9bdbdec7ba6ca82a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582fd5.TMP

Filesize
874B

MD5
e09f9fc603e62f668d327281fa7e7566

SHA1
4341b4cf9bbc476ecd0c482b908a3c21096002c2

SHA256
f2f8f3509589ca6d3b75155d0110d2ca129878d461ae27849db538e2822af8fd

SHA512
6b1be00c1ff398d54f3f2141b0a2301ccf0de0e932c5236e544ac2834ea73b55f6e90015dbe30da492c328ccc41a359a787d73ba630f8707177593a7ade11166

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
a19fe21651c3136f461fb97d6d1fe67c

SHA1
64ed5d2b3069d7f1d10cd1caaa8e188ae401da74

SHA256
bfeee5f2cd9dcede9574ce996cc56ff1b1010b8d962ee3701877e013bce25460

SHA512
b4784c1587ec994af73b7baa26d848deb0462a8156ef70c4141cfda62a9edc76ab6f3c6b750ff097d5cc190c33721d51871097a7146af55ac9f4b3bac00e0692

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b49a02a835c5776bfd0e4d591ffb3fc9

SHA1
783311d2249a139220bb8b849e218e3308d238f1

SHA256
00701a720804d8e2c0187ca0006360fb5ffe7370cbd60d1cab4bc38691b1de26

SHA512
cf4a7579f0b4567335a98d857ed1171e512885f68aa7d11643ec92a22759a4223839eecb5fc581002868295cb2e35681d1cf381b7cc863ea74b66cb65fe3e331

Download Submit