hxxps://codex[.]lol

Analysis

max time kernel
146s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
19-07-2024 19:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://codex.lol

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133658922020913861"	chrome.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
2672	msedge.exe
2672	msedge.exe
4124	msedge.exe
4124	msedge.exe
116	chrome.exe
116	chrome.exe
3504	identity_helper.exe
3504	identity_helper.exe
5456	msedge.exe
5456	msedge.exe
216	msedge.exe
216	msedge.exe
1904	identity_helper.exe
1904	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs

pid	Process
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of AdjustPrivilegeToken 18 IoCs

description	pid	Process
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe
Token: SeShutdownPrivilege	116	chrome.exe
Token: SeCreatePagefilePrivilege	116	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
4124	msedge.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
116	chrome.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe
216	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4124 wrote to memory of 2904	4124	msedge.exe	84
PID 4124 wrote to memory of 2904	4124	msedge.exe	84
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 1348	4124	msedge.exe	85
PID 4124 wrote to memory of 2672	4124	msedge.exe	86
PID 4124 wrote to memory of 2672	4124	msedge.exe	86
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87
PID 4124 wrote to memory of 1496	4124	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://codex.lol
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb9f8346f8,0x7ffb9f834708,0x7ffb9f834718
  2⤵
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2432 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3092 /prefetch:1
  2⤵
  PID:1004
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 /prefetch:8
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5180 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1960,3756874421367884490,7774256729417293522,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:1132

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:536

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb8cafcc40,0x7ffb8cafcc4c,0x7ffb8cafcc58
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1952,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2456 /prefetch:3
  2⤵
  PID:732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2152,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2368 /prefetch:8
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3192,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3232,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3704,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4516 /prefetch:1
  2⤵
  PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4848,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4912 /prefetch:8
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,725473160021214570,11059996156820073301,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4708 /prefetch:8
  2⤵
  PID:1152

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4492

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:6108

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb9f8346f8,0x7ffb9f834708,0x7ffb9f834718
  2⤵
  PID:1524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:5428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
  2⤵
  PID:2280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:3308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3796 /prefetch:8
  2⤵
  PID:244
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3796 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3428 /prefetch:8
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:3640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,3375481874311543903,17000104977680153105,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
  2⤵
  PID:5372

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:212

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
202fbb6478ee4f7010279358cc4a255a

SHA1
e6d38faaab1c1d5ed992cc99f360ece1c0c9fac2

SHA256
0fc055089fc4bc870b5f1f4f3737267915908e9a180e2544827372bde0b4c804

SHA512
0564893d6eb08bc03d21c0bfce54358e55142a57798710effab8f478fd6442d3391a2c31c3eb46775ef45e32c466a3c638d7b1884b3bae0d068b13e02c1a3f36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7b597b32047f8ff5c5d8a472bd2e20a2

SHA1
e4c982b93d435b3d7be392c7a2f3c103bb8f8513

SHA256
7ab0cf3199a11eac111f1c953dd15f59c317bfad648be8b7cdfe0a1dc6ea98fe

SHA512
d2812cc47ac7a3a1bf56a51e05af17aedc75acadf433a9abc049226fbde2feb6afbac9765c63b89fa27052d84dd3966d6b895dacf144f18709e118092f385210

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e0c7b638-4e7a-4757-9d6f-5d1285c965ac.tmp

Filesize
1KB

MD5
96d2ce008b29809847426064a80f12db

SHA1
e5f6a072ccb771226250a78d3006ae51a4e07c0b

SHA256
dbc4766057f7603ec965f22faa7e8816bfe4d7a990caa92149d0faed122b0a3c

SHA512
2387f98cd64718cd3785e8fc19c6b3e80a29307096fde88f41de75bb759d0b7756bbd88c640ef7de57c050304e35e5b1855af0f7209c87ee78a8f15210eefdc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
96f71dd6886413e53a1ff2b7220ba023

SHA1
1ed43bcefc5de4996c7f6b002a164e0fb1eb896b

SHA256
e09553e694c3d116ee1bba5883fad8b7a9cddfd19d3d58c5a162ad4cb4316db4

SHA512
2ea854b3cbdb9e36e4d9b83ac07043652fa6ffaf36c0515497c8bb26f1e8ca4be7d267dfb86121e1662edf8a258e914a1a8cb584fbf6de5f7c31fe06d70eca11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
a1f3cbfbd144fa360bc0c50b080d4d32

SHA1
fecf8febda62d7fe2073fcba5a355316b720a91d

SHA256
e5ddf3b7143dc668d0cc9fea7734ae17c26207806bc294d6fbfb4dc4549079d0

SHA512
fcfd310d678e4a78df5c56a93fefd4460bfebb2dceda99c33a9e1c95b0006a08ea0ae5566443d99b41a5dfd00e8a99ed3b7d3cd735198c76b807d406ba5990d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
185KB

MD5
7004bc492bdb5e5dc2f26eb11fd10974

SHA1
ee7a9360ee524398d85fe14b7221f3e24f8963f1

SHA256
c2a5771789d7ee24a90264c915aeedfa4993ac31a7b708882636e3760c7dfdbe

SHA512
a029aa05939845997975a2e8cdc8a07223b3be5b71b2d0fa6602166154c7bc6903a1e07729a45309e744235c4c316deaf44fa66bf9aa1f4116ab902a7f334397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\19970e70-e12b-4d7f-bda2-92c489ec4549.tmp

Filesize
11KB

MD5
4dc6ffaa4a8c4d64c101c894d68044e3

SHA1
2e83690f6d53ac1da750ad9e7ba4a755ebf3dc11

SHA256
ddbcc6decf2031e4ca93d4fe2eb3b8e30c57471c970f27beaa0769f43e2aa2da

SHA512
da5a0b143ca89ae4fc25b508e9c31470514a8b81bccb30d6d9ad143859096bab96a327ae4d883cd32ce1e99d9e5583f9738fa84a7989fb8da6a5a979f85d252c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
584971c8ba88c824fd51a05dddb45a98

SHA1
b7c9489b4427652a9cdd754d1c1b6ac4034be421

SHA256
e2d8de6c2323bbb3863ec50843d9b58a22e911fd626d31430658b9ea942cd307

SHA512
5dbf1a4631a04d1149d8fab2b8e0e43ccd97b7212de43b961b9128a8bf03329164fdeb480154a8ffea5835f28417a7d2b115b8bf8d578d00b13c3682aa5ca726

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b28ef7d9f6d74f055cc49876767c886c

SHA1
d6b3267f36c340979f8fc3e012fdd02c468740bf

SHA256
fa6804456884789f4bdf9c3f5a4a8f29e0ededde149c4384072f3d8cc85bcc37

SHA512
491f893c8f765e5d629bce8dd5067cef4e2ebc558d43bfb05e358bca43e1a66ee1285519bc266fd0ff5b5e09769a56077b62ac55fa8797c1edf6205843356e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8d46478f-d0bc-4b71-853a-9bc5c1348137.tmp

Filesize
854B

MD5
e61d2bda8ce5102d354038bdbec75b61

SHA1
f563032ae02c007dd2044a3f02475793806af7b1

SHA256
214247c6aaa85979133ce22a6a27b4fee75043149d78139cf3a7c7ac6be7eb14

SHA512
883522185ccbc0ca68ccb37320fdc2710194b4ffad61ae6637f7f326ff3a2a7fad634fbea298bd71e33dc534740362646bd39218c56276a6a5d9b8f6ff340171

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
672B

MD5
405ddbf2b70d17178d65ed67e50954ca

SHA1
4371180efc6854d76c171de189792e4bfe79789b

SHA256
2c593f166d1ce01d12c783e9da49f91d390a1812b544259e841bd4293f8fceae

SHA512
57838b27b9807c13fa94d6aecca09ab74962b94ffc0371dcdb88c10db9bfb5d2fd3f3079a3d67fa34290b7ccfb8981b9a1e566715e75e5d973cd675bf5ba97f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
0a6f4dd001928919ea3c34ef052b1fd2

SHA1
58235b5d583df63febc02a41cfbb8f63eb2e8332

SHA256
57f2747132208dea46fbcb5e251151eab248a5d34b4c39ea0abb68b962d60ee3

SHA512
aee9af6f6de762990af8e38431ea8b700775c311f5007dbfa0570d56a8c8983f79073c5ee34a0bfce62b40fd40489f62f34d61fbdec9c41cf5e082c6a6b86b47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
1a3e03e84283cc4139df836b1d54bb0a

SHA1
631c6a9fec52ae4a0876a1788f8b2bfdb9b4d2af

SHA256
c669bc5d473dbeebe17593d754d9b8895140cd91754a1d2d18963400000fc019

SHA512
5c8e4ad8f646ec33d23d50c9d6e7e038aaa8889958e428771b31d39df1ea6c1fcc6579ce747351a5d2efa7da4ac65132a1fb925acd05c4e644fb3b2909507a6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
747caba3f2fed3e520e9754b30d8e09f

SHA1
54a2ca7f0a4052fbdd423e33db6f8ccb8213dccb

SHA256
83157003e2cc497a2ad1e1a9ef9f099c5654db2be1ed4cdd03e146bfba6d6191

SHA512
c026ddde7b635fb17da30abd1053374536ca86cf3c2c862004328e99ca7d5c887577c96c6f4b82b68ea46b389e5c4e67ff8cc19ba6fe6e1b93b274365e9c32db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
823740658d5c9e5b3d68059e0978a6ce

SHA1
2606904e6dcf08ddef464d661c820cb3e382f9c8

SHA256
af03fbb5b0037e8807310bcbf8e9579a42cdba253de47b8f2012c12ba0582a3b

SHA512
c49d5997f66282d23bd4ae92882acd025a5506890888a6f814a144f344d48e77dc9ef11e13af1a6b0672f7c5d4854d14fc79691a02d101a07a3265bb9d23c9e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
880B

MD5
5184642baf152046bb349b554bedd340

SHA1
f73512ffae5853ebc90fbe78b641ccfcc73505ff

SHA256
b2f350f11d863469a6f040690f5c4afbdc9a856aa4100b553fca776fc666e1da

SHA512
d4bae04ce4f8171c5245bcfc8e847cdcc7719624520dc2e48a7d55491d410dc39f4766fe6cf8c96de3f1ad41891b1ddc805da89d99535fb3e6ff99940fe66058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
282B

MD5
5b884111ecd06b6f4d7f5adb4572ef0d

SHA1
7ecb8e1eaf1740a07b3ab87f94a3b3b2561e03fe

SHA256
891c8fdcad64b35f54d95fd79ec632e15a85d36c1e96be03070a2c25be5c01a0

SHA512
9d6772a47eb8439f638b5d3814e83aa9d9c4a9c8e073ea4fd3176d73ae8122b8f87ff2d6f2d7577fc4c637d8ec00b8faecf3d0b2fef1a068544b68c06f4602c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
328B

MD5
91d72b910e6486ac337cdcd4fad6a073

SHA1
1a5efc2423c7d5362f4e86004f073b711229f82e

SHA256
317362cace88fbbd9708ee8b48124d68a85b27096a59f9968ef7e9d73ef1106a

SHA512
855013b8b9ecd237a645fb95f0f48f575c552f15251504c9755cbab396341d712d861e0453fd5c695434e5768a784b8e4ddd4c11512188ffbac9aaaa0fe0c3f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c825607ddce705f25efa6f07e01f27d4

SHA1
f1d5a17d116a46577e9041355fba1c4587d14a05

SHA256
8944a67f11ba698a018b1bb4df2e0498efa71fa2c52ce007676447e84fadb796

SHA512
7f565315f214f719a48703c25c4381a2132f594a93804742193a306e7af6ad7cf6113d58dc49660799a451367415dd6010903ddac1534b6136a9c68fe40bb9c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9be358ae10c2dfcdf24202222042625d

SHA1
c88f46dc540d248b08190d73261859f97d639386

SHA256
193ed7b22ada932f4a8b99560c2548b1e5f802be7aa1e0a573a944c8f53df3ee

SHA512
533ef82b855aa4bc6eb913b5412bd37bc12ca4e260cefff8bee97b73f5256f451eb4cbccfe6a7063d374e4503cc3c252d739c2b806ac866b05c63f6e0d10a73c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
bbc2c80fdb358063d8137b2eb628b2c5

SHA1
117404e426c13887f1da0f152518ff73dccc3ccd

SHA256
20416104f3dc35ccb430e1effcb62dbc193392bbed8b174b7a460d0b997a4dbb

SHA512
e19d17a4bdfaad4a6997ff90db194321129dc0ce2b330c92ee4fc3ca27583a61ad364ac18a84fbf20ead887475a8f6fa1f12e1d9cb6b0d9e4d99a0e59be3339c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a0a5c382b805f854af450b569356f367

SHA1
44cd4cb482d46803f1e8f66e2e82b501b49096f5

SHA256
8c5e8fe14dde97dcabeb310c88bb8de0315be2ca52e839929aea409a84c0f961

SHA512
52a01d6867425dba3fd020f25c85ce0fd8d8980ece67ba67b9e8be9bd79f66cb3ea60cc217ee8b2567b93bbacd27abdfa099fc9fef331d92e8a3dec96fe9a660

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c605b8d660deadc18a37a8d8c2a61272

SHA1
70b3fb1cf3d0dc006e53073565f5d0d88154a41e

SHA256
721a783d141b4ee4f8e5a5b19ac6f542dd2ed9e256d1d108d43c3b398f4da4fd

SHA512
f682ef6a89c9d884da3b6628a431681ed15dd3841f06328e489f32d5bd14050529f7665dd0292c15edaab7bda93c49bb2dc6aaf44cba3ce46be46b8dc3e5e36d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3faeddfde12b4ac9663389b3683767ab

SHA1
a9d1f4f1605399aee5b2c0a41e2dc2deb8c228e2

SHA256
babcb9beb091f35866239db0e6943763a0410f197da733dd9a93384699615db6

SHA512
b7f686f1a6f4a961dcb0d8448600e5b3b488cd1e0567b77848094ebf560db3ded15827ff643098273677dea37a9bbcddc167e9c1428ee820e024e8079a7609e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c2dac32f9607ad9009f43cb5efacb2cb

SHA1
dabdb6cabe5bcd2f6a860ab77a43162f14f72e20

SHA256
5b012a91fe8ebe5db5e4689b13d8fd98b840ef88fc84552a9950bcbcaad42326

SHA512
e5540ce80b73390c36230f0a52b3715624462bfd5276a26300d7cc76ace092a1a04df68d2bc5857e52a4930d001f3464dcdd7acb480977d885f339f29871aa94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4ef68a4b5ad3e7fdbab15972aaa7f900

SHA1
3284def9e5f1e43e9cbb7aa644b22c0db5d0bfe1

SHA256
ab59536469437ff0d5900a5d0215bd35685d940d4ffdfcdc16eb147a5f77376d

SHA512
0d44f1efb4dc6c4de1952bd907be2c4a81ecdc6b9af19dfb0245773daa1883828646e08df1ae9ca6e95f63d0823dd85306597b4b13c5ac2d1388f477a26e9219

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5d71d57ae24eabbb65f852865a0f62c0

SHA1
83e4af2bcacb350730e08cd016c8bd017547caa4

SHA256
4798a774a98206d822da860343d15ddef89f7133bf173262c1b6482e4eaefa8d

SHA512
f2d00f47b6efb25be9b019485155dd99be865f937e665806bd829fbdf8b2f66342705286787e3d95790c005a6c1f90264bc4ca3b9539d8c1d6f070db88f0d015

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c1242c6a18f7f1f375e34457f61871e2

SHA1
3f65c05d5d536a088b35e23814f49d41b8be2ba1

SHA256
d599e4f7d0795045cbbeb1a2dd24132b6838d77280ddd984da0c68982f8c221f

SHA512
f2526f3a09a9088ef9da0d93f74de24bcc911d2c0a7c91de72aedf8f1dca158946ea64a69235885ab95ba48f7e33379a0af70c29a6c69f43c30a57f0fa7c2a3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3564fc2623e710e58e2e4d43b0c85a90

SHA1
b39d20cc926e752aded6338739a9f57d4d1fbe6a

SHA256
c97ec432a7e9fb11f5f5e2fdbb2e4fd9487f2aaf611f3b160fe6b2e68303c706

SHA512
86975e598740913fb7cae7b97ac85cd99ee432906bf3e3afe2dfa20b5cf86a1db9b93829f359cfa640bb7c9cb96db5ab59af1541f09e745e37f3d316b7566ea8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
175B

MD5
6153ae3a389cfba4b2fe34025943ec59

SHA1
c5762dbae34261a19ec867ffea81551757373785

SHA256
93c2b2b9ce1d2a2f28fac5aadc19c713b567df08eaeef4167b6543a1cd094a61

SHA512
f2367664799162966368c4a480df6eb4205522eaae32d861217ba8ed7cfabacbfbb0f7c66433ff6d31ec9638da66e727e04c2239d7c6a0d5fd3356230e09ab6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
316B

MD5
4618a1d228d83602af295fd569a42091

SHA1
9f8d8b65602580bab81e4672908d9a61393462de

SHA256
733011c161ae9d9f3bbe756d1e52b7ca32bc035897d05d1407f33070e046a410

SHA512
46023ae5c9150cd792974e1a435c30fab34dcb26229035280a2f3e779cf7876317f03e2997662bc33d31baa79d706ded96753f7740ce1cc998f25b496a130c85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13365892107496612

Filesize
18KB

MD5
2bea661c7232645691c3edfd86379263

SHA1
702347f7857d215868cbacfaaa362a9b46bd2c82

SHA256
37d006c45f4fa5ba2f330a547578e5e4ce2cd566f559a78f5134e07a907c8933

SHA512
fd781943f879ff4a4cfe355f9175025200c044c588e590a26f9a77a9b8375314904de32c13334e010fc84eae1881b20cb0dbacdf1e5ed18f555132a6c5260437

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
12c0a40fe47c441fd663caa62fbbc336

SHA1
0223a9cc9d13405eb9161bb1e7c06c2d72f5967c

SHA256
c203db0676a06652a716453502d034fc9039033a8129d4f8940debbedb4d6aa3

SHA512
27549a11960393d6d2f8c458b3e0a3ccd45859b0840a61b990bd1948a3e8f0754a24dc5bd4157b9e214d9e5b8cf40416f7c96e955f2320701ad6c7be369e7ae6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
350B

MD5
064008280211bea61d4d89110c849e11

SHA1
2761bc24deb6f9c293b79f96d7317efa6c46dee3

SHA256
4de5d23e71e57956784f0aa060a2746621151caee480b914b78517f0ab519cca

SHA512
713e1c6a15a107d93b6cef17d8da6b25528c5973a1165e4acb945b000ddf46755c28a933ef640d9876b9849a3038a36f8531f1537391f41c8a85a935dee10f70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
326B

MD5
02e3b6de0bed7c4c21d0f437fc6eebbf

SHA1
91a6be1a39d4a6e0206235fed5f74982d317c353

SHA256
bc7e72f9de005d513e8cc73d02d13dd080888bb5b1811fcd476fa279edf0b490

SHA512
7b8717156c4b24db3b91fb1a53d851286dc34d10df4b1e2dd30e34f676c7ad953774a45da3bceb8c21575cc235c9be97203fc24cb9babcf68aacbafb23aabd34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
371B

MD5
3ab491363a4390b79bf1591d15919f6e

SHA1
20c1102fb1f932fed07622eccf7b4a7bb44a897a

SHA256
664d292c154f62700d62b564b0fcfaf0683ddc37080da8f539975bbb1843aa00

SHA512
ca694cf85763c6bb7efb1a72d16df32557e9e8c2b592a39f025a8dc72156bf6294797868c8367a2c9ff451fb4bf4285c041a82c34093f134f40f6b7d46af189c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
abbc44769a50f0ed4f2e07d828fa4370

SHA1
d69595824648bc158b0b2b445a46a2dbab0e021f

SHA256
5d97d91aededff83969c8a42e82a9556fb1ce7b1431fdbc7c4f6c5ed7cc6b9cf

SHA512
1f10562ddf213fc597deaf31c8e35ba066aff3bc205262b523bb71f2c952e95b2ddacbf87e759b38d3984685262691aaea6c1dd17ac4759a38f93ada11d291f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a2bd0e39-efdf-4960-86ac-9e97a73c9780.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

Filesize
547KB

MD5
44329089894de897d88c68cf331393f4

SHA1
e5b96da7d5fefd77a17c89ce8b765bdcff851e0b

SHA256
01c17feabbebe50165cf7a222a0f07e407c40cef6515243688019e873b97b47e

SHA512
e783b1a4b3c764ea1df235a7d93803a0b4237a8d10b5332b3c29aa8c43ca8bb30446fe294c8ca86204e56bbb6eef095d71723ba4168adcc5aa1cdeaea1f4a157

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
3247288338010daf88ba49c08974ab7d

SHA1
596f0b667e0a567e6fd5872d37905426a81f0df9

SHA256
88d12e9825f9de09fed162d3ccd7f1a694024c5ec64b5b925fa71c7b0c0f2bc9

SHA512
a4abf11e25882154ccf176ac2c39170b69790f5d27014591ad110e3cd2ba7438274aafb83ca03666babb1839cd01aba87bc0cf858b7fd3d8227c47a5674d8381

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
337B

MD5
765c4fe397d81065452263f77b92e1c5

SHA1
5d14a33c3fee5e5938f6268de13f8b9317eb1a51

SHA256
beac2693c82224769b9c81268dcb0a7ce80f980f78896534fd7114a531196335

SHA512
2b2ab3b872472a40945bf24e42639119b5f0a90bd33a3dafa99b60e481a2eed058d07c8ec9df7f2e4bac8afde85ea2ae45ecb8d8c5596f9cffcecb4ab177d91a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
c0756d19e794493373bbc0df5cef5c07

SHA1
bafdace88b54edc208a7d1f3292cc62c1315836f

SHA256
5c72b1bc061f1ec134852cdd524d6c683e9e549ec446d4fcdcd915665b00290b

SHA512
88268f99f75bad29eee125cc284b21a830f47efef1610927ad8013f96aaeb1690aad7b4a89e46823dee3ce469214cca09669d56c395e431980cfac5e129ae64d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
17f4968c6e1174048317a18d08bdf5c3

SHA1
3af60f41789a1e4219bed014c0a732b4ade19341

SHA256
25f3ad823a9410d01e47eea2f99ddd9ab58245f828840561e7d6d8b537dcd03a

SHA512
2c82b0e0c6c6c04a8d9a1aa503e463c406d2fd44b72d73f0ab02c6ed6d3bffe7a167093b9d43f7689e346864d80fbae7f3c99156f8f1c54e4858b0893bef1f46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
0d23e3a5ba5747d6300145e28194b965

SHA1
06c870dc20cd453ca00fb2e3b29efeed390a4705

SHA256
108343d29e72080a94c81d3bc3a20a66e813136f0bf366d029b31735d5086f16

SHA512
196469e7533c7c824222f9d62581da27f35be6de2ece0801c30dbabea04751bbff875caa5b78557ab40c216fb24cf3971add1a1ca2fa6c5148add0345e7c403e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
6f588efb5559e4fffa7e0ebcfd0f9e24

SHA1
33130973c1d682c6ed2d129c0bec4d20422d1a19

SHA256
7b0a74840b140e0b2f922f00f12e4f837334cbd0a27e9da3aa15c52435977131

SHA512
0183fa264da8ca165c3cc43ba01d48f267eb36f80eaf98166b15dcaa776d9198839d9e26ecd1437ed1bf84f75ee304261fffd4a3ff57ca5b440edafac504091f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
16KB

MD5
4517391bc8c55acdbe1f4c2f0d1c1fc8

SHA1
ac51fcf3271333d222e4cb526431817f48345a43

SHA256
3c82cfe4ef2e80ad0aff5da477f399da7d5c0169968b800b1bd730c7eadbcd8d

SHA512
e85033dd2a4a4038512102052bff9e8a76e7a43d609431d987d436f262e21fcf1e298441cd378590db0742ca65845bd1585a7cba496aebe245a8084dd616e5ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
16KB

MD5
8feb503d057a1dfc7121b0aa2c7cc10f

SHA1
0d25b47e8482de37b7f615205b8a45162e1049d4

SHA256
e816b1086f600fa2096189c847f34de90dabd33b899de28ce199682eaf17c713

SHA512
a193f820d8719a47d6f52ff9ff2bf76c27ea3611e87a582543c8a55595af25cb3d1bb00913f8c2a4f2ed027ea2749717faf84d75e887f32610dce4d6ce105595

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
16KB

MD5
f518f20f1a2a3cbc5e06727390c5ace8

SHA1
34e2a209a91edfcb99bdd6ea223d0eef65b4744d

SHA256
feda186591209ca08ad9f5e06a6f77b428784fe38afe1f0af4c6af00ef756a02

SHA512
14b1a981b09081662735326b670f775405825186f3e5a539351a949e6d520eeeb6048c32dac6e0b30c807baef21afde566920e21705fb958ce0110c30a4fbfa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

Filesize
17KB

MD5
6bc4851424575eaf03ebe2efee6073ab

SHA1
2d014fe2feb929d03a46322645a94556ca5c9e96

SHA256
abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e

SHA512
af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

Filesize
17KB

MD5
fc97b88a7ce0b008366cd0260b0321dc

SHA1
4eae02aecb04fa15f0bb62036151fa016e64f7a9

SHA256
6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e

SHA512
889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000006

Filesize
16KB

MD5
cdbc1f93b42d23ebd92676d94b17a6d3

SHA1
24ae184db5010254242a2a6ecd01a6fe4ccb9bb9

SHA256
b1ea61fdb85e5b19079cbaa607396cc8125844b3985d1ac34a5f8d75f97efe42

SHA512
aa1fb2d022c4bc4d487a47bf41d1ecc765585309531a9701c05d5b4c4fb775eb8c11c4ca81347a2c32c3a0dc634a7b52b2ae9ff96d82f7a4667301d74de0d563

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000007

Filesize
16KB

MD5
2e68f7fb40b89156b6eb280408ba0b33

SHA1
d1ef510d03ad27a029514fa76142920e2a92fefa

SHA256
e49ef4f9f70f75d92e37922874c2b3a7fe2ee4e7dc7421c6e1070b19819f2c95

SHA512
85506ffc415b63bbd047e0eb6c048057f5ff727e6c5c6d854b0364f762a4471d5f8d70084826b2df04970f989438da8e58c2d5dc1b1b82f829d256440dd92b89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000008

Filesize
16KB

MD5
ab05a3d19667287b0eec66c860489a93

SHA1
54dd92e642404293da1b46221a27515cbe7c3ddf

SHA256
a0669f24188f7a9694baa04fee73380e76de4f9f3a8358986d56624fb769cf73

SHA512
73e1edb222a8fdcdf6c34d159f02f51e87374962e473095b92c06b368af075815af14a892d950d50d3065a637bdf6c0850a74a265ad72f49436abfd667f3facc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000009

Filesize
31KB

MD5
2f1ec27c2803176aa1f7cb1dfe10ad06

SHA1
5b93f0a2a9322f1b34f1a63b356e3acdc836c99d

SHA256
f8bd05774df8f324683471354366e3160cacce57fb7b8aecf061722ec75f6532

SHA512
f8139ae2e0375bf05bc94c8631dd980bae5be9714ea78730d9e7f0c3c2438ea4d2fae17601c04649bef2c95a684062cea826efe0e08336ea2a8a35aa420c39ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000a

Filesize
20KB

MD5
e8e1f8273c10625d8b5e1541f8cab8fd

SHA1
18d7a3b3362fc592407e5b174a8fb60a128ce544

SHA256
45870d39eb491375c12251d35194e916ace795b1a67e02841e1bbcb14f1a0e44

SHA512
ca77d40ec247d16bc50302f8b13c79b37ab1fcf81c1f8ab50f2fc5430d4fabc74f5845c781bd11bb55840184e6765c2f18b28af72e1f7800fe0bb0b1f3f23b24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000b

Filesize
20KB

MD5
a4e164f6a15386763f5a9915b9b2abc8

SHA1
8d499d52070f47a4084008fcb8874fb148994d4d

SHA256
dad5ddc6868717a6c955e0c7627f0f93adca70d5d20733c1a98324269fa19f85

SHA512
9ae0dc6c7638553dc8b7c99f0f0b5671901409b50c0cd7666b556a08cb979b4334cee2b10bc826a3d7ce435a84536a0e81d2fbc79104e29588c5b506da97aa0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000c

Filesize
19KB

MD5
e3ce979e426e4a349a51baa9515ef750

SHA1
f01511e40be6a2d1f2a912cd82fd47023b3c2961

SHA256
577f842824da7be899ab4cca5906ed3466c6b6f5dff14c3e078fd9d70a6f7ddd

SHA512
4e1aab4f264f022765242a9bcc1e2c7b063d8bad5b343230ccb706c59f0bb553da41dea739330515271fefe80da41d5c29ae5ef4e88c552554c2ee8489be7c08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000d

Filesize
22KB

MD5
1ac9e744574f723e217fb139ef1e86a9

SHA1
4194dce485bd10f2a030d2499da5c796dd12630f

SHA256
4564be03e04002c5f6eaeaea0aff16c5d0bbdad45359aef64f4c199cda8b195e

SHA512
b8515fb4b9470a7ce678331bbd59f44da47b627f87ea5a30d92ec1c6d583f1607539cd9318a5bccf0a0c6c2bd2637992e0519bd37acdf876f7a11ed184fb5109

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000e

Filesize
17KB

MD5
d9ab25168f8f536fdf8f92202c6ac060

SHA1
789fa090b18ed4195528196cb8883840fb86c801

SHA256
2d4f19e670e3081e0039b061c8d80c8037605d5f8a01a9bd58c4ed1537a253c3

SHA512
04edad29dd23e2d5f5d5242cf4d98f35f71100e63eacc4ba297736a944155e96e458f1ec0c08d5cf53ab50031ba4fa06f07b1b349062ff896d8e2134afc48b79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
836561d2ef091e8d14d9055e0ff70c87

SHA1
e3dc3e97acc2740b83a56d439fe00064d2cf4c31

SHA256
4cfba98097ed5a3faa50ac77250b697ea887e11a76cb4bcf48081e5466522cf3

SHA512
daa14f9fff43f6f197594fc789db8daf295033bc77068ee449138e937dfea0b31a172236d49a0f2fbdd3214bbb8ba0622de1f9b13835db15af45e261cb842165

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
92d3bb171176a40fdec69db8b839c75a

SHA1
efba3d764814abb9badebd1f748c3790a5592aad

SHA256
712fdb8f27190f4b173c4e8c9e1cec762a73a8d71b8c5ec0eb87991f61c11ad3

SHA512
4ca64fd069ff1fa75909b96cedc5cb147c07a4437c145155e9c342c40a00b2074f6a347611de011bbe3cd6e3875326042389cade0475e415d75f5d8833a33fca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f9bbce99fe7fab3070e5593f7f39ddd0

SHA1
aab6d594bf20b65b35ac02a78d737d2df36d6911

SHA256
515d25da4150d29704c7c7357fd349424c54f4f18efe4f431f8a528aff92c61b

SHA512
de01355c7bcbff8c5327b0d9c4f34670ee5ba72bf0e3148b4a7036ed78207c14770c1df4a9418291732c32016232e3b66e20fcd3b85c70201a41fb21d5bc8aec

Download Submit