Overview

overview

3

Static

static

1

file.html

windows7-x64

3

file.html

windows10-2004-x64

3

Analysis

  • max time kernel
    422s
  • max time network
    364s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-08-2024 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.html

  • Size

    312KB

  • MD5

    53c0139d157cc2111d01c68e5f211c57

  • SHA1

    b9bd365356f5d11be3059b7c46995afdfc0e616d

  • SHA256

    a9362789849f8f86db384371d5b0f3de60cf3535c7984b618f423ea54e49f999

  • SHA512

    c07e9841e77e7f6e367ee59cb16a7be64fba60f4ae564ca9295665eaabf6447c738754133424274fb6bf5980baac81055c55c7fc6e207f46c625fa79d4f7ffb3

  • SSDEEP

    3072:2iNgAkHnjPIQ6KSEc/RHbPaW+LN7DxRLlzglKTVLJk:HgAkHnjPIQBSE67PCN7jBTVLJk

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\file.html
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:432
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9df3346f8,0x7ff9df334708,0x7ff9df334718
      2⤵
        PID:2700
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
        2⤵
          PID:732
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3964
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
          2⤵
            PID:2200
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
            2⤵
              PID:1436
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
              2⤵
                PID:1416
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
                2⤵
                  PID:1768
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
                  2⤵
                    PID:3508
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
                    2⤵
                      PID:3036
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
                      2⤵
                        PID:4396
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5732 /prefetch:8
                        2⤵
                          PID:1052
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
                          2⤵
                            PID:4948
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2012 /prefetch:1
                            2⤵
                              PID:5104
                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6184 /prefetch:8
                              2⤵
                                PID:5016
                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6184 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:320
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
                                2⤵
                                  PID:2516
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
                                  2⤵
                                    PID:3864
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3748 /prefetch:1
                                    2⤵
                                      PID:4380
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1460 /prefetch:1
                                      2⤵
                                        PID:1348
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1848 /prefetch:2
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:1412
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,8416566674355941637,17369941502637912423,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 /prefetch:8
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:1912
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:1484
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:972
                                        • C:\Windows\System32\rundll32.exe
                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                          1⤵
                                            PID:2796
                                          • C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe
                                            "C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe"
                                            1⤵
                                            • System Location Discovery: System Language Discovery
                                            • Suspicious use of SetWindowsHookEx
                                            PID:4240
                                          • C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\winsetup.exe
                                            "C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\winsetup.exe"
                                            1⤵
                                            • System Location Discovery: System Language Discovery
                                            PID:1740
                                            • C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe
                                              "C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe" --setup
                                              2⤵
                                              • System Location Discovery: System Language Discovery
                                              • Suspicious use of SetWindowsHookEx
                                              PID:4880
                                          • C:\Windows\system32\AUDIODG.EXE
                                            C:\Windows\system32\AUDIODG.EXE 0x4c4 0x41c
                                            1⤵
                                            • Suspicious use of AdjustPrivilegeToken
                                            PID:1560
                                          • C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\winsetup.exe
                                            "C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\winsetup.exe"
                                            1⤵
                                            • System Location Discovery: System Language Discovery
                                            PID:552
                                            • C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe
                                              "C:\Users\Admin\Downloads\Monster Suiting Game by Lion-Oh-Day 1.2\Monster Suiting Game by Lion-Oh-Day 1.2\MonsterSuiter.exe" --setup
                                              2⤵
                                              • System Location Discovery: System Language Discovery
                                              • Suspicious use of SetWindowsHookEx
                                              PID:2180

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                            Filesize

                                            152B

                                            MD5

                                            ab8ce148cb7d44f709fb1c460d03e1b0

                                            SHA1

                                            44d15744015155f3e74580c93317e12d2cc0f859

                                            SHA256

                                            014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

                                            SHA512

                                            f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                            Filesize

                                            152B

                                            MD5

                                            38f59a47b777f2fc52088e96ffb2baaf

                                            SHA1

                                            267224482588b41a96d813f6d9e9d924867062db

                                            SHA256

                                            13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

                                            SHA512

                                            4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                            Filesize

                                            168B

                                            MD5

                                            e603390c5b0cd96f558e6c2c6ab8bee8

                                            SHA1

                                            248b37d0b559547897f8cfef5289939b36c166fb

                                            SHA256

                                            bb8630c572ef7a6039566009d7587427516803f726ad52f4e7cc0dc0503759df

                                            SHA512

                                            7fbceef78dbd13e858b97458ea6e5aaae9d10e31ffe46f6cea6e7712a5ab13fd5415f6b749b2e9658e758db4ff1454f1f94acf01808e9bc19790b239abc9545c

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                            Filesize

                                            3KB

                                            MD5

                                            4cd1fb920edbfe846f9c2fce49562d0d

                                            SHA1

                                            76370d8ab9b7f8a5ac631da3bb3ec1b26a24394f

                                            SHA256

                                            8b935e7175e9131958bcc1c0a85d2ebf118cbdfe4b50966f1df5602f6fa35b41

                                            SHA512

                                            94efc29ad4996a1c4e520eb35ad0fa5f1427c4333a789d11303adb585e6ab8b1a9879931fd643aa1dc8c4ae7b741afcab590a883dde948a80e5d3ed21e87fdf9

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                            Filesize

                                            3KB

                                            MD5

                                            83f6d2cfc30f5ff08a38703603a8856b

                                            SHA1

                                            1a7d1a5f2d7568d337a7d3f8ae79b5cd613d6f5b

                                            SHA256

                                            a6a815573c383786f550dfbc465b7b1124287c64f97d6468064fb5a3f8a354cd

                                            SHA512

                                            17dfb5ba88c2199c17de02d8bc05624a1269dc99e6f69f8b4a3601b1e3a990e000736a2ba9c77a176c8227d2684cf7210db16643cdc759c9bc6478e530df617e

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                            Filesize

                                            6KB

                                            MD5

                                            06a971d2e1714c89b684259630138951

                                            SHA1

                                            0476b9543bd78d462045b3a8c5ad192fff8d468e

                                            SHA256

                                            99d5678086678215ae6fd8f436d3059cac5721aa9acd48cbede75d2f007cdf60

                                            SHA512

                                            fcbe5dc55838f8cf515596f86f9cdf8ff60e6ec7207d8a5a52e68a571c0c5634157d3c86daef52ca2663e03ad2ad28824a5ddf8c78439ce1e9c8923635a57d81

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                            Filesize

                                            6KB

                                            MD5

                                            b0d2ee0c3ca2c361a9062c884f4cb8f1

                                            SHA1

                                            1560097eab08db7459089d0368abbb80947cbca0

                                            SHA256

                                            acdaa893b36b6f7f130dbcd7b63462d181dedcd202b8bbe21a1e4712c9035488

                                            SHA512

                                            29f3d12ce80d9fdd497694853f76e6f327fd24f6b8fc8ab816a06657d0e0c465da310430586737304051accdd133b4b890829c09e4cc729dcb920b046f2ea6a2

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                            Filesize

                                            7KB

                                            MD5

                                            9d9d29a18d22d724b30047a0a5f98642

                                            SHA1

                                            76d267467a4e01e3315ab0b93d19bcbb31443547

                                            SHA256

                                            c29e7530df4d22374e3b090e6a127e6b6c7822f7f5308e504ebaafb0a7299838

                                            SHA512

                                            341c085f81f41b04ca34392e0f9d766c4e67e8351afc409f1ba2bb349c01238d9777f45e6f74afb8e05addc7f519121394cde7fa3573bd34ba861eb82b4c417e

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580961.TMP
                                            Filesize

                                            538B

                                            MD5

                                            17b6e367fd289c8ac3b4d5ccb129c7c5

                                            SHA1

                                            332317c5bbd377b6f676618b52a3d26d1cab730e

                                            SHA256

                                            cbb22b1a1d0dc39fec7737658dc752152de437b5b100c02ed0f40b8c22a81667

                                            SHA512

                                            dcb9f04be4d022596e95f45c8fde75427e64358320136c15a7701b131596a3173f6820f023e64df300aaa78ba6643a8d001c935ffe33fb9a7290ef70e67d0d9a

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                            Filesize

                                            16B

                                            MD5

                                            6752a1d65b201c13b62ea44016eb221f

                                            SHA1

                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                            SHA256

                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                            SHA512

                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f5d21c5e-3f0d-40d2-a7c6-2ff2a96d613d.tmp
                                            Filesize

                                            1KB

                                            MD5

                                            f2b9644342ce105c4396ce3ab8e7b291

                                            SHA1

                                            10c88bd9b7f40e256209064fa2ac285d32902da0

                                            SHA256

                                            b1dc5834af19fb3cf60b72adf0e0e98b7359fc13041ef4cf9a4d9f395e211105

                                            SHA512

                                            cd50682e897fcc3980b07db50fab102c5e9d2bc1fa8ec81f3d308e81604df3c36e81c4263eb86d5afddca155eed67f1998625a397b3ea8e9eb6f35f943f2b15b

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                            Filesize

                                            10KB

                                            MD5

                                            2d00d197726427464e759af3c670a35a

                                            SHA1

                                            68813c0c9fd2c0520f4eab6201f969d4384ac80d

                                            SHA256

                                            843ef7429ac3df8bb5000a3d67efd9416463b93cb394714f09a9b5c65ffa9ec4

                                            SHA512

                                            e1b8a02da365c12b814633c031fcc186342cbb5196b13b7eae36b8eb87342b517bc5e746c7fcdcb1689c9ed268f1f779df6c943c289d390e1b505e51eb318bdb

                                            Download Submit

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                            Filesize

                                            11KB

                                            MD5

                                            9740acacb0eb6134c16eb18af675ee5f

                                            SHA1

                                            571af40e7229f0b07a0c2a782884034ebc69d5d4

                                            SHA256

                                            8892792175412c10c89e0abb814e2030168344b8283ed0dae96bfb5363fa5951

                                            SHA512

                                            13fff13005d38133a8d548a64df1b8fd691a85fbc1ddbd991223b1b037cef6e2a293d13576023946c65abeb9ffa2a35b449436daa0c5376934e8b9a0c10dd32d

                                            Download Submit