39f5863ec3a99baf9a9dc91c7cd7f425d3aa585f15850fb1292666b09bbe8799

Analysis

max time kernel
145s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
10/08/2024, 05:40

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

498KB
MD5

a5cb7eafe5e29e63b11ae83ff93d0ded
SHA1

1b11f24d0378b63e7066373702783f380d3389e6
SHA256

39f5863ec3a99baf9a9dc91c7cd7f425d3aa585f15850fb1292666b09bbe8799
SHA512

d539a77144c0269cb317f3cbc6a7de348a69ad18e4e84578a81bc1b4119b78c8f04c3e014a91ff1ebda7fa55b2048c5467743b4b5ed0cfdc2c839a638dcc4129
SSDEEP

6144:Oge5dyMdyQdy7dyedyxdyNdypdygdyadysKDt:OTdTd9dGd1dMd8did7dDd2Dt

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
872	msedge.exe
872	msedge.exe
4336	msedge.exe
4336	msedge.exe
4904	identity_helper.exe
4904	identity_helper.exe
3784	msedge.exe
3784	msedge.exe
3784	msedge.exe
3784	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe
4336	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4336 wrote to memory of 3928	4336	msedge.exe	84
PID 4336 wrote to memory of 3928	4336	msedge.exe	84
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 1216	4336	msedge.exe	85
PID 4336 wrote to memory of 872	4336	msedge.exe	86
PID 4336 wrote to memory of 872	4336	msedge.exe	86
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87
PID 4336 wrote to memory of 3416	4336	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82b1346f8,0x7ff82b134708,0x7ff82b134718
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:3416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:4280
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:8
  2⤵
  PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3980 /prefetch:1
  2⤵
  PID:4408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,17838428875383862533,2935856372530263066,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4708 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3784

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5060

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
53bc70ecb115bdbabe67620c416fe9b3

SHA1
af66ec51a13a59639eaf54d62ff3b4f092bb2fc1

SHA256
b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771

SHA512
cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e765f3d75e6b0e4a7119c8b14d47d8da

SHA1
cc9f7c7826c2e1a129e7d98884926076c3714fc0

SHA256
986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89

SHA512
a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
721303a125920630ea4c1370a0463695

SHA1
bfee83f3c97e215be15383ccb4953ed0fa32d955

SHA256
604ea00f7a8c389331dbbbd09fd4330c94b72299b9ae9aad9a37a8aac27731bb

SHA512
a92b47082e5b6c2f20f2db2c4e072f63c90f72cc19e13fa92a3cf77b3a8f3e52427aa88ce0ce14cee0d8e5c6ea4f21f586b7be8dc9dbd1c7ca92890a4a789966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
75abc40484055f67a708ba53ae40fa51

SHA1
ec4d2da12557d9c62deb8507c8ef1816c2bb5bb6

SHA256
a423aace85df7f5f8394509f3859e38a050e7da68246ce4613cf1311a8245207

SHA512
754d14001e0e506908a75f62ee39887c0bae8c475b7c5707a45559b7a4d006b7fc76780d4b9f8cdac39fd8d2baa6bd9b14ab2b0068de177217ca598e41241305

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8c9d9688d96e7927660f2b9972ccdce0

SHA1
9134e434de1555056969a1fbd63502dcd55357bc

SHA256
231e9d49d377c1ee022ccb11053406305362e271c275bf118d344ddb0138e8d2

SHA512
3003ea8b2ad01305bac6bb4d9170d89e0567bce84fe86c47434b474f9d434d478418ebed5eef40234d1bca79d46a4457120e1db19a87df793151b08abc092e34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f4bd91d1f7df15e8f6f152193140c06f

SHA1
79d20554665522bbc29590abc8a130c9c39bf021

SHA256
eb87a999fef2d86675a748b9caaa5ead4a920104456c4b3ac5e1ec3be8126216

SHA512
e942d3a737fea315579d491636f6b70335d3218c2cc44d6f03efdd39f50bbcfc64e6e11c0a65c5269326450c75a86b06613469d837bd12a8c2d685d709e76f94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\f8f9832b-4801-4a11-bd2c-392a0a252811\index-dir\the-real-index

Filesize
1KB

MD5
8e7fe4cfd793384516ae7535e2eac909

SHA1
783dad048b6fb4485119493a9253047c5b5ad137

SHA256
08f2c9c6c0f2913e3d0d3f861964b0ef0b6a17372384a2afdc5f8f5a1cdf5465

SHA512
ea561ee9eaecb1a95263100f8357f1498bddd4a7ad03f0b4360098e749c93421d5fcb67b8fbabe3dab7d0171dcd5691255916e60f31589c1505a539de6247fae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\f8f9832b-4801-4a11-bd2c-392a0a252811\index-dir\the-real-index~RFe583ab2.TMP

Filesize
48B

MD5
283109908c6400ecaad655c268c80466

SHA1
ae1ff0fcaf5e2e1f173b14fb4a0dd5c698ad89e1

SHA256
1d4c6bbc8c4ac6cf0aba249417c4440924c6718b9f2c18e17b3922b4bd0ec011

SHA512
fd306596431a4c718273b6e293e2fc287cf1f2600b065700ddc1c83e2ac5cdad5c3779ce6bed1cceb37a500e7bef7134edb4c5fc2bd2897f4c1423f0795c4aa2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
73B

MD5
e5ec6d7164c787616c52995aed200791

SHA1
ac3bc53f7d1618ada3d5f654a6a3009645dfa808

SHA256
287d63b29dad5893043a9180cad9bd5b78638782f745d9abcd7a662384d7c13f

SHA512
33d2259fca92b5baa3a31fe0f4aad42a6fb38e66759705c454096ffd0a8b63d6210e7d32fa0dea52b4cfd4f04b3fd642d18730a9ed99bb902cb2e75c03d24b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
130B

MD5
399ffb8b4c57b1ee760297eeebcab1c1

SHA1
70022c6ca0052b36dca5ab415fd1cabe76a08bc2

SHA256
46661a8f72625b140c1818f066cd3d7582a8537cf901ba9b7b78c292fedb5525

SHA512
1fc76e6393a6e3305627d3c5e52fe96af8cb0830387ff32b514af648759115a80bae997f7ac9bf56c1a2ca9ffd7f4fce2e72e86adbf900b7e34f052c906c5258

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
66B

MD5
2023623c50dc9c1dc8ee3061c2d21a94

SHA1
f1c755729b806e17542fa9566da776271bb837c0

SHA256
fe3ce62aa1aa1d8ee8062621bc32ca65c7588c3140cc9cd4cb86508951fb930d

SHA512
d36eb288fab102c1a50f7077c5e97b92e5b168673cb92bc238ed0ebd026a22370fd86b3275f939d5cc95813b08755d293aa683953bbbd7ee0a97a1e8178f97af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
68B

MD5
ae87cce7eea6877c78b59062c3ff23d8

SHA1
6559ddb0f39bb77fd06862e0ee2a27d70f172761

SHA256
7c13ed7adbd4d8b336d87808912a968b5b089afd6d2bb6779cad2dcb0f154de9

SHA512
ee42a04704d6796072315ff51a3488e5b60a03d7a182531782d691c25a5fb2d9c9aaa0af3487cad82d177658aba6820ff7db882f464152593fe479c3751d6ed1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
07cc14ea7f9f19e5bc62ed3678d5f929

SHA1
f18d6f9551afee7353eb7e966a9ae2038ce5fac4

SHA256
b0856f500a3dcccebb379f2e5d0524a10ba3cab750319777f93a724478e4e232

SHA512
01fc0dc43be376793d011c1a526d7cd1c167cb935082a8f5cfbc0f79641a8c383b8a2e150ed2873e7710cc333ccb441d8412d5661ddf55d361fae97ba7266ec9

Download Submit