7e2607b59ed31aced0c6a866a781666f098bb88c1c0cf9f6691aabc7ca0cb608

Analysis

max time kernel
487s
max time network
497s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
11/08/2024, 13:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

s.html
Size

21KB
MD5

bb3e26e8472668cd67027b6157b5ddad
SHA1

094c28c6655e349a094b94e40cd7c5aed1f2116e
SHA256

7e2607b59ed31aced0c6a866a781666f098bb88c1c0cf9f6691aabc7ca0cb608
SHA512

e9a29a5b5486f3a8b3d18471441c951c1303eb5319eb105cf4194831e6a1eee280b258292348cb9002aef31859c91b86d213b6b99e32a8ca23c6b70e61369300
SSDEEP

384:nd8zRGKXRJJjmmX5II4gHRCR4/qMd202VQxk7OL1IeuP1o80:nSlGKXRJ9m72p3AT7OhIFPS

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{28AAC2C4-0A32-4866-BA61-BBA03826C53B}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-970747758-134341002-3585657277-1000\{E60CF8CA-BA21-4F7B-A8C5-7282A3587109}	msedge.exe

Suspicious behavior: EnumeratesProcesses 32 IoCs

pid	Process
684	msedge.exe
684	msedge.exe
1136	msedge.exe
1136	msedge.exe
1916	identity_helper.exe
1916	identity_helper.exe
4548	msedge.exe
4548	msedge.exe
3092	msedge.exe
3092	msedge.exe
3092	msedge.exe
3092	msedge.exe
2756	msedge.exe
2756	msedge.exe
1728	msedge.exe
1728	msedge.exe
4932	identity_helper.exe
4932	identity_helper.exe
2220	msedge.exe
2220	msedge.exe
4556	msedge.exe
4556	msedge.exe
3120	msedge.exe
3120	msedge.exe
4556	msedge.exe
4556	msedge.exe
2256	msedge.exe
2256	msedge.exe
840	identity_helper.exe
840	identity_helper.exe
868	msedge.exe
868	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 50 IoCs

pid	Process
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	4268	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4268	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of SendNotifyMessage 36 IoCs

pid	Process
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1136	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
1728	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe
4556	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1136 wrote to memory of 2640	1136	msedge.exe	78
PID 1136 wrote to memory of 2640	1136	msedge.exe	78
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 3952	1136	msedge.exe	79
PID 1136 wrote to memory of 684	1136	msedge.exe	80
PID 1136 wrote to memory of 684	1136	msedge.exe	80
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81
PID 1136 wrote to memory of 3392	1136	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\s.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x104,0x108,0x10c,0xdc,0xe8,0x7ffd0dc23cb8,0x7ffd0dc23cc8,0x7ffd0dc23cd8
  2⤵
  PID:2640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:3952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2344 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:3088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:1420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6376 /prefetch:8
  2⤵
  PID:1864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6424 /prefetch:8
  2⤵
  PID:2436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:1464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
  2⤵
  PID:428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
  2⤵
  PID:2560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6836 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,8149282439137033559,14813973160701722152,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
  2⤵
  PID:928

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1900

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2448

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C0 0x00000000000004C8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3880

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4776

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd0dc23cb8,0x7ffd0dc23cc8,0x7ffd0dc23cd8
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3520 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5432 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:3648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1
  2⤵
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
  2⤵
  PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
  2⤵
  PID:564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,13637163027381366414,12495386188820738511,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:3724

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3336

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2256

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:868

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2508

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd0dc23cb8,0x7ffd0dc23cc8,0x7ffd0dc23cd8
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8
  2⤵
  PID:4740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4396 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4400 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2256
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6004 /prefetch:8
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:1284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
  2⤵
  PID:2436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1860,12699938081827207533,9670474816052039552,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:3788

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2020

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4548

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4344

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fd01ad1ec59993125f501d763d18aaac

SHA1
0cb578cc4798b0615e42d60cbfb615c74cc643b4

SHA256
f8b6c1472bb3be6826740d7a2677db7670ebe20d479a473d345ea6f819ee5139

SHA512
ca8de9b00cee6fce09df2fec02be55af7f9e01c634fba61b4b620971522eb235d3c5f90eaba9c5069a1c23749540ef9f0891486ac20036bb7b26a95346aa6985

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8276eab0f8f0c0bb325b5b8c329f64f

SHA1
8ce681e4056936ca8ccd6f487e7cd7cccbae538b

SHA256
847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da

SHA512
42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ec71aae4acbbfd779f564a14d9470e19

SHA1
76f7745ab6024e40b2314ae6f886de3197d9d64c

SHA256
54180aa99d9d405360ce115e24cacb9315a6701b75cdeb593c08fc91e1bd535d

SHA512
fed0fa74b67d4c357778af69974aec7ef29f69c9e18456f89d03eeacf1b42163f3cdcf04d12c2b4caa9330f23015949947c218cc8e2076fda10fac73ad66e51f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
058032c530b52781582253cb245aa731

SHA1
7ca26280e1bfefe40e53e64345a0d795b5303fab

SHA256
1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e

SHA512
77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8eec0404-e3cf-461c-8240-fccb4b990b53.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
c12e416624378e34ec3a2102f3cbf241

SHA1
d1fb1cbb6927dea4e67c1a30cf9fdc7c7de3c944

SHA256
1a67f007d6e216807a1e625a55f1fb5e608f4e0e76a337eb15873a82810ad4d2

SHA512
2e11736bd7d6f2891e0e37206574970b327f5123201efdd040e166e6baaeffbcc40450fa0d1f67c3caa0307102272476f9048336b75bfee89562b10b119c0546

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
b3d02bae64f74aa1668ee5e17d6c8727

SHA1
95550a2d978a7f1ba567885d9dacd20164f698c8

SHA256
98d7af6ec755da47803e17480810f000e31a5851942c03a9fdddb262fe1cff5a

SHA512
27044b3835bb9a1f7af8272e7ded5f7e54f9355e5d0972ba6e90a30bf73718270510a5aac16789fabf06d69402512e6358333533301cefe6990b0d514aa62488

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
cee137f92af19385992118366a048716

SHA1
1b0ff6daa3875e611ed77b3ee9f95c23e5c8b8fe

SHA256
2a7449fca3ebceec411930dedd4e9df03e1f8fef388851fb8ef604c2dc1dc54c

SHA512
94c4836e976ec1b332e67d87369ede25f949efcfe1a2e194850d638d9e28b9a01b6d685d43c6518e38a4ca777530bf73283b0baa7edb19d221f9a0a9c10b366f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
230KB

MD5
00be450e53be4c6908de198044d0d123

SHA1
8791756b3cc3becb7a8daa77d0df718571256c14

SHA256
95675e664f3a169ccdc99be73c4fe4a1217d8ff21373ba7d6839c3d72f8ad8dd

SHA512
8d758753acc6ed7d26c5d770d55c88aa6fbf4e84bc71ed56b64b0342c17bb02164e26cc7d91049061fbb02c5563fde21c8f0ad3312fc35454524abc980c5f8a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
93KB

MD5
e8135642c85fa2e3cb5bd741d7f95175

SHA1
4189c93decfd7e721b6fc1f375957a0943fb9793

SHA256
f959ea4c5c8954f9900681247810d5b27de367c860cac34ab6279028dba1b4df

SHA512
b1bc2051ed2334ffd7863c834d416598ac35fc18fb607a73e22b3f039abcdb6314e0959b04372fbad87e487f7acdcdfce470766f502d2c7b8360f1344a9414d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
47KB

MD5
fd1f79856510e1cddd8141f1d82aff4f

SHA1
659aa5c13b63adfb1480856cf8da6acd4fa624f4

SHA256
d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4

SHA512
7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
748KB

MD5
dcd507c2d15f5727bb68cd49cd21537b

SHA1
11e3182ae9e2930bd4aaca34bd4eb9d24fb0e891

SHA256
25faa783118dc4161f9fc728dd6fe91e83b37a533b4d698d8a7a154e1d2b0890

SHA512
56a73e8a8ae795f7d8b6fd8b7561cfc5de14c78e0fbfcd0e01785b63d10d2218a8157aae205ec1112f298efedac7a94f68333f2660af5a7aaa7d0bbe8c98329e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
32KB

MD5
26d51f80be8b4eba2f2bfd0bf12fd8e1

SHA1
34b25b9da6aa0418b734dfc3ac5303d31bfbb37f

SHA256
a962b42006d54887e66690312ab151780b57640a341e70e3374990d2e96e4a46

SHA512
5b6e3f1a5336bdc3ba4c2793c046c2bcd3a3adddb30c3587dd2ab544ea5e5836df780c3c1ab2c9b2670f1eaba6bf7f619dd646f5b8d58551a48f7f79d2c22c34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
32KB

MD5
bdcf1dd416d169d87ad5f73b2fb38bb2

SHA1
f6f595a5d88f84b54533e34be969f3871ed9942f

SHA256
ee2264f45d3d0fc70f89a61c215d0470df5a9c39e47828db7e48c59fca9a50dd

SHA512
335a8b789c5dd06285df135e9e33cbaae0b20b3cda378fd2e92b33a66d7726e4e079f7920055121d2495d102e993e18d9a4430a36860d8cef5cfa100452186fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
20KB

MD5
3e14359b0f05e10904b2bde617bbb846

SHA1
ad1b1fe9ff4da2bd179a6a2fa61abece0fa8a2bf

SHA256
c41b8a2d243501cf0d2da34e5104d559aae31bb17ad6dab8d464b99a7cd5fce9

SHA512
ce70c2c307918f49834ef12e032717b9fd6f75418565e4ddeccba123492ac4af4b84e75add201ceba9f78ee1d53648f7ef7a62e5e4738b0a8da2b4c51a8f4d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0efc56e3356b956493f2498d9e04a318

SHA1
b29f5c950a84aaefee083cbb628b7d522c5bd8a0

SHA256
99d2550cc0e419df2f1d9a4aa3872417b4dda4548c5df51a333b279c3009739e

SHA512
74b5bbc9d503dfe2312302a850ec2324a99c9e88275b29c285807ebbfcf36b04509893f47b3a8d16ea20afc57547a9808d6063e34646eec2be3cde0f01d06b7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c3e5c0d9fb3c8a34afdb8a77708c8763

SHA1
093769359aa3606f5e16f9d31b0f22ac70cfe5cd

SHA256
2aa27ffef4f36e5882fe9c9982a660537ce89678b34a0eda820dff00d5cea4b4

SHA512
f59dd942a0fdecc58eb6088b8c3c3bf03907fb031f619be6f215a8108d30c489ae52cfd18b8a434f2b1e3b0df6b967e2f7c987d50d0f904ef35bd4e58d336c02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
f2109eb41d3d1637922712bf3b3e329e

SHA1
90a160e435decf3923c5aba480d3c105379d8fcb

SHA256
7d15204eda9a91ab0ed8f845a5d632b1b63c520ade53e990031b271d0db41dd1

SHA512
1375550a58386282e2b173b4548fd8f7a5979e10c19fc92e5bbdbc3e3d84aedd7e73ba628c6b3d6cd2f8a881e39f0aa53e851394adaf91b44dfde0c3b2c46cc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
353622f61e994080c1bac4d6017c3f0f

SHA1
60c28c232a5c69b1a56c3bb4469a8bb130a7455d

SHA256
1fd03a22cc0b69238fbdf372c4e2d34e71ec1b012bfa3528df4f2af92680789e

SHA512
0bbc68ab3657e1980591d0fbd16557c2a284e7101728bfe907ea6cc8f046bdf199a21ed3db80cfada75a47c181b1f75cac6e04b4b545086a30e1b3219c05490d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
28KB

MD5
a33ed8c472a76a09cdcb147acf62334b

SHA1
bc8b95f8c3085c1dd208e6dd57dee2e1b98292dd

SHA256
e999ec92a15d16eb731de8e89ad38c4d7704585543884e238f9413a91373ef74

SHA512
d3b7b3145ee8bbf27c467e535fad2c3493df9172d85c47af6f403061e7c618d3b4920d9d51f7331e64cb7e2d68d9f6b6adc292ac218217a4c2cf963950252fc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
28KB

MD5
f470f67a30e201402937751ac5538d0f

SHA1
d4d7c48b3a8d51bc2d9e05e8892c8df32c3857fb

SHA256
177851a39543fed76359713a72d98dafa5ae8020b7f148846c702e54f1cd086d

SHA512
3332aaa268b1c046cb8ded39dd987e9f94b35a75d7df9a449b5683dae921b4c08f0cf240b31d60dbfd2a1acda949c9f83cda35be958a2ddee7d9fd81327c6fbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
2168831a9300b092f949e82a0f175fbc

SHA1
868f6da1d1ffefb1dfd89f6f034f9eafcb2dcc49

SHA256
8b6927ac2089fd3872c9edb164a7e5f9bf750cd3820489346e9c661094c246f1

SHA512
64882e6181a0526807a2b23f171835c19a7eece8ec5a0c314355cd95e0af9a5e32ef0d51f6df0d6845a43b6937caba865a9e98c4fc92b8d6721ad2470164f1e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
b6cdbdc5668893cb6429eac34456944c

SHA1
dd1f2bc3ff19ae55a8781480b1d540b3ce6e7933

SHA256
020337461737ce387992c622c2260f56215be24874eeb42097abe0370036d1a5

SHA512
b63530eddb7169dd7c179a60ba8b6275656f3e65f37b5f3b299f0d87b4e9eeab772979d9764805540415d3faaf2a0bbec82eb847dbb25ccab91fc001ae39ba3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
5KB

MD5
437c87385d4718abf133b62217740290

SHA1
368dd79bc6b115803503df782b85bf329040c249

SHA256
fd7e417b2a9b8d1266041f17a642b69561ab1064be133ac1fd7edda93adb056b

SHA512
fdf7e0c89056ff45c15910550811b14f39b76341423b683f3d69ded555a492c32b2125b53941e23db6a467c6e9bab8643e08342cbb55c57302e3b3ba3772c1b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
1KB

MD5
84b4972f7585a15cea39c9af208120d5

SHA1
684ed373e43417fb9c9ba065b4c22e9c60519240

SHA256
660d8cef1c40b96085b09333d4b0a4ab9a74c0e53fba4f9257ad047c8f18f5a7

SHA512
681216fc9574b63a3387f14b2c1d613f2cf61c048f7ea360fb14c6073a90f0dfb4a87f87443de92b718ece31614ede8211a892d30fadaf12b6e64653cf807a45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
dafab430d6c5c44c1bc6d8fa918c865d

SHA1
59bfcb355ef56c9054839cf99fbaaa8941504c3a

SHA256
1a4e69b16499ba13e113c83133b6f42161a7e1107cbc7c7f2c0a03491db2b9cd

SHA512
c049df6105263fd5c0892b2c72617fd98de5ba068ef2a5e6b82587dd0307c917abcb0af43f2f27edbdcc7373b116b0010f0873d89c2e9427a436e52996b2f6b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
ca8707c6f1280babd7d8c6b08f5a30b3

SHA1
0bb354f345f99340f7e58d4af61abaa48cf90821

SHA256
80f7f0b164161e393bbf4f4d36bca89e049d7ef8ef838de8f8ada16d0a478062

SHA512
ae8e9b790b5f1a2422efe8b5c29e078572d29a426a01f79edf3d06e0037e7e34b6036cd14fcbdeb25f0a404c0eabdbbaea10ff75d5d1af784ed622e4a86be123

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
767B

MD5
eb1b4196da487ce11eac3d8cb51d7b09

SHA1
68ffbb03e2415b5283591defa88ae19b0105ef16

SHA256
dde00d6f1dc47b95f399407d6b6aab32b188099528fbf1d206f1b20c6017664d

SHA512
e81de86d528fc35dd3a35bdbe69881913afb09cdef3fd7609ea0a6b4f4c37c075292e1d4ab3e910e67a80eb4eb0e643c79c6987ebb26d8bd50a8c69b0639157e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
c2723874c37376929639f03ac3ebd105

SHA1
c49653840acdab654a53390c6a494b650d95da85

SHA256
19c377d254f818b90cb7911054500882ab9f601c89a9d64884349071262dd4bc

SHA512
73ccdb8eb784c930787fa2138060e50bb65244476438887685a1ec25e62a0f376b5e4f05733d2e91d8de774563ec75bcbf828f26fd8abda192a8e1f0c15333e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
e9ec40e0f7268777e451c92b7124e154

SHA1
7e7bf204aa521e07d7f1a9ffa8eef93a94315972

SHA256
e6bcc66ab9153d3b8da67d03622ea464a40de1888117dbc87fe9ba39504efe62

SHA512
906992227e5608307f944d67123f4bcfcfeefa44536b02290549cb979e3c376c882dab9ad9e749acef460303d177494b1c595e8b162f3b81460fd8e6795814e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
96e6b9db05901f40e0ac9eb52af10339

SHA1
2648446de90e949d6ef16cb224a14213e8e5768d

SHA256
1e030f0727fb5d2248f81842799d0176bc67cee4e4e028bedb4d287bf3f2e636

SHA512
57b294bb1c5ee2800d02a8e8918271f3ae55508f111962a0509db15446786c06977e81db90edf52a07a0b14f3fbc0f287ad0c80c9a86a233ec088f0de06bb85f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
f015aa9f148b637075057b1f8addcae8

SHA1
070696e19844c67ce1003a98581deb043dfebded

SHA256
944f5e3fce0e6a1e926bcdc64362e5902d8f40faf7c420e18ce8c75ffea7cde5

SHA512
712b7d5a1c98535a527af4af32deb74fb31fdf7ed824af3e6588498934fc272c9be756ef960e0c2b36a8e46f1833191e7a28f52c01220a9b43c0ca0543074f49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fadf6e49d1868f3d3f573e325543b44e

SHA1
82f03966d0d545c25b9103bc78db41bdfb8379a5

SHA256
3a09758e3176862aa7b62cfaa4828ae09c6a96766814f9994279ef72ab10f4bd

SHA512
9076be2ce4b4568952ae8b9add693fa41ccbefba8c8ff61e61d1e7c0bfc536b1d662ed666f6bcd1e38ab8c428103a3d56829cb7a52f542fdb3a77a06b35a0156

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1bab1b5c87fbd913e99f91a4cce11b3c

SHA1
8b7bcbb3c10adab77b4c1b2587c3d3f1af9d2848

SHA256
d1937333c8ceac308541aad78aba4a177cea7d293cdc9daf38c61494a7b37f47

SHA512
50607a43ba8c6330da2c998064b00b00a76bc73d8bd21f19bbfd21a8108af3379a62338759066a9ed8b09e94e086265a0c638c9b7d3abb9fc4af85f3930e5eb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
80abb2ccad27bdf0b7fb9dc8427b8b42

SHA1
c934fbca79d0ee28d6155579cfe70d86ba31a81e

SHA256
d0bb7f09182f26bee591bfc2611dee04cbb815d1bc81c8c0b0089a5092e3c54c

SHA512
4d4964238f73e0f1074f97fec908f10a379a12c3f78c659d531c76449cf6fcd1fca299d57406c76622ea1bdc8360d2429650f0cee30dd1895241e93e36407894

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
1c641e6a9007ef597c403ded8b581413

SHA1
3532f9da304a7bb86456664c4f2b4fa549d8ea0e

SHA256
e56f17ec91782a3ff488fba3aa77a055124491cb8f9f5ff9fd30180ea8aeb8bf

SHA512
9bb143f6f460f8724b5eb48a047892dd0dcf80b9d21cc4833e225d39a347878c8080f291dba2e80672259f158c7585e137df72e8f954064d6b478b0b9155f058

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ee4a83981a6396a5b65a2071c5ec8c1f

SHA1
dbad0fd9309c570c4d5f02d5bdc2520617f3ede1

SHA256
28c77b9d32c21b76dc758881cb9f7393354ffcbd040d86bd2bc05c9e2d38dec0

SHA512
32faca9c1d37a032b2a960c20323e8039d516b8197b6db5f395bd1fa8f2660ed30009d1a2f6222fbde2cfc75800a56f2fe0d85205c9a77c5a20ef3b4e035d6de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
81c368b8710f5d28d7c9a74656c85cff

SHA1
c1f50b959f66f707efe6e11b258135f52c53a703

SHA256
812345597d52124044ee70ed4d1b3a812ede3a1eea1c6b38d20bcae1a6b19ed9

SHA512
c541f8dfe50e5d611d7775e64fcb9ee1b93cbe77e1f640daba43a8f744383f63c595e0454f194a9382471862d55a738f69200d7acb201b66d016318adbf399d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b41b76694788538d493e04816af2c8f2

SHA1
a25b766890ace4b53cbde224233d4b2b5bae599f

SHA256
a5106926d16551e78aa9ef6f033340979f317db37b51fd2d873ce0cd6b137498

SHA512
3b6b2e4722ccf3501e63877bcfadd1b2fd907a9343889ebe26eefafae21ce9e44ca04ed6377a9e7204969a9a1b249a02a8902718f5649da99bd8d24f18f0b966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
baaf4629d2de6c9f700619cfac988c71

SHA1
04f2137b6701935d2105f3f02ea5db9c107aefd2

SHA256
4f5e887ad3d9270a97c3bdf69ac5124c1efb5dab0d29ed6cd15be67d0e7ccad8

SHA512
c7569d8a9ba7a345d1ae6a52b7c6639a747c123cf93989969480f82ecc000db698df5b5142e6c64c96c906e20cfb0148962e4407e9343ddf8bf9d0e22257d19e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
de2b631123f54fbad30353e3633126bd

SHA1
c5a729a5e69430133dc8d22d67542cdeee6eb4ea

SHA256
428955633a47ba169b7286183e1b01c1accba8c257c14e65f335e24ab289ef09

SHA512
6034950aca67d2677d3cb12792ac6db0361cd2ba7c320b79570c4be5b9f9e62c97943134a947cf82692baa0f882bd52fcc740c430dfa7b41f45f1f85f1b01e13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
6b480399e20b4b870e8417003e4fdfa9

SHA1
ae2b9d13954ec61e7f5fb0b1f6508d4772f56c5e

SHA256
bce0ea9c4ea02270fb92a4851c36c4d50b7fde053599a385769f9ba49d7f179e

SHA512
ddc60c57a42f27c0fa60f9b874e082b83072c73ee40f4573f7858f80201ff1876c1372288dd40b28a04bf7554efe97335e7c53b9a017a3eb1155dd9a09a25bda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
d54a27e413606c91153597b2603c0991

SHA1
cea2910aec365d75adeec26cae023eedd8b38c96

SHA256
d0658b7962e849a4ebf147799d70f00683f2094f4c2dfa4d08d5b228c7495bef

SHA512
bd6a198a357f4e5ffcb17eb29e4a1c2c1aa30795355ac4ceefc585be179ef46d3d5ca6e12881d5be131880be6a7260208c1b5525ee5049791052c33e64eb7560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
79035c8ff3758a6418fdfd77737d62dd

SHA1
d359f94f8f89c9b9c3b837758cd2677fbba801a1

SHA256
262a4264854e4c893b29300db3533a72c6196f6637000bb5dd3b287ee639180b

SHA512
6db71347315a9c1c8971e0c1ab5e2e04f4cd0cd79bf3fd6907f0920d5aaf8926bd4de494558242e3e5f88f42c8b22d81e86e0702655e5dd7fc8024172d658603

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
8ff0aaf194ea2bfde15b55aad2eb260b

SHA1
fb98bc5681376ded5116cba4ca1f1b47d91d07cb

SHA256
13f574bf10ac6e8b25b0ea143fcc61724d76d9b1a674574b37fec215048ae523

SHA512
3b2fcd7abf3a584c315a7341ebe7ced6746a6e51479598c5ea273984c2fd85bebe2155b6e807868d80009dfbf5a985db79fb7c3d3f6a3d3779d4089b7fed955b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b5781cf048a1223761a20528584023a1

SHA1
2d53251717ac2c8b0277df15d2fd77e5fc572b07

SHA256
89f83efd345f0b62bb1b88baff883c2fc670c57d264a73cdd46b9db40f5bfb3b

SHA512
daee41f2614ff0091e26a67944d2edce11b2408cd5a9c725a0e0db95a2eaa2bb48005e55e3dbcb6b783cc4b1ae086371a287873e36a7a19133ea5e765bd9f860

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
7bf8cc0142585fa40f424693062512b8

SHA1
72b62a7427f3da54be31def6971f5584cefe4d7b

SHA256
ffe3f8ebd6d15fe5c176c51bbf1ca06d43e79b7a88ae828d9f8266a503d5b7c6

SHA512
d2aada57289755886cf134f229e428ae409ca116b34e61cef1988476153dd117d23c10affe0bbe86c7d58c2c1494b6f206db8cc619070d9641a52c5209a273fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bb149c3a-f6ad-4bb6-98c3-1d6f1bf6c4a0\index-dir\the-real-index

Filesize
624B

MD5
a0b86f2a9e6705e5836b00a28ae2d3e6

SHA1
f4c5d643b93647eba796c56d5dad74f4c21fce69

SHA256
674b9fb0c36bf356677730f070646c95bd044a6069cf338d272fa741c8462653

SHA512
b108566a7f19befccc4939973522dfd68fbfa6f90f520d0d8cabb74d41b0291dfd9acdc594ba3b7d1df3b17f14b55a63202f4ca0fe779dcdad0cc70cff9bb03b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bb149c3a-f6ad-4bb6-98c3-1d6f1bf6c4a0\index-dir\the-real-index~RFe598582.TMP

Filesize
48B

MD5
bc2329ca9165efe784447ee862ed889e

SHA1
0803ca5d88b5fdaff644833da946410541049205

SHA256
7bd1a6ec3a7be9be020b120af7c60f06e495cd1a0df881957675715465cef66f

SHA512
32a0ddb919da3216466eb0880001ce4008f9549e58a6b5c7e814b221966f43b433fe60a7865231e2a9ba87b46daeea33fde1ab69e3256498680f07dddcfa6ae6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0404794-09f2-47dc-8ce4-08a4d41c9960\index-dir\the-real-index

Filesize
2KB

MD5
0c4797189a982d9dbda229c4bea646ba

SHA1
cafcd2bb3d755c25d5976e1596d072ba8b7718c7

SHA256
b593b4c1f9029cebf72f62af94c9e36cef914040e78d13185b8cd5761ca24af0

SHA512
2f16b024a2093ad84a451f4e025989015d50dc497add0e079faf64a5e45f54fcd451a9de934d1b8c37228431685350d21bc014199b1abe4907189011eb7503ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0404794-09f2-47dc-8ce4-08a4d41c9960\index-dir\the-real-index

Filesize
2KB

MD5
d9ccab877f94ca3954f1a701dc2a523e

SHA1
c45b349f57a09b63be675e8da591774e1251107d

SHA256
e744c7e982d464c4f2f6fcb32e9fec8a59e8a2bd6bd1c6c65041608d7712d795

SHA512
217e775a63c1a5a664953661667e672f3c6001f72f511bb53b07bf16d32ee3d4d54b575877b2fe401fc953dedae8b72aad7f5da13a65d8530a23cd6f8059295d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0404794-09f2-47dc-8ce4-08a4d41c9960\index-dir\the-real-index

Filesize
2KB

MD5
81ebddf820bdab36f8a059a9dd5053bf

SHA1
5ce7bca6daf1a7d45ecd9d92bd9b40d1e3ed16a8

SHA256
362c3be72cac85701d0582c5d7a623279e93cd02ce01384efdb8fa8d41863a0c

SHA512
a722e1d1d3b539f792f8ab4f86a64dbe52ada2172920fc4788edb0ece4f2570689c7953f2350cac410c0351643a0e5162ef5d343ed8e8a9394ab1a3af2748374

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0404794-09f2-47dc-8ce4-08a4d41c9960\index-dir\the-real-index

Filesize
2KB

MD5
34bdcd9ae73d10f2d0dcb0aa336c7d96

SHA1
51affac4fc389613c29afa90ad0f67896da9a4b0

SHA256
1f9ce8768c2f8fa2c16622f423eb272d6233fd2dc19391835613a71522a655eb

SHA512
57654e80334f18c5a830751d4cd3b393afa5dca4c505b800aa065c5d2bcb3a087e1dd97f8dcae836ae8deaf80f8fb2e904a4d2c3c0a9fc0afa58fce1860bf1af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e0404794-09f2-47dc-8ce4-08a4d41c9960\index-dir\the-real-index~RFe59209e.TMP

Filesize
48B

MD5
629352060661911b5a48c9be93da8966

SHA1
19da6eda2dc3d165bbebf0c373910bccb4bb423d

SHA256
176eebb02a30d2ffbe003e411c7359828d01c010fc6667a03150669dfad77c0d

SHA512
005bfa6e5c6a72653bdab5d36f59bec4329a015bf651b96a8c134ccd33bd3b1e16c6786a90e9f978225df3b9cf2c9515799a304a4e5dc5c8be6a3b7385e09b50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ea33a77a-7d79-4be0-96cd-5be5c245acd2\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
6018c2ed4fa21515d37c103a8fc2a505

SHA1
bea94bb5cb1b5ff46cdfdf759650234e3e27cc18

SHA256
d02bc2cd919d60f2b03e8732b33325d8b9db359a0779644f746a1aa527b80837

SHA512
25c4d1053f1af7cbb1a63399c8f593f419158dc97b5967b76c3325b82cb0f54ccbcdc2458a8d1f2bffffdeadc3cafb40d8c99f0d91ce265a041f2328b0a6e7e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
3c73810b3bd0512a4291c2452e0b7fbc

SHA1
c674624c4b4a2e0d462ce3313d16fb7ff11e25e4

SHA256
c1742ba1b60db6c1990ebb04491a124ec2727ce45b6999a6f623eb8f5927007c

SHA512
14e93778a6c6900f992aff52a80e6b35f07f2878b38762a9d3a1d71264bc8a591e4931fe5c649ff973f880775004c00224919acbaecd3606fb7d76be2a9a5281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
148B

MD5
fe654d859d6a0fb4de6bbe4b804358cf

SHA1
97f098d3710e4f9405946f72cd0960ba1dba2f2e

SHA256
a6460f3911a67b06b5017165018c384acb93fd6cf98d14ccf24447df877c2e04

SHA512
b644a20f13e7d4b0ab8cc1a2807fb2f525711b6fdeef66d658c0d70be7d0c7697759a44bfbe327fd5fd00ca5919221949672652b5f667fcd85605cca6c568f1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
157B

MD5
e51ced6cc2b8404107859c6b7358fedd

SHA1
64a0621612c4057cf29ce450430ecb3a49b2f46c

SHA256
544da57507be68df6610d167028aed5fb54455393c83250df0389a80491fe50a

SHA512
0d8e83980524b702fd1d57d49dc48d1e23ad4612564dab2709dbeed8c16b217a66bfe6c695950ac458e4008667eeb5f979de8647ce62bccc459e38723844696a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
74064c3e31cfb6eba549a33f84dad0d5

SHA1
5039be2e8e59059a2b08f4733bba8188a16cdcd2

SHA256
b3bbe281273005ff28750700f17612606e0716f868647c52b760e4dafd142d34

SHA512
12cd8a129ced2d1db018af4eb2f55477517bae0c0de6283129cf7044a1a2ad42c856188c4d9450b8faad7b881c58b8287fc71f811b2c8de3231d3eb2029ec4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
22d63a5a611e1c59f4fde55cba2718d4

SHA1
3aedcf8df3981fee3a5c428719d5410d831b6b67

SHA256
a102ffa48b32f327e54a5114cb1fcb54bf035ea37dbca3ba5ce4d3c84e03fea0

SHA512
88e4d08a6e67c1f88cc4eaff5668e46d9735b20fdecfc2255f86a5d30f97668febe86ccd0ffa1243d9c7d7619ee88eb53b9cb29d5545fdc8200cadbf66031067

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
ba5612b1427057e53135bc648a256bde

SHA1
9f4e83f5ad630fa5c4ee6a2e6e22719af2866fe7

SHA256
4636237e6a6da2cb2f1643153c71cd3c5b6316bfdead91a8dc6e14cc6a4b3470

SHA512
4677063146cc27a30510632fc94d1e5c3c6f43cf8590c45902d88c5af919d4e2dc36a378ba126848984de89be15ac5137aeec713c9f973de3a17d835cf9f5512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
74a0c4b58f6a47dbfe5a5288413e9b9d

SHA1
fb4078718aa412e203b0f33c98a8978e12c7e0a5

SHA256
38d6d8e0452c84fe338c7c4bef02024c8b7bb3947ed99c3a1539148dc6220b7d

SHA512
db71c82f5c09866e8ba077105244a9fd38bebaedd921b2747201e845acbc07225ddb4454a84e1df202ab60661840c43d87a9f80e8dee3f3a8d689b6df1894141

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
0122894c4c01c27b2ef5af68dd5c51ee

SHA1
a25de71ca8e6be74fa9fc1259b149db98e627c85

SHA256
24eac28a8cc965a59544b72b2337924debb036d7edcfca92a186c8750a26a8e1

SHA512
300939a7b701f8bcf80ae30011a15126350261c43da987f5a1ca1589c3602174caf89ddb00a6804e36d3c041e0e8819bb584d317bf3efa1a13046203df4172e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
909a46d5051cae2ad86cb1f7ff27c49d

SHA1
26e809398824f73f0b88e6fd3598beea93255169

SHA256
1a5ba75c4ade0174962f33a678202b7683b8acd3479f370770f9792d703f2fbb

SHA512
d5c64adf3d59d7d8691f7da9fbe1aa29a8cbc8b42ae3eeb85783053b9a2f50fe4d7e319926342d13cfcaedc17242c935536cdac8a5b03b863a4288974e52a498

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
b66078908143560eae45595058f7b249

SHA1
55a488ea2204bee269e05376b4eaa1e048ce341e

SHA256
fdd6ed8ee601c0d1d130f3472e422ff8c99ba4fea74139060c8f2733b5398549

SHA512
cf3d3074b98e674fee82216fb2ae85e03e6ce75b5c589fa6b48be270d29b1b190abdc60ca3caafd2684993f0eaadb424b8ad24c1c31e4fc954151187d54261e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

Filesize
153B

MD5
09d707382e91638977dba142e71550ee

SHA1
1c8d0e03e8f2f112a37235039da7ec8592edd37c

SHA256
333981792d9409b779ee2f63e4a978676be6b2ffb3221d1b98ab3a9c0be49933

SHA512
9de2bb1e129d72784e64027d06e77e52ddfae479b49d2ac9a079aed1994cb22908cc3898a6c428abf7e6ee869518be9950b3710dce8d330b0cd22d880080beae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
5ab8889a208ec4da37f5aecf08467323

SHA1
27a581df3175d8f8692b4f47417c62968a2e29c3

SHA256
53aa42e5f66d0bc0987a9d4693b43f486d3bf7010822d856e4fe6e6a1890ee3b

SHA512
f2b14b0c03ca13593b6c69dbcfd366d1e2965548b34975de0081c5b30d170365bfe430422f2462d76762e18150cb035b8eec3d9779a2b450df49c1a39c38c76b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
295B

MD5
de02b91e6ef234f2a2da9fee4e5642c4

SHA1
6e3139ed8783c67ef555af5d3830fc48539c7054

SHA256
4427141ff7c03358f2fd5ea4f004863ab14d0401324ce1ae404707fb4d5a08ff

SHA512
a590cf02ff34b5ade7540b20ffed6a720d38ba9acbfbf6d010e5e184325a4a24123031068c5d91c67ce895d08a3b7481b74bf82f92063136de5e10c5948437e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
16KB

MD5
61b752f2d888282cd14e8cb868e5b45b

SHA1
4653cd3c72f38d331f3401ab2cba518fed14d075

SHA256
f868ba4a9de1f272817b9a4818073053f34e8752c1318aec63f4b42804a2912a

SHA512
caa0e2e53ac081a081286d2774527f064eacc66b844402858454c481165b46e7b4ee24b02813ba93439afc66718e831efb4c00869e57cbf363d857974625e690

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
11KB

MD5
0ed7326fd575f20315e5d214465713ee

SHA1
837f5c053f640bec80cf436e30125276f10382ea

SHA256
5630a00fd942efa2599cefbfc9190be82f077edd41582c26e4a1f170d5e854cb

SHA512
8642f27a48280245f3b5bb42de7fb4245db420c9f5592f228004b1739d2e1b5962f58f141bd5f89ff544bdbf2ddbe8b0a2de124aae5ebce0c025e16bab37608d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

Filesize
154KB

MD5
39b813e7e234056e30478013b219be08

SHA1
3c4f43ee6205f530f7a1a0f3b01f1dc2cebf747d

SHA256
01b55bcecee7e58c1fae304484d0a8d4a64187f71461a49961a878e2916bf45a

SHA512
b58f6d42ba6109048f63abd6096742966a9a125f943dff71e4aca308889f0cddad94054e54873bbc17cabc70fb920c10e858dae65d6d1350c0c418c498ef6f97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

Filesize
375KB

MD5
7ba6b2793588070a6b167cce212c765a

SHA1
6bc0d26c27ee2c7750192218ebaede893d494812

SHA256
ba5bbd3ac7ad8d1f2e30c53445fac5d7b70a769074ef6b4bad44c33be5139de3

SHA512
0f1d6e930a08deace5b03f30421d68e58872a96eae284ad67a845610b5593444ab198efc14fe99d84776fc103a265f44ea9e44dcb5607adfea301d3eb567a7a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
5768772a2bd631d7261ccbba4a68d7d2

SHA1
e36ff64e66425140c1841fa17bc5766a98615419

SHA256
979a840ec6538b490848d58067e77a8369b2eb41d4aea87c66538b305a1f150b

SHA512
e3f2c6f92705899febef0620933710df9dd6b3a988d7dc5443819a2f3850926bd91b30aedcb259e7310c2b307a409925f587417239900a85cec6c6d0922d39f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59791e.TMP

Filesize
48B

MD5
a0b100855642681e29aed7766944e372

SHA1
8fcf2c62df009d15a32c7f5dbfb1991c1a6e3639

SHA256
6cba334e08aa083e0f9817ad9978a9a587c32423ced7213bccb810aa89c52be0

SHA512
f4b6946af7d62f0c1c265faf3970f0d008911d5dc92743934322ff7b401956c1f6461e6b6ad7365014f43a6d244b2181c2f01bcc9eea39624724d12a654e6932

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
3KB

MD5
0cc23ead5194c5ddf882b2326ac5ef29

SHA1
c20a66e960cc4a8e5d6a18aadec51f7d5d4c1984

SHA256
3e38a2ab241a20dd745995f28d8e1d69cfe3394fd12d6df40b63060d7ad89d64

SHA512
dc8291b094519e626f431d66a46c7f4e650a00f5d0f6fba8a9bca1ea414df9cf3485e58a57e83f98bf358e031ec0d8d8db1d94be69cf2d26b9a32f09c75f5677

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
69a2c9a6b64a56ce0ce1b32f69f5b5d6

SHA1
dd2ef3eef0b90253f54605b1d46f2dc7ccd9589b

SHA256
21766405e6c7b0e2789448fde38f0b5c3129d4750ec373f7024b48c370097d53

SHA512
a7847a785c580fbd3cfb270c9bf997aa2ef0ab0c24cddf2f959e2ab690fa2e6fce1c1ed0d5fc67dd42b5e6fb64f35a1bc51811fb9b9c5745b0d263f9675d0914

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13367857660735237

Filesize
23KB

MD5
a0a024ea8a5601859ca6e6a019ec2c33

SHA1
e9e94b8aee5eea0b25f3a3cb558af0ddf1eb6573

SHA256
032cffd33f768ef4f7460d36443c93b2e2b804e9f63bc6058712f0eb50abcfc7

SHA512
2cb01acd0d8e7fdc4abc5ee9cecc37b3aba3add937ad15fb55cc8f6275cd0088e5b6778051f41b86d93b252264c2d827b5b9965075f5846256262b8fcae8a0f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
187B

MD5
3dba645bede43d908fb6be3339f9c3c5

SHA1
a99f7eafe1a6235751423365b51649226cfb7503

SHA256
62b4451e81191ed193abe81b7850731fd76f68b1424829c548b8ac38ccfed92a

SHA512
d82b29eb89e53673033b045f0a6966d2c799ef858c70d4e3906ead844054545ad74d188eb91390c044c886d3661d8646b6a52067805743c983b2fdab9250e957

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
1202c34eb7c235e7355755ab00130873

SHA1
e6d40806f41048d6ec446edd0749cb0e503670e7

SHA256
cada116d1e165074514a96532634dc8abdc15972bde16701eb66d0ec231d908c

SHA512
dee04a67bdd11480dc3490a9cea0c1a405a04357c99e37805c390a28196d54ead07e52a1e6a7e2ad22615f51a2ac70eb85fa8dd85b9fd58ac6fef342c526958c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
7eccd885c0dcfa6388e7d7e0a4016000

SHA1
e891305cd4f3215da14f815395122690028debfd

SHA256
97051ec47b93f8e49e5b8242410d93b99c32ad62cb68f3a118ffb139b11a8950

SHA512
58f62acb67f32213c15f01551731e28e670abbd608fb9b7656db7cae4ff36dc27e6ccf99e7b994616c9de5b948286124f49767ba8878bea3774c546a87570dca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
74d6c9624c39fb11c6754238fdc17b61

SHA1
b598bc856dbd430ec8132d3a932695889540378c

SHA256
aa2cdb6965e9f066df63f6291384d2b469bd070e583638a17c08745f0dad65b5

SHA512
6c7f81ec20328426c47e1b2c514876de725c8c2a112e4d481047d975eec797dd3124c286a6568d0f22f2d3270d972887b87f53f945d76d8dd13c5821baa1d6c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4075f7468a2af706a257a1587ca13456

SHA1
532c2e5ceb1088b56d2800f49e603dbb977b458e

SHA256
c8b2511ce97cfa6a4c3a2d1a21d5238b9a4da342337d84e5760e367f73b5a9b6

SHA512
5d458c7a217963da11d0b4a7b6dd669c7dab924e7b908e64f5e42e1a87923366afaba6f9753e73bab0327cabe3bc97db7965295cb13632afdfc156e6506ee3b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b398c67a3be7d4b6eff5d4386f063a9c

SHA1
ab41bffa9698afd3e1ecf1594ee23fcf062cf24f

SHA256
db3bccd418b3e7ecdb9dc15bb2f47cc2b8a6d4aca2e1989b81e24304acc080e8

SHA512
23646170dca2048db27a3fdc9a1fc8d3ceba5f47d8a94a658b1dc54a603bd367a492f531bd79bc210db7e0dbeac867f9fd2a948496e356dd33cbf4bfcbf1900b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
52d0a331535b31a7e5f632876ae3d0bb

SHA1
2ae63b4e7f246824ed58475cccad3f7c6fbc4a97

SHA256
01c9739b17085ebcb747bf258d8944ab121ce974188b9ed3333a84a5b10a9153

SHA512
2df6c4774f9eb844a8e2cd93ede2ded9176f02ee03be3f19bb894fddfe7935395740e97ceb7ccd7c0a798f7fc49e7f57c64ab2e14d8fcd9a68371265b4554e69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
02603643e4fd4b24f7ca2a6ba6bf8658

SHA1
2da9afa192544ee09afd976ed93048a491b66947

SHA256
fea06af51de8d96cc07a3067c018dfd4b7002335174284dd4c5ec5af8e3aedb1

SHA512
b08477279ebac6b8fb8a07588affb6e6c086aeddfff7d3170b24be1e5154a2f18a333fab4373870c29243b7d6b02a4019e6dd40b8f4be3c40f02285575d041c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
799e88ae753908c41cc161759ecd7a76

SHA1
23c6e0e669b889df54c8366751f6a84c1bc11e8b

SHA256
a18201d6a5d720482c8c642127afba52af6cf4e91aca4f68adda7ca466ea42ad

SHA512
fd56b5cbaf389ad14005a36d8868058430ac7c0920971e8157863633d6cdd6c92f1e96a4dcbe70762968f80830ba5a3908f50584a4d803d34fe22baf4e8b604f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b379d4add7893c611fe1ab384aef4ca7

SHA1
b29fa5fe1618b7667da448dfd41160e179cb73d9

SHA256
5f99ac120d4f2d4ecacfe2b31dedf0acacb8deae77771a38bfbe6356b73d968c

SHA512
7bd9e9fdb57019dd6148ec4e5e4c1d502d33023a40c669bedf018f9f06fcaee146b323607a9da62ffdb50df6c67045a808a3a4280d7fd54e2d67c581c67a5e1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
45623debbc95372edcedb1af46911ed5

SHA1
77b126d54baf5fc7965237a37fbe1ab02343c994

SHA256
bde4d1ef54827fcdd9c47ece102a7149d9adb5472233ffaee2a04efb78189423

SHA512
c2a411049c9738029fcdf895803051bd4f66053fb6fec83faa4b44e6fda4007f83fe7e0325f0198991b19461d153445c654b7f7f14aad6f6f22a1dc978c241bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e9a1e525581c0bb48f847d491c6fb8ce

SHA1
ee07865cdacf81ba52040378b118c6ba660cb79f

SHA256
86b9db4b7982b3cdaa95e6853dd7f07f38471d58491077a9bf0de71636a30973

SHA512
53aa6032ae641f6011d28bb882257327fe5a7c78a222de27ee4ba5fbe73de51cb38583d3599db32588a6e11bb0ebc41b63a6935bd57e15ac70b928cabfe01ec3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe591860.TMP

Filesize
538B

MD5
6aeb593c0892cca3ae89b1ca8b06188a

SHA1
8a6bff033b342754acef4e2ed455c2dda588a56a

SHA256
42c1ac0fdb38fac68d32720fe02d091b6a301cfab25947e91132136f8c1fd951

SHA512
ee1c9f0eb05479de9acaa57b0be68e81b848bfa2b605e260969e20aab3384e1741f25125c48bb590d349449d73adac68b8ccea882a0cfd6012d87d78ab5173a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
c5ac7d35bbd485984ef38a1223f8d02b

SHA1
c4443545af2b82a223539854b03a7c89e21f3b3e

SHA256
bdfd915269fc1a5db12b76d4c4785a373b85b794437e7244b0846e1a91b4550e

SHA512
2b80a3ba0a1e0020a378353a117529a2013489997b8b81a8116477daeb799ea874a9c3e3441b199f0de72bc5e19148cbabee08c6b9db15e7445ef4039b89a4ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
112KB

MD5
5e9796284e8bb72e96a7f9dbad4ffd84

SHA1
87afd7591698aea27258d5fa0217ab76dded8108

SHA256
0af441ae9ae5343c8534d4140d7c121788043f1fa516e6019664be4aec24f823

SHA512
62103c385f8aaa45812a74350f3152e16cde19249e18abd3799892744003ef09039350141c0ce49aacb2e11bd1fce8df7fe9c9a1e61c5d31de95fda0f2153c7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
96KB

MD5
cc55e39d2607dec7e0f11233379406f6

SHA1
ba34ea731c07bdbb917d4d257ed0dd5a48052742

SHA256
cc3356b8b17b0a108d291b5b05cace9c40ab93487f27af6ec3f3fbcaa5ab4c32

SHA512
63a3828a87d3598ccb27febae054a680a9535add965f188d9c92aaba6e4e9725de76efbb159dc23c96786d03a25096ff2b21124c12a0cec029e717fd4c8ca0d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
95B

MD5
021b8d293c14358bb37b18ba45792aa5

SHA1
22e73b3a1d152734191bf7de9472a54be346b706

SHA256
5b149d68659ebeab90f1116b8704a32dc240fbf85171bd4a4f70d57a3d8d4bb8

SHA512
ba8ed4be209dd74c7e76bbb3f9bc8cfd2965ae9bb927ef44ae7a30498c15f46065f1bed4e6ea544ad6732bc5e7ba71154c0b70e3beff8ecf459cd747038e3f65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
989a22037919b0acaf45ac960d142ddb

SHA1
2b771589dacc3d506b02661fe60244eb05a98fcc

SHA256
0ade52ed5e849691ff938bec0786fd038824268070e03c1413dc78b5ba87ef26

SHA512
3c57fcc78ead1b3019b5c537a233ea37356ba4c206fa934081d1b40415ace999086efa69e4c372f4af5295d3c17c6b1b57e1ae8bcc064d4d6db359c08d99c8f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
394017e507bd90c9a013c2001686ae16

SHA1
237f32a4b7a197ee0e3c51c2c881c63e9076a88f

SHA256
c63a13b994cbcfe26fe6202b6f2b08402bb1b4116ecbebafd96a7dfe4af7c8d5

SHA512
e4da6df0e02be772ad5468d26f72aaf08dab830e70c3fb040d3e61c4236dfc1489538d935ac697e150cfcfe27e73f6361f536804f106f06dd4d705edf11655bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
76dddfd92c0add4a380a87aec6d12295

SHA1
054aa5933199f2ca0bc7bb6f5b2ee767b9ed887a

SHA256
4c06f0655a3bb11be08ca96129c42a7b72cf5c2ade9604a5614b79cdbc87a086

SHA512
13ad031e009604219af34a5d85ccd5270a691f5995d34d411c8f7ca61897396d1fb877d0df6bc9b2f4debed86c233e34422b1381c9592a559f25fce3a0334177

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
dfd7c1d4799ce67e23085359025effdb

SHA1
ae0259e105465895ee3213e1a7fcf0340e008e53

SHA256
8d09b3b59e2a5e06de270262145c0096f719a02cc336668e62b0203eb71cc74b

SHA512
7c7423467248bde4676bf89ccee3bb7c65d3a109bce09f67b4708c8068580c9651f682ac527bc10dbc32cb8adfec89099729dff878f96c651eb670b6bf27942e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
554317546a6575899af02b033cafa006

SHA1
92ece65c9de687f87400b51d4e9e732026b4face

SHA256
373516b4617e1b4f2b85681eaada02db1ab4a604d994c10f677161c3ba09ab54

SHA512
0334a86432752e85969acb82011a03681ca908d10f6018edcfca257d5fd1ec1061ee215b0ce6bbca7f7bf8a5d6c156d01d1ad0b75a60f51285a104781f33162e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
a28bf39e33305cf3cd89bb61c1621141

SHA1
d6f0b824d6d282c969d7865a0151863a02b4b6a1

SHA256
0eb6739bec531ad96e7bd0627a19f22e5515afac94476d103e8b926fd94df162

SHA512
3799120cde703c922008b1aeb686113ff8e3875dc03b32108fe353d8d32eeaff7fec2f8a0ec576ec8f00ece765292dbc07589bcacc36c327e6db3d7b42e7c60e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
5aca9f17fafda1f4d1c2f39b2b0c10bf

SHA1
cd5aebf0fd03e12dcfc2dd0b08659760f9710234

SHA256
5e8b9468f59f782db11b120101fb9679cb48405713888c83dad1a814204ca5f0

SHA512
407a49bedc5d17a1a78734d622fd6981fdef488304f1be7df999f5fe709b6a6c5442f499bb5bb140353438050ea3006b3ec24f08f88eee302c38f225da485264

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
85f0c456480c8a1789470e42263b2148

SHA1
5a7ece1f9c9acd1b53543428920945fbbcb0ae0e

SHA256
bae222e72785d25229fbd8c58e23ac739b49c67620d4d76f39ac1a52ba6d916e

SHA512
d6c43689bb38510868ec44d7643ccf2f633ff121d68a78de9cbaa63b97f61b2caeb979ddb942fae59df713ff6d7f5cdc5fb1a2f1ec6258cac9e4c36e25784503

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
4319577a1efc101efce707ab8165e1b4

SHA1
45d6a702c18b2d66380963abfa3bf4909bcc3fdb

SHA256
d4cca5987592d05a34e22fe23f08ad1084d9b7805f55084545b93ba52494d18f

SHA512
33b0e52d0cf90afd8691acf602cdf3352a96f1e199ca6f74dd2b36b6e7d2a318acfabd241e8d9fb15581cd0714f8235fe6793cb67d044007f98bc101fe20254b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
67a38cb31b125fb7caccf0a37128567c

SHA1
82e48c651001e865c981c780608738c397fb65c1

SHA256
676855dfd60e970c7bf983346b5feebfb8eca9ab07d8ba2ac1ed1a2c3b9638f3

SHA512
6f812e2d7ac802bca654ace469bc0d4de4a0d74bf8699f356aea180ea78b6219932076baf1f46e71dd541329dece50ce5dec12aa64ed8a0cbda395b7dbea6f6c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
fddcbb0775a1010ef020189dd6236230

SHA1
5091452d921921a410b4433ede313162887015ce

SHA256
07d01ac0ce33061047ba8ba74516406d9c358c013cfa65e92cacd0ab58c45cbf

SHA512
6cb8ad66d4e987ac41adef35e5d8493baf6b9805ff3cd8d15a40dea6e4564439340ff50d404e0dcf396c72f62ec71aff77eedf484edd5cbcd6a9145eb029b52b

Download Submit