Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-08-2024 09:33

General

  • Target

    https://aka.ms/AAb9ysg

Malware Config

Signatures

  • Detected potential entity reuse from brand microsoft.
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://aka.ms/AAb9ysg
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4204
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc36446f8,0x7ffbc3644708,0x7ffbc3644718
      2⤵
        PID:5100
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
        2⤵
          PID:1096
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4396
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
          2⤵
            PID:4904
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
            2⤵
              PID:1952
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
              2⤵
                PID:2580
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
                2⤵
                  PID:184
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
                  2⤵
                    PID:872
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:796
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
                    2⤵
                      PID:2064
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
                      2⤵
                        PID:3184
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
                        2⤵
                          PID:4352
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
                          2⤵
                            PID:3676
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
                            2⤵
                              PID:224
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3612 /prefetch:8
                              2⤵
                                PID:5004
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2456 /prefetch:1
                                2⤵
                                  PID:4364
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                                  2⤵
                                    PID:3236
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
                                    2⤵
                                      PID:2936
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1928 /prefetch:1
                                      2⤵
                                        PID:2384
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5140 /prefetch:2
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:4192
                                    • C:\Windows\System32\CompPkgSrv.exe
                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                      1⤵
                                        PID:1960
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2644

                                        Network

                                        MITRE ATT&CK Enterprise v15

                                        Replay Monitor

                                        Loading Replay Monitor...

                                        Downloads

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                          Filesize

                                          152B

                                          MD5

                                          e4f80e7950cbd3bb11257d2000cb885e

                                          SHA1

                                          10ac643904d539042d8f7aa4a312b13ec2106035

                                          SHA256

                                          1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

                                          SHA512

                                          2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                          Filesize

                                          152B

                                          MD5

                                          2dc1a9f2f3f8c3cfe51bb29b078166c5

                                          SHA1

                                          eaf3c3dad3c8dc6f18dc3e055b415da78b704402

                                          SHA256

                                          dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

                                          SHA512

                                          682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3538a4ec-a472-4d77-b690-938310af39f1.tmp

                                          Filesize

                                          6KB

                                          MD5

                                          1a356909b42a154a8a26afb507186ae8

                                          SHA1

                                          eab7fb1575848c8164276a1dbd6c38518437a8b3

                                          SHA256

                                          5ff19a02605553eee2cbc243195f510cc1aa369f1838240df4b54e3c31534b1d

                                          SHA512

                                          01c53cdf3989632d88a71c34f79005c1e3f6cd1b5ca5e9064aacd808d274094b5abfe5987fb0f3c143924e52bbc7d8d09c1e98431b750ef006164502bfe1e5cd

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                          Filesize

                                          72KB

                                          MD5

                                          581f15fa9325375ea6066c5bd89902ef

                                          SHA1

                                          6b2a96afa3f218773ff00f54b11d242053847f5c

                                          SHA256

                                          dbcf99780825125b28902813ba5301e034636432e57d3a915ad63c91e908587f

                                          SHA512

                                          c3789995357720668d40cb19017ef4d90e47e89f7c802642168bcc5070b7fcd360a356b4775dbe69e05465d502913380fc8a8847e261f0469c862e2036f5e2c0

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                          Filesize

                                          33KB

                                          MD5

                                          c15d33a9508923be839d315a999ab9c7

                                          SHA1

                                          d17f6e786a1464e13d4ec8e842f4eb121b103842

                                          SHA256

                                          65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

                                          SHA512

                                          959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                          Filesize

                                          31KB

                                          MD5

                                          2bf44080957e5d7552e6e4f36dd55652

                                          SHA1

                                          f413af4b336b19710bd76168cd2d1f39be0a653e

                                          SHA256

                                          8621574f773a70374d42fade3865ad3afa33d31c2256a9935de61fa1eff65f9d

                                          SHA512

                                          b47201404e19fe2a314dad8788ed6d2e28ee79b50bff1d0dd805356a969d4b2b7902be73822881627698a3b8fcbfebe733358172c23a8f225a642e1764952857

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                          Filesize

                                          33KB

                                          MD5

                                          4df004d4f2d2f7921ee1ab1e16eec7b7

                                          SHA1

                                          39489b65493b9fe9883f359e5fab5170c9d9e1f2

                                          SHA256

                                          ecf16ba0ebf68546464b4d0e8e47a95b961423e47413c25e5a5ba73dded2ffd2

                                          SHA512

                                          09563045bae58061067227f649ebfa4a334659b1a4bdb9164377b2d6bb85274afb57d260609528e089533bfcb9ffde4ebe8e945323d77ebda5662e7cf7acb83c

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                          Filesize

                                          36KB

                                          MD5

                                          c2ef0b7fc3c86ff987368bc05e66511f

                                          SHA1

                                          0ae925fb913d4a07d3b5259b88182f83d210750a

                                          SHA256

                                          5194a1ea73958a6dff29a73d5f583b3d689b4cfbdbb4484842ed77b204409813

                                          SHA512

                                          835a7a424469b428cc390f97c36e423ac6f05304bf25045dd84034b6a2b42489ddeed9e24f9c1eecd19e893c6eb021d8a782f07b27e1c67781d74e1835ed94db

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                          Filesize

                                          50KB

                                          MD5

                                          510b859fd9599d6f9e77958bba751977

                                          SHA1

                                          00b322f9fa7b2b1cf25d884cf64d8e50cc0d890e

                                          SHA256

                                          f176b522ff863ec61c824b484704b5f9caea0b0552bb84343daa3959535f7cd8

                                          SHA512

                                          f230f49c3c66e6d79bcdb2e030c098bb14daab004373403cf78cd991fbb158a9dfa6b817152c5114b99db65c75127758ce8f06d378088894be3605d70c7f1a9a

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                          Filesize

                                          159KB

                                          MD5

                                          7f2e1b48b71ec58fda4539018a2f56cc

                                          SHA1

                                          507bf81f52fa8c99bf2c5c8bd59a981899ca9995

                                          SHA256

                                          7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

                                          SHA512

                                          dd7b52119d1179332147984f6c7d8cdcb3388aeb1e8af708ef9036acdde6e7b3900acc965221f4e4864dad89797072e19e5b308cf065a65dda7656be884cdd77

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                          Filesize

                                          33KB

                                          MD5

                                          40bae2e96b69fe58b121d7e6938ca0ef

                                          SHA1

                                          865ad4d08f7ce3e6b64906b9f12d5d2dd3fc1d61

                                          SHA256

                                          def24518b45222080c6cac48429194bbf6769acaa8d5d046d184f6800d4e6154

                                          SHA512

                                          9bdbb6b5bf9daae21130bc8bf052ac705cbdbef198482adf7ad3ab3a8042d577cb60b5d0116eca3174469dd067ab91afac7b3567271de21ccba7ddc3733b966b

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                          Filesize

                                          36KB

                                          MD5

                                          c76df204f7cfb4c5a61052b1b497e802

                                          SHA1

                                          86218cfe21888918cdcba444152bc2276302fe6f

                                          SHA256

                                          d149a6f793a3e06be999b9625b885507312ac454e59699f8a41403cabd88e136

                                          SHA512

                                          8413a194e72803c4a0921a2e933c094206ac91c7ac8ff9de8723aa9ec89937d2163fdfbaf3366d4699495f5fd039b2e7c41d789fcebbf33e21749c139cfe66e6

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                          Filesize

                                          31KB

                                          MD5

                                          35bc5a79bcad7afe5f11fede9447b784

                                          SHA1

                                          fe5be320827f27490393126067470bebaddcc836

                                          SHA256

                                          2bdd685ae4f92d871cc525437eb3606d7f40162caf2e1adf8f620127648c5aaf

                                          SHA512

                                          62e76dfd6be19d290fa0320e04f8b1a48d9ef2d33fd252d6da50a6231f5469510ec48bbc5aca745087ffcf7dc30950b50aa87d8c5be4fb14235997cd6daf1e5f

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                          Filesize

                                          32KB

                                          MD5

                                          c971c780267d5b469120b497db586452

                                          SHA1

                                          531f1aaa2fda20ccc72e359f9c60fff68a74868b

                                          SHA256

                                          14d2f0860ea6336ee9dcb02d274e18b0a0fb05fe76c40d4a0be9f6732821300f

                                          SHA512

                                          3f504d40867774bc4f62357a1a991224d6138bddf54f89db9f14186f133e959349f66200c7896a392c4c366fb2a3dfc3b4237e81943177ffbf090f918e762404

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                          Filesize

                                          50KB

                                          MD5

                                          89d3b9bf317c62e45422276b387d3c2f

                                          SHA1

                                          becb39f56997fed9bb9d08228762629275c608e3

                                          SHA256

                                          ab99996e1b0942c3412330becdc643bdcc019b495455349a1d1034fc5d4b4c42

                                          SHA512

                                          8965a87a6d42895e0f5ced0526dae8d3eb61baf3fc8b45350fd4c91f3200235b4a2aacba5f5c0340c66080ddae23fe794680d11cbc7d2cd5371054bedc387ef7

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                          Filesize

                                          227KB

                                          MD5

                                          61961c768851ca32a9cf38e8f30c7277

                                          SHA1

                                          5e0a7018de235bc07ab09aab70056fb7edf23136

                                          SHA256

                                          51dc07699694a66ad46960c186aa00fd12dd8b4e55f209839f85c173b436984a

                                          SHA512

                                          45a98eac5f87b2df41b3d0a261c48fbd11b7200411aa29dd565ba4395c80c613f6831b2515eafe5f7b778cb6c060e68dc310f8cab144251759155154f5e8574a

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                          Filesize

                                          38KB

                                          MD5

                                          2b26777a8125eb2007c83aee56382e27

                                          SHA1

                                          6ccad750f1c516344251a39b3b4247cc4f47cdee

                                          SHA256

                                          049f5d82892f617ab1bdbd5b986a7265207cbb86b999ca2951703481701c4102

                                          SHA512

                                          919b45676fe93124eec9841caa86cbcb36560948d02ab5f1c581e3ec4f83ea15644c6547d822036237fb0f5816047ad32aa115571b6bac17d742b2aee7c1bbe5

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                          Filesize

                                          20KB

                                          MD5

                                          87e8230a9ca3f0c5ccfa56f70276e2f2

                                          SHA1

                                          eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                          SHA256

                                          e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                          SHA512

                                          37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                          Filesize

                                          24KB

                                          MD5

                                          9e86f9a5c200c437116892f5f9cccbaa

                                          SHA1

                                          e5f43db18659e7688646407aea7c1823624adb68

                                          SHA256

                                          1aafda47b03b956fee00933e870311dc4f6ef0953711bf00759d145df85b16b7

                                          SHA512

                                          f9a926f93445877adb1800b98c47b657606bd62ed30a829c589ff0988c298045647cc2c77c5fad27e62ff9cdaecd88d02d37d097fa1681a35bd4033382bf9edb

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                          Filesize

                                          101KB

                                          MD5

                                          b0451c915027f111a53a45e51117576e

                                          SHA1

                                          c2745cdf6098b55b7d337fe735043a1daad6d013

                                          SHA256

                                          2aa869c5a534f80e58a48de1c171554872e09f18282fe5c9af152a9595e88f30

                                          SHA512

                                          19de22bfc1bfeaf70cb8276bdca8c036031566bb646acb772cded0cb4b73c931d0d58052ac1cf50ed0f55760840080e109707201e146c7567f03f0de60eb54c1

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                          Filesize

                                          210KB

                                          MD5

                                          48d2860dd3168b6f06a4f27c6791bcaa

                                          SHA1

                                          f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

                                          SHA256

                                          04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

                                          SHA512

                                          172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                          Filesize

                                          89KB

                                          MD5

                                          385133e1f17d2ba4851136b4482263ff

                                          SHA1

                                          15944d8c1a1fa09a185f5c53794529bff54e05ed

                                          SHA256

                                          46869d499b3e6e3d4518aa8d4859a9c14296d5635b170a542d717a40d44d7cdd

                                          SHA512

                                          474afffd994b7d2c7e2d92bf2043ffbca92d462a479fc2b6688e22d2bf22ca5cc432cc41342d22219daccb4f50a1a6ebc5b67e6542f791628df2274ee0bf742e

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          480B

                                          MD5

                                          39d8c53f5256399e1dc2b9c404c98d30

                                          SHA1

                                          8daeac4a2093621ef93c19f12a6680ace547af2c

                                          SHA256

                                          37ddfdf786550a7584aa84fbe5f12c17b96e0b6d0826e752cd57ad53f31ac205

                                          SHA512

                                          2b39af396e279357ab45901146d5a3cf20e9299f6bcd9718c3a9d71b97e3e5cecb30f38851894da66a7682b217a2305eba01a779039fcee0f681f956e7bccc90

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                          Filesize

                                          1KB

                                          MD5

                                          8a97bdc5363c9496e4c39814f583bffb

                                          SHA1

                                          3651416747422e30eddc2e408aee11541ea8328b

                                          SHA256

                                          ffc71864735b3c6429b2bc11096b6089c57a93e700b25a22aea0ddb585348951

                                          SHA512

                                          f9369f1906ca24015a35be3fa8559c5a93a6ae489777b9c10ab57dc888df490bc5d2eb2d1aafcdad07cb2f147b7251ef9ef7ce51f1d294717e99622322fde78a

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                          Filesize

                                          3KB

                                          MD5

                                          f0a2e0ba8a422e4c4d8f4b8d900df936

                                          SHA1

                                          94478ce8d31cafb77f1e639e2815b56b0e6c0d03

                                          SHA256

                                          bc3ac8b753a029b5184e6a6f64489fc4780b981b73ecaca27079b7b59e41fac2

                                          SHA512

                                          8865d62a0f07391d7f19af7d0ee07396b4ea8985eff91d9c527a899ede78ac437268edc8c5034e38ab04aeb736286538d2c39a7f53216d5d8d94cf532e785970

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                          Filesize

                                          3KB

                                          MD5

                                          a317af69522b6e1c20ce8a5f27dda92a

                                          SHA1

                                          1b1c7b43454b05accd03ca36033a82cb67c59407

                                          SHA256

                                          e03248d1a75655228bd91ecddb3743ffdca568231c0e926905d61be2961efe9d

                                          SHA512

                                          9f3eab507d7a5c2375081818530b19d3521942178342657853d6835f5620aea00932d9266d7673c2a7ba52cdafec2a3bb621c266fed98e09ed6c154a6b5a1439

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          8KB

                                          MD5

                                          461450657eba8fa11fcaeaa763403374

                                          SHA1

                                          610e911515d51365286beb3be81022ecd7849caf

                                          SHA256

                                          b13f8e38b446438af04a483764ac72495c6a44b85a2257555b156d8395aa4fc1

                                          SHA512

                                          f303bba6553c90c5bd9f9a02148b987d0131f5b9190219a8f2ebeda6a268d716f9e8133c0671530b604de90e3e7d7aaffa7a2c2d38465de3f624266eb508dfe8

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          99c2042976a455028298684cf4ecb164

                                          SHA1

                                          28606b53f6dd88ec85da41ade186d251d1b399b9

                                          SHA256

                                          e3d7aa3cd11ea9aa8b401a9251952cfa0df95dc55bbc0acc979f76ad36efd6ab

                                          SHA512

                                          168d14b8024e07714abe3f77f3ae307958a91329c5a5054a2b5ef8f06772c8406978c229c35d4c243513c53eb30099f76adbe5d092ce5e4903ecc64e274a823c

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          7KB

                                          MD5

                                          63d51525e419a6168697531a922f5012

                                          SHA1

                                          b526ddb9833acdea43c6869bd8b11f282a96564f

                                          SHA256

                                          2afafd91ad8059ffdc23a3728fe627261bb4f4a5b03d6f64ba5caeb53ff06601

                                          SHA512

                                          87a67c777a3f363c94f5352636946d73a1289ef39ca1251a4540ca9c1ffcac1129eefbfef607e8485cf936f43e154fbdb717f730c80e4c690859cff62dccfadb

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                          Filesize

                                          6KB

                                          MD5

                                          39a8c5c0cf31872ec1822e714606ab83

                                          SHA1

                                          ff13ce749f038c227420ab14c3b0511bda8aee77

                                          SHA256

                                          6333d6ffcf6f7481d471050e50d3da79ed0cc3b25273a5a1661578301b17ac78

                                          SHA512

                                          8beb43dd8af5f478272db14cc75b3c4fa3b267e816e3bde03b168f68bdc8191359cf8c5bef2aee565a49a63e6da1d3b3c6c3826f72681c00113d263ee76bcdaa

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          1KB

                                          MD5

                                          a0ea33f2de516f4a58c85f8b21ecc0ad

                                          SHA1

                                          d412f04de09084ff2e38528972b4541cbc5eb8d2

                                          SHA256

                                          4d7b695ac2d11dcb61d943afb97abe2e3a1ede8d20f173f80089a6fc22ac1710

                                          SHA512

                                          ff3d3f6b022fa0a546f58b00d6e3d68e07e973df7acd966aa472150c3a9fdca8d5f45d1e3a996a6ddb5fac873c0f438505c075a1cf83dad863020007c4ea8777

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          1KB

                                          MD5

                                          fc5fb50d50d3209b14d9e0e8a1595856

                                          SHA1

                                          a9cbdb16d2cf373990973e3bb4fc354228db5b77

                                          SHA256

                                          52c9cf9ef16230aa34647c1b6208954e4eaefe93c68a94b9cca38d947b6f9020

                                          SHA512

                                          e90c3bd3d3afbdedbe48c3e02ac77b848bfd6aa79640f1b1c587c54e1fbf51cfb80122b88835e39a13b5a70d5513c81fc10cd8d511a26c057d8197173cb9ad05

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          1KB

                                          MD5

                                          f6211b4036d139aabdca0e1ea1886699

                                          SHA1

                                          e22651cbbae2b6d6f34372c60eab50b9b57c8b45

                                          SHA256

                                          afe78a86dfb53e62f7556e00891a01ec0b7756fcb0e84abf6dcc5378a62001f8

                                          SHA512

                                          a856da530816cc16a28cc76910cf4b4873c44531c2da1a182f97e4792295a8e34762eb93a338021a0d62118b70ce778b2f45232bc26e83b64fd5071b0f1f84ee

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                          Filesize

                                          1KB

                                          MD5

                                          882aebca2ccd143e35d9e2307bf827d0

                                          SHA1

                                          ea36264e551d7f057707cd1749ceda6a501bee4a

                                          SHA256

                                          11ca768ba50af7e0bf7ba6e981020d647a457059d6ca6a5ec048bdbe3941170a

                                          SHA512

                                          777584d7060bc885107600e91b3014e5e63888bdee393f22e58a50cf923ab8a35efe84dd8457915a3c296e7017da4a7729401c408387f413dcd9f8535efdb887

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5828b1.TMP

                                          Filesize

                                          539B

                                          MD5

                                          b2c4a1c268031a31b9655d79497994ed

                                          SHA1

                                          cc80b390b45e7ebe64950997d025c75b059e061b

                                          SHA256

                                          c0be5244d3c8b151804347d233bf15a1df2237cc394f3e7ef5cdfc3aaeaa4477

                                          SHA512

                                          9b2bdee0148f2d115755156ab5e894864092df8e5519cef74aeb6a860b4997361c87ba5fcc1e3f7c6d3bf7a84e0cc7859458d4e4ffd68a6f67d4bcbb53281a89

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                          Filesize

                                          16B

                                          MD5

                                          6752a1d65b201c13b62ea44016eb221f

                                          SHA1

                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                          SHA256

                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                          SHA512

                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                          Filesize

                                          11KB

                                          MD5

                                          04e1f8ec7124596556bfe331de294373

                                          SHA1

                                          e8dbd1ac525ca52a0eb1655c254ccd42ff16ed1e

                                          SHA256

                                          7d304c7006f220e6a25213fd6f86f1660881c8b1727d2663818c16df580f51c2

                                          SHA512

                                          94350286850e90be5d6effdffae3ba0af1732b203384368953cd3c0046119f2c20be0a15089aec0cd0a950c85a4182a472991854c9400d57e6052bd4aa1e814f