b399e30b727aac1fa6b25c251320893d6eb5b82006f80fe300d414aec1fa55ba

Resubmissions

20/08/2024, 09:23

240820-lctx9atgnh 3

20/08/2024, 09:20

240820-la8nmatgja 3

Analysis

max time kernel
145s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 09:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

extended-scp-420-j-experiment-log.html
Size

33KB
MD5

ab3a10870633ea3856d24d5724192b4f
SHA1

e43b6cc75ff7b8be413bc26f80beaedb66d8a49d
SHA256

b399e30b727aac1fa6b25c251320893d6eb5b82006f80fe300d414aec1fa55ba
SHA512

d747aa36acc6d9dbbe3dcd6d41608acf3bfdedc62d74777a95485a675383f04fdcf5c6148d57ddb6c7f7c24053a26c184138900e60d11fe5bda2304e83e5c4ea
SSDEEP

768:tCWphiDL+5KihOoReO0aDXsFrG0vthKFwKOUgZneFrrgB/26b3tUsP5uW1nIBALB:zCDL+5KihHRevaDXsFrG0vthYVgZneFO

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3728	msedge.exe
3728	msedge.exe
3888	msedge.exe
3888	msedge.exe
2464	identity_helper.exe
2464	identity_helper.exe
5140	msedge.exe
5140	msedge.exe
5140	msedge.exe
5140	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe
3888	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3888 wrote to memory of 3204	3888	msedge.exe	84
PID 3888 wrote to memory of 3204	3888	msedge.exe	84
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 860	3888	msedge.exe	85
PID 3888 wrote to memory of 3728	3888	msedge.exe	86
PID 3888 wrote to memory of 3728	3888	msedge.exe	86
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87
PID 3888 wrote to memory of 4376	3888	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\extended-scp-420-j-experiment-log.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff515b46f8,0x7fff515b4708,0x7fff515b4718
  2⤵
  PID:3204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:3276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  PID:2876
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:2044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2316 /prefetch:1
  2⤵
  PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5584 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,17207850038417838558,11278490936615138555,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:5588

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f9664c896e19205022c094d725f820b6

SHA1
f8f1baf648df755ba64b412d512446baf88c0184

SHA256
7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

SHA512
3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
847d47008dbea51cb1732d54861ba9c9

SHA1
f2099242027dccb88d6f05760b57f7c89d926c0d

SHA256
10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

SHA512
bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
100KB

MD5
2a8c0a498902f26e40621e7273ca173c

SHA1
44c32054e5fd20e5489e27f1d5762ae23855ab12

SHA256
59a2b0b8adb6f813fa316e5bc0fb1a1ff512c9dacdfb535e5db6579130c56d84

SHA512
ad8e4f2481758d3317103efd05e56e67c3134a0e30526999aa364ae2ab24b199a7f7c1f8b08df9219c76cbc0e32f1307c9c2724e24c2b06ba8f63cbbc6846705

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
67KB

MD5
22c04a443316a8f19693fe1cf72a57c7

SHA1
79ebd5427d791f4b85759c520dbb17eafaa089d8

SHA256
4bed01f2abeab6a751a08ee43d8499ffef3aa8a42c4c41b082fc4047968f10f9

SHA512
1acaa0bd5c5e56569f634fdbb39214b3217423f5935dea8d1abc408efa5cdd730d1ed4e02cddebb4590753cb852ff2be46793223429777960e83d378907efd1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
72KB

MD5
eb8480396f9e041bb26045b9eb20d88c

SHA1
be19197e265a6830bae4bbcaba4554f1b15daff3

SHA256
8f327b026ee65e784d6d66e92807ed943299bf4d9264d5ec1327b0b040c32ddb

SHA512
bcf54998be2d8e90ebc3ec85752106a776e037ae5bf768c6b00e37ecc95346a360add8d6676b78c6e81a15d604df7169614a73af06b7b0939a0ca9580003056f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
16KB

MD5
5f65521f6c6223e1e18cb161832bea2a

SHA1
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6

SHA256
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9

SHA512
4aa87e0f16d2be6398849314b375b865a8a3b2287dce712192f234ea8ba2222720555540cb8f20b9df36e6a9dd6b84849450ebe611a772ef488f89082802fd79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067

Filesize
187KB

MD5
11060bf5551b4e92688817019d367acc

SHA1
cd2bb1e2d5ae2612c2c4a3ff374c776824cd15bd

SHA256
c72d0c3ddea4aba55a99d45ab51328bb17f445403bef1d570086ec4d67cc5762

SHA512
98c499bb38a9fca2326f2de7c6d9873dc511a6cb24bf60f5905cdbb43d1c133b5c2ce24096144600724063941b2a80fca126afcf2ae9537644dc1ca39072056e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

Filesize
28KB

MD5
2a31444e4d77907ddbccc7faa58ce351

SHA1
eef14466d48ce72eea772fbbe42605018b518d23

SHA256
d8533e5512d40852a14ae0a0942fdfc23dd6d8757642e6ef49aba422f8f8632b

SHA512
17ab61c7847da1dbf60e886faffee5aebb5be8b8c1ece8310e62afd9a5790e37ea3ae48e15cad17601de8ad151b6a3aa26f7d5579d476d5190638e212b02599f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069

Filesize
157KB

MD5
0db68b9f954b67fcd9c482ec1874a5a1

SHA1
7b185ec8bff9439c8c69fc2d0548ba12a8fe6dcc

SHA256
fb1e63167a734f50065f84c67f1bd1d86e4c739202da7ebdeea8adbd0eb35c12

SHA512
860a5c3c269d6323c86f9402d595b6e393bb8653a3885a2ecbaa6d1164f35ff9c1b487bdab386c1b4f1937ae0c8787533525fc6d91a83493377317878ee9e2de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\28aa54fd6af9481e_0

Filesize
15KB

MD5
c849c61fc7b6167011a3335a5b938b23

SHA1
b32e0b466f42351c47ac4f59b22cbff1df75c4f6

SHA256
d8b1ceed3bf13608e425371f003a225d2b884ea0023f6ab67380bb6cb4732ce8

SHA512
4f74aa96eda63a557080763f86a38e5e6fc58af19d05d0da80ce821a465a083937d51e8a7ef6adda32d5265850c0d6b125c39f307e6b4a92581b5ead8b89b6c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\405d8acac68612f5_0

Filesize
177KB

MD5
9060efa4c008a07367b9ecf8a12ac600

SHA1
9477947fc25204646e6bebf8009422827f32a6fc

SHA256
9a70de27d10d0af9e970c67e664a034c798e47e2eff9a6c0056a2271d7fbb400

SHA512
f2fff8d91ca84bda2842c7c68eb8baa3a7f41d345aea26a4693bd1b180cd45005e004d302b26f788286bfa52d2e8d7288303c4e807193608e9e52a62deb02168

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54f93c40e0cacf3f_0

Filesize
2KB

MD5
20331870846cc86e89440fabfb273fe2

SHA1
ce2c66b21f6e4a04d6a604531c4e146456b7835a

SHA256
b63fd89de2ef0891eba31c1fe3d2818969d61b7a64024d13943eea0736026c70

SHA512
ba961672a1b1b347b06d62638b2188397dbb53e628bfd61350e37ddf6405df4eb79de30a78b8ce5d737722d4e576efa775ff7084e1b7b94557f0c7b0f7a9191d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7c6525fee554d1be_0

Filesize
44KB

MD5
51bbf1d4fe23264af45cd3f76bd2ed35

SHA1
96a1dd6e54fe0f20af41e1231368b7fe04fe7b8c

SHA256
477ac33f322a23af7ab40ee8db6385f51105ba4850d406fdc103d522ee1e74e8

SHA512
73547eb9af66135d2b251f5c5e05d450e17c5f030dcc4742614c0681b557c0e0cbc2775480e0f1b16276f969919c8c8c7dcd8aba64feb6a453eb2c6ac0b310d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d64c533f699ad1b_0

Filesize
293B

MD5
0a2102fe7ec2fcc34ead63bae7037a35

SHA1
5b39cbff174fb2a0823059c8b9b5a83cca26ad70

SHA256
07d57641a0c141e2d50eeb326c4210b906181371f3b6cc6ccee187ec42fdd837

SHA512
7288da5119ab6e3a2d7b51aaf40d40ec9e54a7b30a126301ef0532a08a58ca3b10cbf02314be7d2c650c525541e6202d48ad80b473d8b79772c134845c33b48f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\92ba8129cbde61fc_0

Filesize
316KB

MD5
c519786b0a754b5c02cb8c4ac60ccbe9

SHA1
a7b53ed764aad36c0655eb8f2fc85705aa688b1c

SHA256
0d29e81933bdd65ee3d6a00feb369a1e8d87ab4161185782dc4b26676f67bf8a

SHA512
9adeb2edb79a3d51b1cdd4cee3d3156011370bd2b4819cb69f8818c373d331c09b960e214ee6c11dda2e89f19bd8f615d216520d1d857f61f3b0992e84a1057e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ba1ad4432cb99b3b_0

Filesize
267B

MD5
35ec30814607808363ba1ebc18fe70aa

SHA1
1c728a55904969000fc3625c949cd1cd4704f60c

SHA256
92a49f057ac156239e38fb191e72fca58b11a96fc45d8176d0c1d7415b879616

SHA512
5b30bb972cff6ee61359c9fb95256603f53c2bead6be35c51e34df3f6c5d5cb54b1b2fb60dca2733613d6042789d82bf1e91c8de60f07e3d238d12691158f23c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
1423b31cea2f7369409b8580be13687e

SHA1
f9e1a7d89ec72b90647151add566cd85aa8c24b9

SHA256
76911fc97726afa1252fbb95f4910d134ddae13ecfe6eabd3f0ade223d21ba5b

SHA512
875adde1aee3ddf5810cf9b59e6159ce8f3684dcea01db8bc85f1e68c5387cd6e04d3f8cd8f129cdef8fc81f85923b2364898e59d3c874691da831597e0fd7d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
9eeac170fcd185e3b9045e8508e3700d

SHA1
efd705e6b23f6970543547b4857f36ed9fa58a3b

SHA256
f54794abdccadb529ffd487b17295d5e57a4c35082f5b1c8a7054b65c8bd3fde

SHA512
299fa88e78577364f3a903f3ea838237c3e77b524a58fd9b795bccca5676ce650d838a4c286e67a89efc96b0c10b68e04b1c688fc57bc867b0f6b5aeb246a9eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
a3a8af34dbeda8e2cf4cf3a971e6880c

SHA1
fa9095a749150de9ed0678511378c1b7822f0fce

SHA256
cdf127894e7f3636ec4edeae4f8b745b1d8de88f14419b43845e61f8079c0cb0

SHA512
cddb2af0db7bf3addec6336a38ee6d2fc6681f449fe3d427b1810a86797df8bf6fc929eb3f69d117153a159dc6209dc199db11ac0d9f6183dbac1185dbeceebf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
6d3d6f941b1f19773538b17f743627cc

SHA1
1599c5030688a214dc5e56fba0419dc7bf948115

SHA256
32997e732129b52f86a6c61d29ec7108d4be8299c35b1e6499d5b3e981a80ae5

SHA512
9cb7c2d0d015eed9a6ea351e472c3dd53e0c4ea16e2fabd14ce9e626cae4d63bd32fa0d48252106410926385ce7dc14941e1055efd4d2abd77ba251907bf1054

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9bbd79ac13480e3be87a63d5880c41c4

SHA1
363f629f53c280e98c0a59e1f6a38e7408e3f894

SHA256
b6d7c64344d36eb62eb01fa8cc096c55012343c5188f6104f6ca7243d90bd589

SHA512
283aa93e5f8b78955f6d8c818f5af70777f196d2b546a3762703b98e4213e7d0cc92a4406dce3f1fc91e41fef732c1ff8cbb8db734dedf205b28913e5d77bd9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2ade12853ae2fa3d5c3675bd44873c4c

SHA1
c44591bff109090b19bdf09ab6a5c0bad2994fb6

SHA256
d164608d577f578deb15ebc6696c1601d8472d5435615316f06b9ad10b6e4443

SHA512
de8841814595a13ade3ca8563757d8193c3caa79d61ef397fcfc88c5e8e855570f17116ff55279a31aea41b67fb8afae3ff262cfe9c7a4ad57e80bfd2e0b6344

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
64a94f364fed2feaa1543e01e33fbed0

SHA1
0e0a91b1ad99e909bce260e3f35a719d89f51900

SHA256
d00f3316283ae4e323fffc0df4737d13edfc6cd18fe87b755d892d3ba3338460

SHA512
7bfd380005068edeeca34a58659c51a5841533b067254e13eaa39a820f30819915d5505ca0e6cfdd4b586c6d0f4f645c81af0d9aa9c3b323a45c08efc9516f6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
48949d2a1891cfce4452bc9947da54c9

SHA1
569a2a2776e0935ac2250320f125a91a2324ef24

SHA256
de3b9a2856304e9ce8cc9b4aad4b623e679568cb5544db91ecdbc775c0d4b8d2

SHA512
e51a22dcfa9a2f21c8d0a2c83cd9463f7316a7b40304bd3db0bb8d1c469ed5b6aeec3f26af70ec6241bfc49bf72acf9e71f6c8eddefd3cf3c2cb042a35a80955

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
99e1c786cfdfecce7604819cd8c6cc1b

SHA1
8835aacb954402b6a858435671bdecc234a408a4

SHA256
2b695fedd9feb0b1c3246a1e9a8c09d904dcf72ace052d8f226d136ae797561e

SHA512
3b08e59b0a90e1db4d2fe0a1a0b29b23d4f1640b4cbf902a5dad62e98c76ce3a19d914aa511b9d3c0224baa3a826982c4b98d58b3e1713b167bf1cdc57a1e530

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
86087d13330ad3bb8e7d3318aa41bab5

SHA1
7c11f3cd190172e82d425b50b815ccc7c10efe2b

SHA256
8cb7de5a22ae228edd6ff20409569756770bb2375eba586e5523d4ba52ee8596

SHA512
1f75eddbe63c92efa55c043c7c2afb1d3eb37267884d703c4b0fe16adff6f66fcfa2eb7d851a9754668c2dc1f4d1c65b046f266cf2a83eea57f583260cd46534

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
38c89b2b399bc23859efccb9e2d4bff8

SHA1
c0e671ae78f1c467fcb92bfc0b9aa94c23b52ed5

SHA256
6864d31d10697692741e42da3fbcf942a320b1d0eaab1de9f0c5acae74375b3b

SHA512
418ce1487e81f2f5a7bdacee565e002e5621f3206d1f6a5f23eae91c090be54ced39638fb90c74f9a238b1d2624530f150c0555f2f23bde8ca4f48210c55e1ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
77ba3576359e75ba44e513c2524fa2a2

SHA1
5efac221576451e1e1ec542c53952e4cd2eb0087

SHA256
a2c2456c84a705f3ff113d30453b2b9a3d771b813bc7f84e21739c9f09d7549a

SHA512
b04a42856c24f3d8a9a052d79608253ed004a3fc6267f4fbc7d969a94030015238dd2f828104f6ff3f1638c592011371e9a25cbca8337ded344bc8285a27507e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a4527d6eebd832429f75e8f0207606e0

SHA1
17831180d888b9a28e268b1f26009bea06171d96

SHA256
e9bc16056f53d943a4a1497662928e0790b3755a45d05ec5766c2835bcca4325

SHA512
76f553f57688ded2802e21219bd7e10bc90ed8558e3d0543200866164bc9f5843d3fba6f891cbca53e4e5619db3cc29e67e397fb142f63db3614f6f6a22e9777

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a9e9f14d5794eb2176904592d9c297f0

SHA1
1f62fe25301b17ba60bc0602963b8e76d5ccfa34

SHA256
485b261e294f6799bee05af80e8df13e9e3b8ce0ed8254c6faca132eb70728f2

SHA512
e9850f1991c773c7200b18582e91eb2c67544e791cab7206af211b7e583c464e94595fcdc3c65c44b43d529c54b549c6b51de745bc10ccba37af077a1b67742f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7a110df4c56a4e4340ef8fb1d50305c0

SHA1
21c40a1c63f97f8954cc84ff2cfed8a03cfb1242

SHA256
74d708df969eadfb62060c0b06a3d971b403746acb6ad4da91e7cefbb410d9e4

SHA512
5976fa1e1e35f659b1899a5f64b261546384466a35b6099cf61ba4da8abdd1717f9fc0d7677b5f3e7118daeb47cb6caff2055a31470ccd69266b4289ebd2ea4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7efd6d1694e5efb4f60ecd29f2c3f12b

SHA1
8aa1dad8e212e45405248ed918f6f52ee41f16cf

SHA256
3fe07910f4a8cad9cd88bd0122de0593a7ec0acecb60e55486f4a1d078784a8d

SHA512
634219745b835f61d99affcd5c80580f86cd149e002ad6cf8898bea35e9de46ece2cd8aacc679f76dc12c09e3f9dca70bd0680e8bcd88da2744f3afe608bf671

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
80a1112b25f36d2aa7cb16d85e97507f

SHA1
3a846b3dddbf37d6fce37acfd2cb74b065312ab2

SHA256
035c635496f1574bb5e3aead2fe80302bd93f7f6e75420a59818beb287e2ea0e

SHA512
429a950d5c93607c95b76a8170cf164cbd479d561ce0fa142b949930882b2c0eac6c8b8de66f7aa95d2c7e19763fe76164a77381f8c4652951715b216ae2b140

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c2e58fc044bc5b17f3c73b68ed0cd5cd

SHA1
c89fdcfd24d623f86b664eb02ef429025bb6f10c

SHA256
36d7d9dc6730fa1cbfddefaab2d016223f989a7382e88a35554665be50671182

SHA512
30c56b83a910438d5668d497c216053f8899feea2b9b30f3998941fc81a79cc7de656ca665d9ea31d23de32a0e85ddaa5c07baf64b1a43eb7f2328ab5569df88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
51523057ae1c3316b7ce0c80971bd8f2

SHA1
338d6ecf75f71e9e50594c866fff861c68611ce1

SHA256
1c5739363e2383332018f0632a54bb4bb52966034dd0c4b724a8b318b883fd6e

SHA512
a759d4008ebcef6a64cd49ebcbc928530973fd58b5a6add084bd39f515d2e7fd887ea6509cf2e2b1bc5cf61632c1dadd3de2808352ed53186cc2911573499fc8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
d96f41ce4fbaa01586587bb9943e13d3

SHA1
21ee763646d3e7a81c20da614ac7ae9bdad24841

SHA256
e9f4b9e14c6161127c388334e01059b5f554bf4e9622fbc586f392d8813bf644

SHA512
661d161d6b7e7c7ac11e6294348fe8a9f72ebbf3f801e4415e5c51b85b7722d69a38f2fd541cf7ac4733182140ab3a68b3d095b22c4779b5b98b0e6e7535668f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
7bf8ae14ff48b10d02d47a3b3bc1f997

SHA1
661cbbb84d1301b8c6992cf2ab0d47ce6bf8fbe3

SHA256
c5cf02bf0c6b1eda8a88297f838cc9f5042f8cdc63120294d3a40707d3fa9530

SHA512
44ae21e6a223363e1c50e1c2a59e437683a39869d5ec4812314c63be5d437b0e8817d90a8f6d730c09fd80d71894f46d4857b4bdbd02aca5d65f97c4965d60cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5842ff.TMP

Filesize
869B

MD5
84ea29261c39c418d44b9b8b99c165c4

SHA1
7eaeb50caa79854d1c01e3b3ff6ba9d9f0d651be

SHA256
e2cd51ea50bf278a37c19749bdee6664c96dce1d6fec210e192c3942f3f3a32a

SHA512
a3b489fdf5d1aded0bbae6c44485b06d563ad2b832e6b9d84cdfe5c4069e68a3bdccee92ec45841cdba3f279f93be91681184b5e37e9d4e995f00b226557c21b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f64b42e16f90902d0cbf4de375e6cc85

SHA1
cb124905b880494b05780cb3f589e93d7cbf5275

SHA256
2b50c4ecc3479fdcaf50ea39de3c88c11547aae09f06ee0c6faea42ebe64c111

SHA512
2dce4d9fc0d3a4d3be68a7b58507b42615ec61ffc1a51a82db0032e2a81d2a360fc5e0d81684607b01918bfad825c1280d7e48ac8df65668c36b35ee1ddf1aad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
0e5025f4cc64963e3193a9d41ee29b62

SHA1
2c46e58491e19910595bdb3afed47c66572748cb

SHA256
a6cd9b34746bfa52a869c2eba7dbf4acd49024f5f5d2f60be97f0bb2dd0d84d6

SHA512
d1c89d1bbfc3ec6aaeea89f1a16bab4b1f0d563bde0ef71fa7507027dc55309e05c587954664a39c6b07c34ccbe22c6dd24e57c92acfeebf9bcb3d13db84423e

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
8254bd9e0c5fee90cb2f174e8d034599

SHA1
a946b3671128d123fd71ace1caef7c2e2a0482ae

SHA256
063b124999d4727f5b8085f791c33edcd606d6d6c903a8d7b55a608817f960f7

SHA512
02d91b2e7ed6c9e84fde1ef2be5898bead0e8ff452c8413b76eb76ffda15ed91dfa76d15aa20014ee277d88482c0945f0462804fed24d85bb6f8ee261c927d4f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
a594541e3e2e8d8547743405b9b0eddf

SHA1
6bdb1db8ff2b096f747b0448b271da3949f03ebd

SHA256
80841e38a532d46d077e598eba376d968b97e4fedf0e9591fed66dd05ee3b6d0

SHA512
6c368b46a159fd8385a9e382144a1857b1993e1be91e491f935ce5c5ab7458da470c95e80de96dfdd26f0eaf84e84c24d4a2f44d35ca4fce971a421e4d52a8a4

Download Submit