Analysis

  • max time kernel
    36s
  • max time network
    37s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-08-2024 08:09

General

  • Target

    http://kekma.net/

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://kekma.net/
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4816
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd183e46f8,0x7ffd183e4708,0x7ffd183e4718
      2⤵
        PID:4964
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
        2⤵
          PID:4672
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1008
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
          2⤵
            PID:1752
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
            2⤵
              PID:3156
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
              2⤵
                PID:5028
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4724 /prefetch:8
                2⤵
                  PID:512
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5356 /prefetch:8
                  2⤵
                    PID:1060
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5356 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1656
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
                    2⤵
                      PID:2800
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
                      2⤵
                        PID:2072
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
                        2⤵
                          PID:5304
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
                          2⤵
                            PID:5312
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,4827492357139139370,17575219289095801034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
                            2⤵
                              PID:5576
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:4568
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:3788
                              • C:\Windows\system32\AUDIODG.EXE
                                C:\Windows\system32\AUDIODG.EXE 0x304 0x49c
                                1⤵
                                • Suspicious use of AdjustPrivilegeToken
                                PID:1552

                              Network

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                Filesize

                                152B

                                MD5

                                ff63763eedb406987ced076e36ec9acf

                                SHA1

                                16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

                                SHA256

                                8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

                                SHA512

                                ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                Filesize

                                152B

                                MD5

                                2783c40400a8912a79cfd383da731086

                                SHA1

                                001a131fe399c30973089e18358818090ca81789

                                SHA256

                                331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

                                SHA512

                                b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                Filesize

                                1024KB

                                MD5

                                6e924801a738075aa47c714652e897cc

                                SHA1

                                76dae5b9f81cba569f7512e69dddb5eb9bd965e1

                                SHA256

                                392be6338f10c6fa36ad273edebfac127d4db50a580071aefeb0765f3f118294

                                SHA512

                                ad1397f088ced62be8d7dc0555ec02f2f3bd41e617e5c83adec94dda83bc8e35048aad6033d651de9d008365e9e68d650750853f8ac2d1323e36594dba7eda94

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                Filesize

                                408B

                                MD5

                                59ffe42a6a356f23083c11c4573ecc96

                                SHA1

                                f58499292aafe2ca8dd28319c5c39d8a962b7faf

                                SHA256

                                0b8cdea55b139b2c080002150abf99d1bbfc323b4705b30021fdbd85a2b1431c

                                SHA512

                                30b656c2d3d5f36e2bd21a5e7e6fa9ce2100d942ea6ef199e5981a63b58bfeea38e65ddde3d51c39e8964d1536e700f8b0c9ae64906f49f2cb1f5823511ea2c8

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                Filesize

                                72B

                                MD5

                                e59ed6c887a5336d09b33fa57685be00

                                SHA1

                                15f9b4937afbc636e2dc5316a3ab96b0e2abf8f9

                                SHA256

                                f88533f0b2e36e640254da9c33d304c383e717cdbda6a3807492f247fabb5701

                                SHA512

                                20e642f05c33580050bc64c4b5e32b4f65d6aa9260fc5a1a65647af6d604d314844e8ab12772e730330b3a3a5ee589f76b91f37a4a7d4cc14dce6bf78c049809

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                Filesize

                                258B

                                MD5

                                da2fbd036bc1004580dbbbfdad37fef6

                                SHA1

                                0af1cd7b2f244d490b123f8351b252e04111426e

                                SHA256

                                7f871b509240fc41105f33cb691a18871402bb05f4ced22748a4cd9ac5abe85a

                                SHA512

                                679caa92cffb30e778fc3c5c4efc55a0d5542516e6c24c548e708230d6a9ad7e872c72ba84187c129990cba9672cf5faa7c1390c4c64ae5a7d8b33e4d41a0c5c

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                5KB

                                MD5

                                c2cfe0345713c928a243b30b7b8913dc

                                SHA1

                                52b6b2d9dfb073ea43dce352f4ac5bb00e3d4bdb

                                SHA256

                                417812f38080e83f9f18de43098b3d06e36aacd72c95edf3d099c74ef99e0eb5

                                SHA512

                                4463fe7461ac2a89b2cfd52e731e0464f88918b7281e33bdefb64a51b8b7755e3d09df16031a469a5510ed8d8158f99fe4a5d6e67295a46bb22c3d0a56b8b526

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                6KB

                                MD5

                                41c7b5857df040ba45b19c4e593128b0

                                SHA1

                                bf3badf49c6f9c26bef6ebd5d9f728a552d80a58

                                SHA256

                                53e0d9a0a6cc12eb09022662cb569521ff630d0658baa5ab7353e323c3a5ae14

                                SHA512

                                a03a16c70ca5990a67a3539a89ee4e5b80b812dd1cd9515c320653af6fe44deedabca6f51afd7b537d9d810fe4a274a1cca59e1aabb5f532bba61984de4ee88a

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                6KB

                                MD5

                                03ba1f2cf23d4f4b2c43b248d0b0eafb

                                SHA1

                                8053683a73d095b17d02dd297957932b3c02ae86

                                SHA256

                                32b93e4025666fd4ca7e7efdf51fa4441b9735ebeb5eccbebe626f3ec7912c33

                                SHA512

                                2c489c67b20f8c5c84728e78267b57cd1d2780f1380c06242c1e18345bf8e389824f0bab64a1152deb4e2507979f37c1227127b8a897a9d9fc62fdc4d2665895

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                Filesize

                                6KB

                                MD5

                                392e3b1522b54c6d9d4b74188b14e279

                                SHA1

                                b81d22b63a344139437da096380ffea30dccf6fd

                                SHA256

                                29f0f688aabed96dc95e37c7d338ea134ac6101ec32497d273d12efacd90a638

                                SHA512

                                42906fe22725c706a25420f0f0f51f4a76b0eff94ae7579d041e5fc00af04d32a28627e8348ead338a65a63912eff75e7b3b6d2a421218acd7db902931ab39bb

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\96eeb8b1-268c-4b8c-8fe3-71a178fbdcff\index

                                Filesize

                                24B

                                MD5

                                54cb446f628b2ea4a5bce5769910512e

                                SHA1

                                c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                SHA256

                                fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                SHA512

                                8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\96eeb8b1-268c-4b8c-8fe3-71a178fbdcff\index-dir\temp-index

                                Filesize

                                48B

                                MD5

                                7c38e8c9f5d7ba7d891bd2e505b23da1

                                SHA1

                                fc3ae8c020835a6829b210c6817ece1a70094ef3

                                SHA256

                                43b61c32792ddd9aacbe864c5bd662cbe294795a5f1a73f7577de33255d1b8b4

                                SHA512

                                d2f15c84b34a4892c2b227f5e0b5896f754f7efcc40b1aa4854a73e0c72868309c31e6643ffddd9697d9e4100221a19d8775e7c678135aec4a3ca5b087596c30

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\b42f54d6-e30d-4891-86ac-74cf3a3af07d\index-dir\the-real-index

                                Filesize

                                120B

                                MD5

                                0af601e83eba681f2310f3656f26847b

                                SHA1

                                82f67e9d124144052025c7a86998a0f3ce03718e

                                SHA256

                                3afd808b27a4942c695e5d1372a2734d56abd5c85f8544fc7c0ec20be1f63215

                                SHA512

                                bf3c163b193c7b896e8cbdaea7a2140a2f7d8fc0f6f1b4b81a969518764e2883908e66a0e820b7e07cdacd9c92bd0794102c0ea64ef11c04d8eb7ac0a8dd2909

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\b42f54d6-e30d-4891-86ac-74cf3a3af07d\index-dir\the-real-index~RFe586184.TMP

                                Filesize

                                48B

                                MD5

                                b8b19e4938c83747897b24b23ca429df

                                SHA1

                                424ef4c12898d698fce9adc70c9fa7d81ab64e03

                                SHA256

                                1b6dbbf278511653427a9f3436fe4eec0f34e7f978ba8968c4931c2994f7355b

                                SHA512

                                ab296db249ca673faf5e3ad7afe637f62c15c174a398ef96274bc7e53172314bb2be682d7de31b3492f10ba2e33daf17ce634d305eb8de007e775d26a0ce8ece

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\f686e067-d708-4732-9d22-53c09c3f6a78\index-dir\the-real-index

                                Filesize

                                96B

                                MD5

                                fcec5a41f0820da4d2ee840d82a53ef7

                                SHA1

                                d8dbd5d82434722cc80931d31bb80fcd204a3da7

                                SHA256

                                806abb4e40746752070063dac83b22c0cee88eb204f4290f091c87123f2ca1c2

                                SHA512

                                c8a1089887e2548f2b793b2f39cb1fd2620c38e9c3f870a939c177f7dde04d8a56bf5c5c044bd71163d7944639862621444a3c68dab769c9ab6c5c6ec404af77

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                113B

                                MD5

                                e7e17b81e78a5a9a8431ca1d412ad484

                                SHA1

                                125aea10317ac02dc2953edc507827b15afabe71

                                SHA256

                                c26cf98d4bc87b57185c264ad69e56addb84718487b02dd8b3edf7afa77befda

                                SHA512

                                afbf7135ed61feefa20ca217f911457086e895448d0b253b674d7f750274fd1c41f5ac63cfbec02ff1f92f84b747ad780d3d51edb4da5b66887b07fda3495bfe

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                240B

                                MD5

                                4c6cd9dfd509f983af67a96c76c0c86a

                                SHA1

                                d6b42a45c63dc7d113c6ca92d05bc35fb448bdee

                                SHA256

                                9d20f0af9f14f760c5dcbabc73bd014c1715e53fa43d125417efb3f5fe2f7951

                                SHA512

                                98ee94eef33fa080c60292a30fe5a4630450884ed99f6b6b1f2ad9ca159aca409207add3ead6d9f59025129586289e1a83556ea96ddad1ae093c560c775257e2

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                367B

                                MD5

                                5562eb71db1345f212fc3a289de37b62

                                SHA1

                                e123558f56910632de561cb72a29302e7368946e

                                SHA256

                                3e0a5dcd2c00cf10f8114d758ff5c164d380af194145c25cf5b6c9fa0e41da5f

                                SHA512

                                2622bde760af3c22c3e804ee064346940ba2c015b756c4293d430100afdf8239c97a0f5537566b86a0153c55baa5954de365a7803ff854cea85e602eb5b6c6db

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                619B

                                MD5

                                348c298c8015b844fc9b97daba3f8358

                                SHA1

                                2bd584bf73f8be00327c19e419d783bd3684283c

                                SHA256

                                c135b57992348ce909dcdc86ce335322750f0d1b19aae8d9105223e1a1b8b3f2

                                SHA512

                                bde8804e6e91dc194b97eeddba0267358caf3b9c7897fb282ed2e863b49960a8c932ec627e9cd35f9999a0c3869ef84ee4a1b9594cc05456a24c4917fa3c246b

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                495B

                                MD5

                                8a9aac4e2368a3e7ea14dba8b02d7474

                                SHA1

                                93ba4aa1f6422d3ab6c90c1580c2e624dcd0ea53

                                SHA256

                                6fc50dd3cc8de53e2050b3422bc3300fe91167f9edac2a52518d2c40cd07c48d

                                SHA512

                                9e3fcad035232df7d7208597c93705d197118e74e5009910681535e52d5d8c96ef91a6f3c2d6ac9762615e6d1b4133c1b0326dca6b82bd96afafe1e022e75986

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\331b2f96fa7e13f557421be906b694c5dd9e7334\index.txt

                                Filesize

                                625B

                                MD5

                                d9679f804c1b4518617dc50bb686930f

                                SHA1

                                96908742af2e9476a712451ab94889249109b0d6

                                SHA256

                                4fff8fb7843a8a716083fd030e3d3639e1533d327148e5e1037896dc714bcff1

                                SHA512

                                e71288553f865dfd8757acad769321fa62266c4ae3f0528af985b40a9d05a4cca6f50b3ca07c6d6b201b107e8105e8f36b2fa9cc2437fdb0816ef8fb9c945275

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                Filesize

                                72B

                                MD5

                                52176d13e1bbbbd2ba02a4268bb8c86a

                                SHA1

                                2118d30eb5d76fdbe336df6cb4815cfe1e4dff49

                                SHA256

                                d9038f041d1d9e44fc8857389ea11db949b69dda5948ff203c392d7dd7bcb355

                                SHA512

                                f1dd7d9a50bab9e850a175db732f3298b0dcb1290688e4464bf796636499ca24a257cc32e31a247301e9d23cec3e309fe2751bc3ce2b93759650611e747d59ff

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe586174.TMP

                                Filesize

                                48B

                                MD5

                                7ea269377ee49dcb71758f6d65cccf97

                                SHA1

                                af5bf4a17fda7f86c4df1b4916eaa817e3525cbe

                                SHA256

                                6db6d1df5e09520a6427d79fdd27f3b64e935dd7d4fa62801d614c20c5e135fa

                                SHA512

                                1b9188aa0928acd851180a9e025ba2f12a1ab13030c4d91f8f67785f662439837ecc085002d2d74378cb3eb653e3462ac2a4aa8cb78285dab9e8c60f4382d0a3

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                Filesize

                                16B

                                MD5

                                6752a1d65b201c13b62ea44016eb221f

                                SHA1

                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                SHA256

                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                SHA512

                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                Filesize

                                11KB

                                MD5

                                88d8654880bb567489d4398d1b0bdffe

                                SHA1

                                b49b070a73e6aab9db84e09dd52cfd04ea9e3e5d

                                SHA256

                                6700f0bdc47f1f5b91319f9bb236a2bcb2fc8d43599929e8f7d255a896b478d7

                                SHA512

                                23e48fe8f134faafd14e04b7f8268036ea14c5bc4951e5ed1583adc4500706935f8827cd8cc17f5d248bf3c6ebef54134fa8d247ffa252f94a48b2c0fc7114ce

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                Filesize

                                11KB

                                MD5

                                0ecc8051695b8a1674a7c26a636428bc

                                SHA1

                                f69b75a46cd5576c2dee4b4e810ed3b488815c2c

                                SHA256

                                e6142b82b415f7856f63b11472d38680b942a4992e09200f2f668029aa6ffd28

                                SHA512

                                4bc90d25fda48916dba7225804fac4d4219d57cc3d4cd8d1c8140a72bd5d723e8f6fa391a6ea8af8d279cd353b0fc663a9fd86583ef73b3a04f341287e818ef9