hxxps://r[.]search[.]yahoo[.]com/_ylt=Awriqoh9CdBm[.]AEAn2lXNyoA;_ylu=Y29sbwNiZjEEcG9zAzUEdnRpZAMEc2VjA3Ny/RV=2/RE=1726119549/RO=10/RU=https%3a%2f%2fcodepal[.]ai%2fcode-generator%2fquery%2fuMea4IVN%2ffortnite-account-puller/RK=2/RS=ReRmCd_mzHgaT8mkyGfM1gxjLUo-

Analysis

max time kernel
357s
max time network
359s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
29-08-2024 05:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://r.search.yahoo.com/_ylt=Awriqoh9CdBm.AEAn2lXNyoA;_ylu=Y29sbwNiZjEEcG9zAzUEdnRpZAMEc2VjA3Ny/RV=2/RE=1726119549/RO=10/RU=https%3a%2f%2fcodepal.ai%2fcode-generator%2fquery%2fuMea4IVN%2ffortnite-account-puller/RK=2/RS=ReRmCd_mzHgaT8mkyGfM1gxjLUo-

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Web Service

T1102

flow	ioc
49	camo.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
1872	msedge.exe
1872	msedge.exe
2388	msedge.exe
2388	msedge.exe
2184	msedge.exe
2184	msedge.exe
2860	identity_helper.exe
2860	identity_helper.exe
3432	msedge.exe
3432	msedge.exe
4924	msedge.exe
4924	msedge.exe
1896	identity_helper.exe
1896	identity_helper.exe
3304	msedge.exe
3304	msedge.exe
2136	msedge.exe
2136	msedge.exe
2136	msedge.exe
2136	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	4512	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4512	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
2388	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe
3432	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2388 wrote to memory of 3900	2388	msedge.exe	81
PID 2388 wrote to memory of 3900	2388	msedge.exe	81
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 412	2388	msedge.exe	82
PID 2388 wrote to memory of 1872	2388	msedge.exe	83
PID 2388 wrote to memory of 1872	2388	msedge.exe	83
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84
PID 2388 wrote to memory of 1176	2388	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://r.search.yahoo.com/_ylt=Awriqoh9CdBm.AEAn2lXNyoA;_ylu=Y29sbwNiZjEEcG9zAzUEdnRpZAMEc2VjA3Ny/RV=2/RE=1726119549/RO=10/RU=https%3a%2f%2fcodepal.ai%2fcode-generator%2fquery%2fuMea4IVN%2ffortnite-account-puller/RK=2/RS=ReRmCd_mzHgaT8mkyGfM1gxjLUo-
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffba6eb3cb8,0x7ffba6eb3cc8,0x7ffba6eb3cd8
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:1188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,1588612074033913341,11437885355378999599,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:904

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5044

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2476

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004E0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4512

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffba6eb3cb8,0x7ffba6eb3cc8,0x7ffba6eb3cd8
  2⤵
  PID:1468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1856 /prefetch:2
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1944 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:2800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:4912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5396 /prefetch:8
  2⤵
  PID:4752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2576 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:3712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2620 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1844,215112478503970799,12839342879150805590,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6104 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4452

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8276eab0f8f0c0bb325b5b8c329f64f

SHA1
8ce681e4056936ca8ccd6f487e7cd7cccbae538b

SHA256
847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da

SHA512
42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
451cd139bce77c7fbbf158ca1f3d1059

SHA1
27cd37f157b2075b075ac0f3231e6f355abe9233

SHA256
ade70d3f22e4174670951ed028318b754dff05a738b657da42ef49332fff12d1

SHA512
d192881273d623721ba0a73bc2ad504b3fe6376281d8216b4a381b83967ddff828b1354685f502d36277ebfc70a398e7fa009f1361e6e81311cbdf80ebf91a5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e74940e7c86ec9977a335ae6f8d7f676

SHA1
726dc899244c3a82940f2e07b0d0c17749c87d21

SHA256
2ad4e474cda387dd04dc36d21ff1571d95721a1b9d40ea83bacc540191d120c8

SHA512
baf261ee52cb540b137df4156c0807ea2e1d22859bbffbce89a7f3d2bf2238ed661fb53caa43196e45f9768ac6d1d3f8f364415e67ff6a0712399389061f4fb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
058032c530b52781582253cb245aa731

SHA1
7ca26280e1bfefe40e53e64345a0d795b5303fab

SHA256
1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e

SHA512
77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
0ce7e8728186106e7c1a094e58d41568

SHA1
e6f34e95c19cc4d4d74266be87455b2e8717e5ca

SHA256
621e8daf26140e614085f46531f14a7826511139bdc2b0ad7666a6340d8a5ffd

SHA512
491a015b3fff7073d5dcd80dd3d5242c0f01b6d3d0c1e574f8db9f93396ebcbeb6c46d73aae8614d898744656b9a01c7d00532a5f732e3c20fd63cf1b036fbe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
d768e898e2fbd9ffe952d72923f60b64

SHA1
3fc6d11a08213836b54c252cfce95494bf185556

SHA256
6b4795ddcca8a7a3c9d0f4db0058d0c63229d667faaf5ccb8fa1c41c70e68fcb

SHA512
7058e3bdcf5f3cf9beee0f28149ffd046d248d620c43c86e8fe2d3ca6fc3ce2ea96a460a073d526a5d884a1cc9eae69e18fc708ef0f0428e99ec2e2fc716ff50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
eb50ab5e8b61ba25d2071abaffd6088c

SHA1
c535bfeff34c90010cace75055b5d082749abe68

SHA256
ad12f699a6106b75c0a1506ac3443133b32be4430b947f7ec39bf7c340bfdb5e

SHA512
181e2b6bee34c3a034039c27533c9ea8b6be1e0984947fde1bd1b255fa17c050440b740c4e40b101ed1d0589f2af04cb0cbc353c0a7bc4af2eb5b4ade32b451b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
5b0167bacf9ee45d90b00cd09eee0572

SHA1
48e4154beb7d2217b03a80315c59f3ae68334d34

SHA256
912454ed7fcaa053971d1556c548a42ef9398eeae5cceac848d00d1b687365ca

SHA512
027c9c80b8e45bf1f951305ec9de4a30dcdef619314c2c394e8e5d0792fc96c741e03c97cffc28c71824d8c900ec9c8d11379d8f9fa00e1c972849e91b166b8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
67KB

MD5
ed124bdf39bbd5902bd2529a0a4114ea

SHA1
b7dd9d364099ccd4e09fd45f4180d38df6590524

SHA256
48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44

SHA512
c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
41KB

MD5
f3d0a156d6ecb39d1805d60a28c8501d

SHA1
d26dd641e0b9d7c52b19bc9e89b53b291fb1915c

SHA256
e8be4436fcedf9737ea35d21ec0dcc36c30a1f41e02b3d40aa0bfa2be223a4a3

SHA512
076acfd19e4a43538f347ab460aa0b340a2b60d33f8be5f9b0ef939ef4e9f365277c4ff886d62b7edb20a299aacf50976321f9f90baba8ccd97bc5ac24a580bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
37KB

MD5
00835eaf8e8f5ce1d5caa3ccedf12bbb

SHA1
522808cbdda5a5a1c0f774bf0b2b6793c951cc52

SHA256
2665051c30482bee9fb3b1bf1cedd1498b3f28ca81ab7b181838552a884510cc

SHA512
4f4d0661c685939182c53ea410b9c622a5fe910841b6222f43303ff10df95212da49d643ac619fddd08642890dab2800a5e39958020ab82509bbff1ad63147ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

Filesize
37KB

MD5
e35339c6c7ecfb6f905814a86caa7882

SHA1
2380f4be31da11f9730b20b1b209afdb42bf7f24

SHA256
3f2b391ce2229a0fd88b58ecd0e56b1113fbf27271411a28016394eac9df4984

SHA512
3cf03b85d72d40aa516d1be4315684f932437cc93fb332695fe069cd590b43c5e96c6b10208ec566c9db7875246f452b259e17ab567a4075ff484748070b8375

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d

Filesize
21KB

MD5
94a66764d0bd4c1d12019dcd9b7d2385

SHA1
922ba4ccf5e626923c1821d2df022a11a12183aa

SHA256
341c78787e5c199fa3d7c423854c597fd51a0fc495b9fd8fed010e15c0442548

SHA512
f27ba03356072970452307d81632c906e4b62c56c76b56dfe5c7f0ea898ac1af6be50f91c29f394a2644040929548d186e0fbcea0106e80d9a6a74035f533412

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
23KB

MD5
bc715e42e60059c3ea36cd32bfb6ebc9

SHA1
b8961b23c29b9769100116ba0da44f13a24a3dd4

SHA256
110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745

SHA512
5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e63f4a109cb3091ab782445ab2533114

SHA1
9d4af37b0eec359eda4e1934b49d7959f5a98561

SHA256
edaad4e588caf4a0f8c0261b9e466ab8cc88a1afb9411ac6123c89d20b0e0890

SHA512
da884ea4995bb68d048be105f715fd7e8d0a9e89e2a329519ec630f94a81138e028050f4b834b68ab7e0a01e06e7cc68c88f555c55aebc213e93435c8c1d3edc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
10c794ea93ff6e22a5a44e9493ad82c9

SHA1
ce3f2dd6840d444c3e2620aa1511b6243d0f8bfa

SHA256
1a5c0fa4db100f5f76e1ea877cc203033d9b6ead76b894940dc27769cc6e0edb

SHA512
113dc27e1ba4f6f2f2bf1a48d150c8736103d46e7988a586ef47021587fe0c87e57d4c1b472eed1b08980d3c1607abadd317f4a0d92d27d8de16cd496249f100

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
4101b6b3c35bba52cd28b0276871f9e0

SHA1
052aa75044a69871ee835418caa0886c4d572c7b

SHA256
11184cfeb9450d0887141abc67bcf66a870c0a2af243345cf2b107bf04a2c137

SHA512
36a7a5a76f91d42c982c7a2833b7b9c6da829d10874112935ca7b201f04c6301cea61837cae190b4c87c587d1c2826cd706fe02199a427522b6c09dfff8f7840

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
528a8fd055f5819cf720437d23c8319b

SHA1
f9c46c418a1271557b93382f392fa5ecd4536533

SHA256
05695970889a6fd2eae8757be2e559304c4b99e7b461599bff1ab5b6ce8500d1

SHA512
ae9636c163b13975b8c341105388d4727ae93d5b6b699de99f0cbc4f3ae0955a9f6847a32969f69b7737da59ed674dcebc4d005039b4f59d9a72cd7e90629850

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
da5999d3b84b2a1286999a2e1c318bd9

SHA1
f3ba1f0fa5ad994a1d98a2cba1bbe2f0591d5037

SHA256
40ab842f017ebb1260fec470df23c8f4a597abb24312a304992c49c8f4792ae0

SHA512
9a7bd6b664884177ad53def8c5a9f51220b8d2ff5da9e70e9ae1132bbad4011a8594faee4e6631cda5694c409d4336544cb2a2ff28e76748dda6e16f3f3f9a98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
a0c6c4fc6e758a5d3fcafd2eabb15d57

SHA1
51f4c9c7159f53e7f2e5e1678e6a9329d3fa35be

SHA256
d274523257965fa73f6a30bd1cc35060713c5aad77f215abca9973e6db2d84c6

SHA512
d26d8c1f889202851529aa242638499aa99c39303a2e91b4f21289c1023f64b7c3886dd1c955fe736aae38b75ce2f0148600969eee0455c0e92aa05a9ca70a58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
24KB

MD5
c46c774e78f8ec534bbe971d22da9e50

SHA1
39ebac63a0fde98d5630a93b7a4714c088cfe5e8

SHA256
d25ecf345f4cc0867d1151067e0fc688f41aeb99e6ca851d7eb508d214317e65

SHA512
1023dec51d4a564e178edda341ad15e6fe677ea0770b24d6968e8b52b341dfc9f7ba7b97d5deb6074f604ba9e7795ae6bf46d0cf2ab8e5852901ed6a72191f59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f6efea02500146b251dad8fcf1b951df

SHA1
82ac08816192b18ca0ad1e34c21ab40b47a6a7bd

SHA256
34ed8489a08d27031aa5d640ae483cf0589d66680709ea484d8e0078c7d0f1a9

SHA512
bec7e11f8fba11fd93d941e8494db8f13d1cb1b794d0c09dbf4d6cb82e8dbdd354df7b4c5193fbb8ee550a394e3bb90fb0a13633aeb8accdfd1e2f89d874d5cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
80b61e54b7d212c7e45e5b9393f8a537

SHA1
4f6a9b61047a28310d639b33c88ee1f049326e3e

SHA256
3c607c1f91aa3dd6e1c1c2f6dc29973f60a18acc8c144080d609aaad907b177b

SHA512
c4259aaa9b5b794b72cde197dba21afb40e9096253443d70ccc225f368fc615f2ea2d2f4145524c27f31ef638fc45ae822f0af84c7b3b75df5d146b372f66a85

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
1KB

MD5
4903b2f6ab5307bc55b790af98f879f1

SHA1
1da754bacc49ef8d5aebc5b294a356f0053dddcb

SHA256
88f400c66f83e53564e58177abf167ddf297214336959e94ed049da281a460f1

SHA512
55704991e0916d9a7e9c939f2656fd1dd0e1c5318e3e4b9fd1efe4f28f0beaf21eaca05d28fefe79958b2798e74c87f32100e803ff41aa9c2305e356630fc61b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
4KB

MD5
98952e5e7cac64125b132fea2e9878e5

SHA1
1bdc7bb0d1d77f9818e01a5bf859174459572c40

SHA256
a018e1248d0e98748d5bd7a884bb8e42faddf0c86d9da5331609ea9cd65829b1

SHA512
f7b5c1ab11663cdad82ae279d20952c7d61e3482fc5a2ec3b53e1cf6d3ebf251f70a8cdc9eeee64505fa89950c5ec2e813255b414137bafb3a5c8ed9cab32464

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
bf65ee71cfb01f9e9b56062c3aca0e9e

SHA1
8673791a563b163b892dbc34a6a8e885372a24eb

SHA256
73e7f2fa2aa801ae91233dc0c258036b854dd0b8decf58716184c2b20ae3d612

SHA512
e1a7fda6785624df50b8bbcc79ad7fbce7996b68109dc6db2204bfaedc972586514265bb135a3927a64d15e0cc467754c5911c8deb5b4598c6a7c172dda6bd59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
a1676671892bc3b46987b67583552e2a

SHA1
48a298579227990a09f7a5312c606963d30809b9

SHA256
01634367f6fb4ce174693a641f8911467bbe267a64bea1621bf1686f38d4dc30

SHA512
53e28c304435e46473f083096299aae31c058717329e854500989aa9757d5226ab3b708a4788dee540c42763b0b9518c0cf1f0626170850de5cdfd4134f8b4ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
0b1e3bad206a277e8541737d0d1bdf79

SHA1
05728c3fcea67e509fb090426224da42369d6c3d

SHA256
27ad1fcae1b5547eafffd215b04ee9d6164b31aafab1441b41090cb444de0fe7

SHA512
593691999e9e9c1eb58ea205264a0cd1070c8a1e44990acf70c9ef81cec4a957b628561e00736f5c7c63ed0ab7ee4a2e0f3e4481c032ef4a60c04ad7210b42a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f4b2d548109fc2673956ac942a0614b2

SHA1
c6555d6aa98b02b94972163f3d8d7bb7c29460cf

SHA256
ad57107a41eb410197f13bcac5d80878a9ea8dcca71781e13c9410ea18b5fac5

SHA512
346b326094c3686ce62be434738524b4351a14917cbd46cbf3241a918162f664794412cae48f23fa275437ff7b866414b27badfffcf9b54eaed3c45ee3013b91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
40cb0cb35b77e17ff6ab428b7f621f07

SHA1
a4f7fdb03c6324842d3aa7a2033b29e7a36553fe

SHA256
cd468502bd2d9b6154f4685a2c215c9b65109115f0b5a37f6017fdccc4de7b44

SHA512
ef07c3680ec154dc3c6f715178dab5d2f3240b2958e04a1672ead37564943475c4f6c0a8973570a7ebe912994e61c52577b19072b3f9a0397995f8b8a19325ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
52596cbda72488a3aab1035e224a60dd

SHA1
74c0bf9fcc0222db6a1ff988f33f7aaec8171ba4

SHA256
57a4f0fc2308778de5f4b27bf667191e68340a8223caaeba320e2d9cf264a79a

SHA512
8cfbbba74b71150f99e50f427dde9be5b4d362bce647d71431dee54cca18b423daebb007c210d6a6a0f2a8f627163f5878fa0ecbe239947d91792ab3d6ec5bde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
4e72c2b4027492b35467f23e90f9c52e

SHA1
091d70771808329accf06ed477c48bec9f77ebf8

SHA256
991e3753c7d6f50ae1f3ada3f1ff8c3f2f89fdbf72dcc90cc199b8ed2796deaa

SHA512
5e0a03c46a87130938da493662a1b90264c3f93c29af9dc1301d72e0634a8e5ff20c3d3bac92f3f9878911503c554a8ad134afd447e34915e4cb37e9dc9be90f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
70a515f9c01be5b7d5c257f03e7089a3

SHA1
7bb6796c484f3cc636de6d924380decd21849e9b

SHA256
d11cbda67fdedfea9453087e4a3cbb8f48b933fbce08060925e4013f95f71bbb

SHA512
c7d78d442a497049d8e4d75599202837b11378483be8f46d139e01219c4cc8104fbe79b6ef02de027e7d8e7b7ad91f9e0c7a3f51f5561627b67b3d752c1a2840

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
f0f52989cb3058dc4559b9812d893492

SHA1
693030b0acb9bcce9b5e3f7cc0f8a7f2a4c3fdc9

SHA256
78edbb3f26ad24b79dff1d5e394812a06e3bc3c7c1cae9c8264d0679e9785d2a

SHA512
9953136a104caa8cb38837f20bb89c0c40da4c532dc4be299bcb9c3c527f55dd8a09232ff8eae592f1cdef919eeefd04a3fe3ddb72175f1ae00a74b317157d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
a2d2a70ec55aba55e4742308da5e6090

SHA1
503b7a1e17996645b57dabead943729da3afb951

SHA256
1c3fd9fa21fd2e91f9a3907767b4ea7141ef3a0e97c22602d4af37f1f67d435a

SHA512
b9434ba6921679dbedccbbc68b60b12461320b35199fc1056dda7aa92afa2b415f3a184e3c7267a1b3ae2a803c8dbdcddef8686fe7eb2381bd12670a6737f5b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
73239a000641734daae1f83f94e8d73e

SHA1
7dd8c930b1f375267b77fd78e01117de93465f12

SHA256
ee5c21660fa779a6b5b00f0e658cfb71df6e3cf2094b116cbdc005b0cf824d06

SHA512
036a1f9315c10168448932ce97d508fe1fa112cbd0c16c2998612991f3d81615899151ff208aa6c9009ba71639cf3fd51806c0da7b38d3fbb7ac9830f9de550b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
aaee1b1694eb4bcbcdcfcffd3e912ad8

SHA1
e94b7a8319587ad91bca8bd1fbe96e91064a6408

SHA256
d6b0e087bbb51d5dcbb55281c046b443e3d166f42a55deace0150ae9448edf23

SHA512
cc68c9d76cd62e0db6bdd50eaeaeb9767538ee00bf548e0b3a8710d0bed6f0549c0c9fa086572f176498cab105853bb03c0541ceb8016efd5549bcddeb8f0945

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
804d52df97e1714bc856cfc071067536

SHA1
55a7e912e581fd7a9c74aeb401eefde395f8b6d1

SHA256
e2a9e603c247334718d75b8eefc1e3bf76a83013688a6e27a2c1afea3718ee37

SHA512
32a0a5bfa66aff33b597314742bbab6c562a45d53accb324889ff16e75c6c074057eb29254bb7f31be1c37404342f0794d350d22b8ea3e853d187c9cd11767af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
37ebe0b1122a0ff0458075ca0eb1f2b9

SHA1
6bef89940c32e54d101249474c7647a2b9da8614

SHA256
d31a2e43dde84d61673526dcc605b91c27f72c3f914bc55188430c98adfb62e7

SHA512
71614ddb035ba7e653b32c5a8f5dd21a12b4c03ece63dca4a830167fcc714132c47091120d960827f369ce4b02c03bbacd197054c3bcce9eea1310e509f4bfc8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

Filesize
33B

MD5
2b432fef211c69c745aca86de4f8e4ab

SHA1
4b92da8d4c0188cf2409500adcd2200444a82fcc

SHA256
42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de

SHA512
948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL

Filesize
36KB

MD5
cc6a0ec0389b83a5e1b56361e2feae5d

SHA1
62e5622b80bb7c3d984e0a34c72590e3e11611eb

SHA256
85f22cd7f10d51a613732204b9423e06178a53dff61875be830305d67b105a3c

SHA512
92200d52cc324234c4546005a9b6b67d32ec1c8e9ea5634ba88fe389bf57d723723b1fc35490849316c9c59f6c4399ecb8f35224dd766dbc5f21926b36660f78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
357B

MD5
a7edd3ff51c694a7a2031afd7d5a1624

SHA1
a3136461caa230716584393e7421161efcee44b3

SHA256
5b11d2bb74a8b866ad0c55647e4f298ac06a3c5f9cdc1a06452f883dd67f05cc

SHA512
fe1573ed71798052c042e838d13ae8c7c73f06995987a0bb4c6b919f22d8e47ed974343db88b6297041e2133df69845654e1e4497a4888c66a382f45dd0e3c45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
91c0c52536f2686cc3d16383b699b6fa

SHA1
086888b7d8d8936e469b529fcf4724204b35efb4

SHA256
21b4bbc7a99adc29372431d5a99e502fd10bea3fd58b52e8e73d48eaa37c309a

SHA512
ff341b4ce77817dd6bc2e9999aa80247676d5d2cc85b4ec606222e29e36b9c28d6016f8776dc8268f04412790867526ca81e86ff006833db4721624219795980

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13369383575057373

Filesize
76KB

MD5
b0eb8b4fb66ce69c33e29d9fe210d521

SHA1
f4fed78e9f363c5a58984461450ecd39b0fbad58

SHA256
8668ed94abfbd7aca8746d412410508233078cc2adc481861b714e827688c76a

SHA512
d5e7d228a07d633071bc1c338f794933aeefaa753d755fd3b87a9d673d0210b2789b4b0f11434e03f0873f8b6e7fc1922394c3b4a8c950342751021bc63f1128

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13369383575252373

Filesize
25KB

MD5
3ce1a6c873d713fd7a22f0ed8114eb71

SHA1
9d229323cc5c1bb6f28384a21c6e7c5e8fb29f81

SHA256
f31e5ef63a31235cf13eb68ce5a0c077d3af6b885549e79e52387458cbd8e9af

SHA512
e629d6a41332770ad6baddda59d907f20ac895b3685cd5708cea3f35e76990c40da14c03490ade54cd9c95bdc945e10ffc9d2b3c740be25ba739c7356c53d477

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
ccacb45ebf4b40e8781cae16ec1d48bc

SHA1
4295cb9b2f2bbb59e7693ad8e3968b823c57db16

SHA256
e493fd3bc43cf2f87647eaded0150856e973a0b2ac6fa855d36e3241b24ea44a

SHA512
dc9b7f19f6853f53c7fd2fe9babe344a491c73e35710a629c2fa2aa57b7642401d50e534c828400b3e01581c8b4dea19b51038addb21d4c1089914588f9bebe0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
d9cb5ce1dcff078ae52435d38333f3a6

SHA1
e2db6c03c2e07a74925e16ddcad8c9bc2a0fed2c

SHA256
f73cab6382a4786888c99bd7501486827fe594580f066ef9662b155289a307d8

SHA512
61690cb707734dccfc57358466c223d19ec9f026c2f7f08d24a46080f2c9e95f83bb50869db775515313fb48b174be54b1b01c4970794520739ab4affc4e46ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
7851323541768ca2aaea27acaf243e84

SHA1
b0bebb0a19327472964343cf9d34d9578735ebe5

SHA256
b5a457a86525a4a7f6e13e3bc807d31ae680cbee8b65fa7829a5a8438a6b953d

SHA512
4ec2eaf622c112da97fd09187e77cd4d58eab8f61e4d0b6bbb510beeac9353e62b931271ed6701bd1763cab36e7165e1bb8b5e90b6599903bb3dcaa4cf63c23a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
310b9ad54d90733e56668347bdfaa69f

SHA1
1ce4e40d3040258973221784873797de09d96a98

SHA256
af1e42bd8eff00d5957dc3a29a4be36143405980632eab130480fa7a5d89a69e

SHA512
67161727e6f28e53a77025fbe1df0b91e2dfae75b07bb6faacc2dae3d3d9206fb833d91c4c0fa9a92f18fbb2a657b8eeb46ed7c9ca742db45e66863a3f9f7ed0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
bc649ae16dafbd926ee52cd595dd44eb

SHA1
e4a63ef6baacdc97820f25f5fcc08c1e25f476d1

SHA256
07005fedc1b6e2bd917e0f7d4eb604ea6766eefe0b862e5d290960d9c6da7ef7

SHA512
f6e947eec53752385f227431872e694784e84c901790160d254bddd118d00e6da4c3385545400303b38934a37ebf0b165112f631c8d4204122913225148146d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
2638ac57e88301dda59bf7d078129e0d

SHA1
5f69264880da367f735f19e3d5f856404dacdfe3

SHA256
97d25f93830b85dff64c9b455a29ef0ba78c605bf01e68d4569ed36af2a7d280

SHA512
de52323ec0305ab22d3bb22a2de646e335b1cf56dd313f125bf5e938cd99f620df50aa05eb20c978eeaff9bc30d80e792e0fbac239621169b1fac8a7cd2e6a82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
1c7c3f8b920772559b1c397a618e3504

SHA1
71472a1c508b108f0325bcfea5054f2f065da430

SHA256
1bc360a6295cc4cf061d5d9982c295732d4938863e1c433bedc63ca8041e2cca

SHA512
b553ad40d711dea840016b279cad3d09b39ea4f41a417777812700d6c4588597cda0d710709aeb9966ee8835608edbbe9ab3b1c9217ca9c993d0e87d2590941a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0d40b4a7ccf2108e02cbf867eb41d99f

SHA1
97c26274f55c7dde4c88b92ae589da992d34df7a

SHA256
5f8260f6b703ec6893c7065dce82e6161e3708f309b074941d1600de5dafd16e

SHA512
42b8e79d58049e7aca38a412c8c42361f991aa0105b91b9ffb16cf221a2ddef970427f06d50587cb80a05bddf3efc77183edcab212a4b2c1f0ad2b5b7a125a2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
28c455ad21cf2b7e543bca9cef1b6aaf

SHA1
95f1e89ea66430063cd570abbffe00549a6f8c93

SHA256
f8e30845bda5460041371c1038160def097f867018d8f38e4a821fb023047b8a

SHA512
68f61e32b910c4669b87b5c002780f08653f53f6d26d8fc64a9bcb031a91d62d9c90760ea3baad694d1fe1c98d2c1e8b50d80ea8640d4b96f1073351ba03e868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
675d343e27f6e62dc5d43603f1949595

SHA1
6e1f0a89894e4e2ad2a44a59767641b98fd105d8

SHA256
78437ff4b823c013a6fde0bdc96e62c8e930ece6d36794f842f58f3d2e2ef9a5

SHA512
d8ce33b73287ea01e27eb02e27c5382013a8e6b14d321c16b59b9baf34b57f11e25b8e66d14e771ae8f3dcdbeb88d5e88c1e454dd4baba2acbe710c5179c3f03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
3c113a200ecbf8995e7c2ff273e16d04

SHA1
4521277c0723f086358c9171eb90dffc1aa0880f

SHA256
7aeac29fa456f622837955130862ae5d0273286d6257bb08c3ed354f4cd03b90

SHA512
911b07d4b964754bbd3dafc5071270c8f6e3f6ff02b78734fda01919c5e94ec49279a05b9686179acf012740f53b436a05f5b90313b5481591a7f1eaf3ab711e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
fbe96e82c3cdad4a0f20a908344cbbde

SHA1
4f5f179818719d3113c687b54f9789c3cdaefd89

SHA256
759886682a23e6bd12c7f7ba7a2c5ad82d928913648123258611d6a9b8dc12e6

SHA512
10d0255fca1b67b297b4fd19571976ccc88a2a1c73e3d403f6f60cc502d2ef21f5181e6ee332850aabd86da43e8317cb6ee3e779e1eb932537082729194f11d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
a8aa7acafc6e7a959c5c560242be96d5

SHA1
254ec327df542e8cced3902f418507db495fe2d3

SHA256
8caed299a2acec66c053d464bf039124199dfc7e0ee9e6e032dff3a3a8b10c13

SHA512
779d07e29da01cb1fe7c7e5b613d529b4192d636c550504ce28467966fc350e6b1e018c59a894fea1b3f55d362c4ae522bc386ef7cb6d12c2fa31d0b88c1dc72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
bc7a04b4ea39bfecab274d9f19e79836

SHA1
9e3e48847d4796d804e063b844fa61d208bc849c

SHA256
a37e48143efadf46fcef5d1819739e7ab795fb3a16ffddef7c03dac0d773d130

SHA512
4a0ad0c7c4c1978409ae8bef4f4df1cdf94b26f5aa2cc07dc06291c5a456b7c5d2135b657ecfc1ec96f9ebb9f0db11c4cc2074ff4253e3f565e86307b003d235

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
471fedef878cf1294c153356fc826664

SHA1
032cc52a86048483f87d59f43a289353ae2f2511

SHA256
5724334f306c16e62ad6d7def7f0823fd5157d8c98bd6dd0bb2764a4a9682f8b

SHA512
48ce851ff9bf1609e56d6f2f62defe880469778acd3e999c714448f15d825b99a731ba5ee3d272001fcdfe44578f7180eff05ff269f06326103c6691e460397c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
89a2d01a0014ee0f8420a5aacba4f4dc

SHA1
d8c8b3b3253d286b74890a6d3494838a3ceeb6ff

SHA256
539bbc7180a06d2157859d3e6254106a2bfa8d804bd3ebe814d3ea24a2155278

SHA512
79e83a5933beb6bd46d05bfd27a32990700fcad146e8a71a6e31cdcf683b8116f9c28f81ddc265f9577cfcd1a71777f3f10d843cd7cbbc2f2a99e04ceacd9b74

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
d2b29b5cc9e2cd4867257b08cd6f4514

SHA1
0c5825f882dc93d72b4b9678edddd47a11c4bf3d

SHA256
48c5e9ca92eb199dcb297831d865352badc86ea4f8f46d6bc0848159332fe1bc

SHA512
fcc55843c389590c574eb6fe4ffe735b35820e0a4c9857915194bca67eae70007e699b1c3c615e2518f2147e6759d29a24ec22cfe64fc2b1e880fea67a899830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
beca0a02befb96ac9445b5d29ed4519d

SHA1
cb0002cb584062e336a4d16328a8e3faccb53b17

SHA256
03722add0d5e79efadc96b697cf94d57c591bd68536ef6acded181c3b1bbf937

SHA512
c6f01fb48b4e1127bf56ff1778d2d97064c62787e881f47e3a55ca99fc250a3313f21bb953af768f26bdd5fa10c6d89d760337d43ac89226d7392f0565785560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
2a27b6dc47a04aea71cf4c3c8a068d44

SHA1
80b71b4b2fe2ca821911ec7ae0c2a51eb15a6d6a

SHA256
17176632704e6afb58e9f8eab714c072cc4a86d8ca194968f64e19abe41bfe73

SHA512
218a15dde9d068dbcb595167af2c93382609cc706cdb05c87244beef5e4507be3ddfb17699a73d58599dae9ff6e4e64392aa7656c02f5ee2a7c56538d77be570

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
1da7d4f2b4ee25c07b4413985d642cea

SHA1
2f9402df915ffd4e28e8a32004e5ae1424343805

SHA256
402eced1acbc38b681e5c4448e5ccf67da7bfdd938bc49a38d15df0db3e7c197

SHA512
dfad2ac5275c36dad68a34c24dad98f1ff60b694c9b70366a8adce32dccaba45d21c5db718719a44368801aef6b0152fa3ac50bf4a790cd0cca8b3d54ca8d4cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cb627e36-3e35-4923-b367-782057416c63.tmp

Filesize
9KB

MD5
a93fa776255c71c2a2cb898bf3d07eb9

SHA1
2414154f722d35e52590c73560d43ab04154fec0

SHA256
35d583fefe0872ea0b8c6de60a792b75f9c0c790ee215ea3b6a160e505a6c4ba

SHA512
036b306124c43878959603e0fbd4230f214b758e04c45440c096d6dac222942c42019a824587dbbe2c818af81f91d38aadd7658c5c208e850260fa137d4cc958

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG

Filesize
198B

MD5
d1b6487c0a82784d045f7ffc62ecbd20

SHA1
bcf6fccac551c6930df31ca93207908bb9475c90

SHA256
5531a8b6ec115afaba4f0c2f05c249fd5af94dfede841770183fb4e55b3c7002

SHA512
956ede9e5a00f154633bc3e292eacd109f6fe75b1f5ffc4ea27e8efaeb449fbfe00fd2d7e8589bf07efecc7549522273021114006c5b62a143c5a93ffdd1004f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

Filesize
16KB

MD5
9a8e0fb6cf4941534771c38bb54a76be

SHA1
92d45ac2cc921f6733e68b454dc171426ec43c1c

SHA256
9ee9211a57c3f6fa211fe0323fa8cd521e7cbffcd8ff0896645a45795dc472be

SHA512
12ed22537dcc79d53f6c7d39e92a38f8fea076d793198928f5b7a5dd1234d50a3c0b4815632f3fadf8bc4ef0499773d22bd83f961d2d0ffd8afacf471bd3a5ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
60KB

MD5
fc3e510126ca0fba2a503dd43aed0b9d

SHA1
a89b0f012565145291ec437aaab7bddb5624a616

SHA256
c1968179eb313734a1389f8f9c35a077b594814f414016326582a3d8977bd5c4

SHA512
7f505f4883a9dd58125c1635b8b4d10b97e24913a0a4ccb1f0140713ac6ffa7d44bab50f35b7d50002d7b9e57c9aa7c1c574bea8ec2487f91129fe1b8d939d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\previews_opt_out.db

Filesize
16KB

MD5
d926f072b41774f50da6b28384e0fed1

SHA1
237dfa5fa72af61f8c38a1e46618a4de59bd6f10

SHA256
4f7b0e525d4bfc53d5df49589e25a0bccf2fcf6a1a0ca3f94d3285bb9cf0a249

SHA512
a140df6ec0d3099ef374e8f3ece09bf91bc896ac4a1d251799a521543fe9bdea796ba09fa47932bd54fa939118495078f9258557b32c31d3d4011b0666a4723f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
19B

MD5
0407b455f23e3655661ba46a574cfca4

SHA1
855cb7cc8eac30458b4207614d046cb09ee3a591

SHA256
ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7

SHA512
3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
322B

MD5
ce423317da26fe86291959ffe305b382

SHA1
84c9e57a4999238fff353ff3cba066e6aed03139

SHA256
c18a12f9681a5dcd5e0ade4df773bbfffca2d9d4f21e4392c00bc2f89f847a42

SHA512
e8c493b5b15b2ad445c6f6789797d2eb2ca0108a65194a3031ed33d53d48a30da40a64da7dd01359628173c715ab0cd22d8e5254aaa428a2ebaa865ba3040932

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
318B

MD5
976c229ff58bde64e028e08ecdb518d5

SHA1
6da4b3d9c776f65cd76cac08145dd733a0b98399

SHA256
a9065113a31a540d2b28bbc4d11660f5bdc9637dda947d8d3a9858feaaeead7a

SHA512
354dccc7679f49f8ba2b53c764313c07fd30a4767027717385f3c8a20935ea45f1207548aabde07631b2f90ae06152dd621f48368fcb6346a5629b5b855b8c4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
340B

MD5
02494d5cb2fb7d1b9d2336e463742b2e

SHA1
e3d5009c55de6ff442e9fd09980fdb0c2b0e5ff4

SHA256
71b2f16fb23603d61c472bd213137e34a49e66e407e37a8c7a1b85f14ef8e4ee

SHA512
04e2fbd0328116394ee17558bfb844818222fdab9e45e96dc7fa47d0b8cc2328122d633fa2087b43297745557cd4d404506576d536f4ffca23381fe1620fc8a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
00771cea8ed8ce1f1021a9b6d90220cb

SHA1
d44dc8d207268848a680f9db4c12a5740a1a38b4

SHA256
a572c4deffb42f5820cd80bcebb807231ebc4a30fcffae79b20bd6c50d3cfcea

SHA512
3a1fd05631b9fccadcfe4eb6a79f08795517dd75c5b59c6ba2f2e32ee36ae9a2cca932c20f9173a3dc303083c6851669bace3273541fe487f99960165aa862c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
0046fbc41ce1321a124edb5c1723cc68

SHA1
f4f9cd38c2abd95e51e149873c29d7c11b7d4922

SHA256
b5b15560568bf3ebb210e78ab33d456a9ed52a99d0f8ed266177912e12b03764

SHA512
3cc13cee790098f74194f4531f426b645e667e3b01d36c90eb058dc325dfa520c8f8f2dc3b04158211ab8372805cb10a34313127ce58bce523fc79718a92c2e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
2c9c2c4d4cbb4dfc73e8d184c24d3f6b

SHA1
3819d6d09d87e4547b2e48285b33222fa7e8f463

SHA256
ec02879b76e14bd035fa47ac3773f0f613e31645eb1033a01564981d799dcbc9

SHA512
2411214b6da4d5559277f0c8e21024b24015e3d004f70d40b024485da1635b61c58f520fb7db78ecd40c05ed991dad5fbb11b6bd58e1227d2597f9d177e450bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
20KB

MD5
7e86d5c1bf2ff36b15bfbd8fcf748b16

SHA1
59a1515ddff8caec85c4f27ffb17b69a42ec6226

SHA256
82f03e141e82546b261c1a24cd9ae3cfd4b19a7b4f343a296428deeda88cf856

SHA512
943fdf966d2ca4bfb35e01431e7bae1611e86d4bbf9c27524ba4502a9a93b8c0bb39e7760a8ee76993c4099da1ff49febe0b48468f134d4121f22a0ffb41bf2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
20KB

MD5
2a029687e73114ebcb4fad10c0114e8a

SHA1
f09cbbed46b9f8c731568bdcee13024e89bda397

SHA256
fe6e92a5b020858bbdd8089533c6f22703bc5927e22f689c384164096705b11b

SHA512
211dc45e2bb5739bcf863c44ca8132f92e895b3c95d074929aa4338698d53c6ccb3a8e2f23180260d9226073f4f5cd21a200010a7a224de7c8ac2e1cc853730d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

Filesize
17KB

MD5
c163efe909c3e529ef27177fd126f9d1

SHA1
248d4c24fb1fb7f8d6f37629cb04b8175ac2e8bc

SHA256
f816041d56546ab402df3210ba540f9c3e645a2ee7b4fd4608a6da48749b6489

SHA512
4613a2bfee55f12b8ef67a01a45f164ecd40ece1c3e41f419b490d8ab5e112a66257806585e1c024b421677e6453e07ebc6c68faba5ff7cd1efda99afc55a1c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b2f756fdd7c4818e94f92f216003e5d2

SHA1
5bfe80876c9f4ca974a745abbd62713232dac98b

SHA256
d7ee8be13240911546e364a428b0df6d40f449bee3d86dd4c2c157ec7566d929

SHA512
6625612796da8ad2fbcdf6d060513b1be707f6e87f6e9955023e7ff789b3bb9d10842c971b14bb48d5ab33525da9080f5c6a671d3fae51c2c5d7c63c961ff2bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
25c5030167302c57c7a2f0fe1519464a

SHA1
b918a0c7b70fc732263f6c550b171b03f490758e

SHA256
76752f5a8fa27a08bf0b14b9b2e94311f127355b5804d7fd47e94be50e45c7b2

SHA512
7e83de65ccd6c2537da27abdcde5237d97cd39a51eff24a7e8683787d9decb0b53e3bce21553fcbcf36eb722dcf6e6b6ab608d0c74e04fc0f13fa78d45bf4253

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
189ac7f2e9fcc6b0cd56fa6af2df7086

SHA1
6bfd893f996a448ea3631986fa48be376bf6f85a

SHA256
aab21a402a51bb31f6ff97c1748882236ab31c80b27ff9ad45c97253ee8fef44

SHA512
218aeed176741ce44cc2c2354f5e7a3e7b9e700a237c46d6b8f58717763dc61d503e94d1d628638d2493c60abdaadaf3436e51a1ab63674a1001e95f0817570c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

Filesize
4B

MD5
2e84a4d9d2a34c8ecb84d262c3ed2c75

SHA1
b29fc18b52a900ccd1e2c23650902c6a88d7ff25

SHA256
8b3e06b839de1620f9b0d5cd8a7950e45b8fdb2dbc9d877818691ce5bb6edbb7

SHA512
f6909d82ed581630630d8d47b06a66a8119360bc98eec37df989466a528b34a9250380bcdc7795d20d09b0dcc5bbc315a8e2514e49bb093d26511b4c766ee9dd

Download Submit