hxxps://web[.]telegram[.]org/k/#-4059379638

Analysis

max time kernel
145s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/09/2024, 15:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://web.telegram.org/k/#-4059379638

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1232	msedge.exe
1232	msedge.exe
4404	msedge.exe
4404	msedge.exe
3208	identity_helper.exe
3208	identity_helper.exe
852	msedge.exe
852	msedge.exe
852	msedge.exe
852	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe
4404	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4404 wrote to memory of 4632	4404	msedge.exe	83
PID 4404 wrote to memory of 4632	4404	msedge.exe	83
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 4600	4404	msedge.exe	84
PID 4404 wrote to memory of 1232	4404	msedge.exe	85
PID 4404 wrote to memory of 1232	4404	msedge.exe	85
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86
PID 4404 wrote to memory of 4492	4404	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://web.telegram.org/k/#-4059379638
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe54e446f8,0x7ffe54e44708,0x7ffe54e44718
  2⤵
  PID:4632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2400 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,15502384895029620094,5594809270004758028,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5656 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:852

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5072

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecf7ca53c80b5245e35839009d12f866

SHA1
a7af77cf31d410708ebd35a232a80bddfb0615bb

SHA256
882a513b71b26210ff251769b82b2c5d59a932f96d9ce606ca2fab6530a13687

SHA512
706722bd22ce27d854036b1b16e6a3cdb36284b66edc76238a79c2e11cee7d1307b121c898ad832eb1af73e4f08d991d64dc0bff529896ffb4ebe9b3dc381696

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dd2754d1bea40445984d65abee82b21

SHA1
4b6a5658bae9a784a370a115fbb4a12e92bd3390

SHA256
183b8e82a0deaa83d04736553671cedb738adc909f483b3c5f822a0e6be7477d

SHA512
92d44ee372ad33f892b921efa6cabc78e91025e89f05a22830763217826fa98d51d55711f85c8970ac58abf9adc6c85cc40878032cd6d2589ab226cd099f99e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
200KB

MD5
66497eee41ef9e885d09d4dfd612486a

SHA1
d68bbafa7bc907b393941cc881b06814fae93f78

SHA256
2bc129dc479c4ad82e770d40ba2fbec7754c2a1e749d80ee073d1d7996ae5191

SHA512
bc51c55fdd935397736ce9360a5e643021eb966ec16c08e2040a30319c166f6b366e6532cdcb6819d2617c4ca2444e9706b1ecf56aa32eed2a4c5e457834d86d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
18ba3612048f81f0a6c8b1d77f875347

SHA1
a12c69e0b350c2b5a542d0c9f3731e4ac66d6c48

SHA256
c244b9f2134cbf00ecffaf41e037ac0eeedc66e986264eb06c9978530498996c

SHA512
115b52cac4dcec89c222bc887ef809df7bc627ba48a37023d8b45894b7f3cba4d61db148c9c41de08279539c065f62c95391a9c76a6947c5ebff49142679a311

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
315B

MD5
eeeecb51b347ddf81b6a3fac0c38773c

SHA1
ae491291f18693ed1bf2a73ada96850961770e39

SHA256
15386e2d6dc390cd9c78afbd01a19a14d05aee01b805e2f0c33b69f150731237

SHA512
1457fe078196a703e89974d86ae14ba3a744c3f36b63cae02b345f101d55dd816f49f6e790c70117044ee279069ca34a1363fd1600e7516d6d03320959085545

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c6b062bf4181db995c951679676597c8

SHA1
551e0a8a218ea662a9dd29723124802458c89414

SHA256
e5168b1199cf69bd95c047d201586c6092c21edeb7ec668cac58798937cfc016

SHA512
fb52b884e6e096278ac7b76d3ef5957c6bf3d55d69af4f2a90e9bf386bdd733f219fc51b5d5b8b8d9ccfd89e6eb8f37b4f590d377abc36aa21272e282122e682

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a2c53fcf047a97073de38b85641b178e

SHA1
00f2c006333ab2e14ab31ee2c925dfce398d889d

SHA256
042555d7d8e0283bda82b53969f00f633881778dbb2b8a9fa24606da4d186bb0

SHA512
490981dae3460f6c1033569d727a604c370caa6c481ce412dfdaea44f03a33597cb65a900459f360ebbabd47637f239b53f9ff5112f167b47d03304ce26e2a05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1fcbe9732ca221f4e23e33693842683f

SHA1
4b86dc4a79578bc40095c9a2d2979abe4c3a2449

SHA256
dc84182127fcba5e3c771bff52227d4ee2a7e463445ce32da98f455719b7eba8

SHA512
6dccd667a624ede96daaf0f1a28945b37f40c4eb3820e1d530b122deedaaeb0020b9f32d613260e2b7b55f8d584a0100a08d7358da891f7aa92f9247fdf4d336

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\bb7d0949-05b9-4054-89f3-d2c92cf7a6c6\a689360cec7c5af0_0

Filesize
1KB

MD5
ba3bb295990d579e0ca0b656d79c3c7b

SHA1
00277e9a560cea8009de58f9e8247006cf13cfdf

SHA256
9194ec1fadd2c016fa051ccfef67b9b5111749feb5f4993b8478f993cee73e22

SHA512
a46a87fe30f32c9d2b793cb4b18ebdc9595f6e42c59402514bb615a3afbe348f93e57d6deef574aa3e53497ef42bd99ab301b23453e5c7e94b9f510a350bca7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\bb7d0949-05b9-4054-89f3-d2c92cf7a6c6\index-dir\the-real-index

Filesize
168B

MD5
d8263d7729e688e94918f4cb133bd7b5

SHA1
3fd29a83eee18e6a9eb67beb4145b5d3c97c9a91

SHA256
79543456bac53b0d355148b8e59c157e7742f49e6d42436a813cdccdb2df4b04

SHA512
86b85e6b72d0a03f26710c6305c3da7cd34e81e10a24428ac45c8b0e42b1614a14731ef3a0739a62371a3beaadda78ff494018accf79199d43795c71a2e9c9b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\bb7d0949-05b9-4054-89f3-d2c92cf7a6c6\index-dir\the-real-index~RFe57fe46.TMP

Filesize
48B

MD5
f8e73c49f35a1df0f7e3361406305b33

SHA1
e878a6744b4195c659271e018b972e7d443f0232

SHA256
360fd736a34144a43ccd3da49c82ccc0a3f31d0b0f346ede8ea938917080864b

SHA512
e210601c0f29ac75247d7686eba5ee71ea5ec3781a91f051b63d96786dda2d0f176d2fb36110cbc0b4d911eecd2b66856282ae2297f8b320383dd010eaed38cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\index.txt

Filesize
159B

MD5
3226b0799f6341f0bc1d35933646b5f9

SHA1
405cdcacb0ff5a2479103de891bdefd3c8a54710

SHA256
ead2d7480121c3e339177d0d60c35515e0eab0c6292dc0721c3d37cc0b477e3b

SHA512
9ee5da45dd4231b3012ce770a9366e27e82d82fbfd6f0e16fd7ef796fb69451f2191d0934cf1e34b628fcd38e9942212000fe0fb6007c7de947ade523b92a450

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\index.txt

Filesize
219B

MD5
995a0c49b26397098837857682de8abd

SHA1
6ac142535670668b95c70fc6ed69a5315a0a68c6

SHA256
9f934265be8bfff8e0c37affff4b5208680e2290bd333387905083ddf8a53e29

SHA512
a90e49fddd2a9ca173ac0ddb9b0ba7fd909f7232c23175ee2267b8ac39e2348f996516c2158e7f8cd13f1fd6362727357e3e780ae7cf15d5a181d89ae6fbedbf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\index.txt

Filesize
214B

MD5
93fbe61663f6219a5d7357bec6a72069

SHA1
7e189304931c853db2e3e6f93c775b14bc24fa15

SHA256
e6d4629105e8a607984f8f70a17a4ec291c6320cc740e61fc9eb34dcd608d6e3

SHA512
57c78f21556a79a71f7c380b8b46eb1d96f72e422bfe545369cf890d5c2d2227b0d08b678e505cf9aaa8420643c997fdc93cb5e2647f26ca99165782e851dfaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ba00623a413aef1be0c65618db85f0b8176e803d\index.txt~RFe57a7f8.TMP

Filesize
100B

MD5
db79fa7731d30eff2b1bb1abb5c6365d

SHA1
14c4e69ad10fd3454f86964b8d9db1360f3e11e2

SHA256
2b2031acad51738bfbd8ce36e36334976b1da804de03165ed6276f6de84812ba

SHA512
3942226f71ee636f3a4694376cfe3bbbcc5a876cff712c61e6f9a317d2be6549fd50c54ac1bc133074b5da7174cb1d732157d46ff14aaaa16e54910f4ec568a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9ba5443c92581a67e50fca1c3908e0a8

SHA1
c5e652de22cffd0cde75ad396e63f5ad525c5096

SHA256
ea41f12887d0fc13bcf71eb74f91fd4b4b89251c6924b521fd723ea3151578de

SHA512
ca10e5acb45422aa4ba1ae6045615e38d4ccb96c6bfb413d2d97af4d62d00e9e535cd3c70c7d5f10860cdc6e58f872c421abb8e758b2c0138a8aeed94f1fd7d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f5aa.TMP

Filesize
48B

MD5
cd085905a32e2d29fee667cade3d159d

SHA1
534466aa5a1bb3f5c3e43c5727ec102e1e9ff56f

SHA256
e10b6218cd2fc0e3a3c38cb5edc45d5801ccedb7f3887b55b76a6160ab98de2d

SHA512
ded6e9773678fcd8e5984399033542e4a110a6b06df708f80889abecfdabfc3b424b98bfdc3522b87643836dd61efa1b16106ca671c56511eef431b7436a892d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
19944eb64f5213e2188ecd7bd75532d8

SHA1
f4a652aca3fff9005924ef15f913de56d70c3a6f

SHA256
dfbe7fdc71df2f1c1b5e9dfa5ef1c66b2a44f29e5e89857296a347061290061a

SHA512
9ac0775fcc01ef959fd6abe19cee2104101869b946afaed516f32d120c7bb5eef4dd7c6333ca149cbd0d6a7f9a7f7d8636a5334e4108a87076bdc5b582dfb45a

Download Submit