hxxps://www[.]wemod[.]com/download

Analysis

max time kernel
749s
max time network
618s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
04/09/2024, 00:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.wemod.com/download

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 5 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wemod.com	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\wemod.com	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "27"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wemod.com\Total = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PivotIndex\HubPane = "3"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1565145065feda01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\Total\ = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wemod.com	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wemod.com\Total = "89"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PivotIndex	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListInPrivateBrowsingAllowed = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{C03E48F9-05FB-4DBF-A20E-5FC483DA76F9} = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = a70f544a65feda01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.wemod.com\ = "89"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DomStorageState	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\wemod.com\Total = "27"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1687926120-3022217735-1146543763-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust	MicrosoftEdge.exe

Suspicious behavior: MapViewOfSection 6 IoCs

pid	Process
820	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 62 IoCs

description	pid	Process
Token: SeDebugPrivilege	1708	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1708	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1708	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1708	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	508	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	508	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	1704	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	1704	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	1704	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	1704	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	1704	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	1704	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe
Token: SeShutdownPrivilege	2552	MicrosoftEdgeCP.exe
Token: SeCreatePagefilePrivilege	2552	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
200	MicrosoftEdge.exe
820	MicrosoftEdgeCP.exe
1708	MicrosoftEdgeCP.exe
820	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 56 IoCs

description	pid	Process	procid_target
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 1704	820	MicrosoftEdgeCP.exe	76
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79
PID 820 wrote to memory of 2552	820	MicrosoftEdgeCP.exe	79

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://www.wemod.com/download"
1⤵
PID:4404

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:200

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:4852

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:820

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1708

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:1704

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:508

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:2552

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:5516

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\OHP8MVFQ\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\js[1].js

Filesize
312KB

MD5
f91a39bb69bf7edae1192454196905fa

SHA1
c3f731b6efed795dd9ec156dc4bed39f9bf27bed

SHA256
d91432839a53f949dd8ced9510e647cebc8786baeddc5c425d79a3be1240914b

SHA512
349cb07c48b040e3edd4d267fa39449097850ec99c652b0b8bf413015dc41cc8d9605580abb86e1995ced547b5241d32acbd13f48dd80ecccfd42782c8da9421

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\thumbnail[1].webp

Filesize
22KB

MD5
674fe0f9f7d0a4d8811ca45ed1d49d3b

SHA1
1b298b25d815fb9da03e2b5f8667a24e97a09a13

SHA256
eb39bcad79b5513d93a262c50c9badefb8baeb2411c9b4ebb69d42dc06022658

SHA512
4443a2eaede2b9c58ea9b22a188a9ced184c74cb956712e29253e395be0d1b912d87e3bd0a8898e998c302f5217ab5b50f9d0236e24ed8426b56367684ac9940

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[2].webp

Filesize
18KB

MD5
b6302c1688b553f46c9a5056302e7278

SHA1
c4e648aa1366f3bb2890e40f70a32566890b81ca

SHA256
f894f82315dc1a4d07862b9fa5667ae44107cd66f8bad9548bef4b8f76a30674

SHA512
7d89ccae12546daa09ad932820cf0c4b2aac46a497455f35a849ad073ccf1d836e7ff090b0db8d9d2ac79ba0298bb321c61c9bcea8e302ef3769ed64f5f6c8e5

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\946705537[1].gif

Filesize
42B

MD5
d89746888da2d9510b64a9f031eaecd5

SHA1
d5fceb6532643d0d84ffe09c40c481ecdf59e15a

SHA256
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

SHA512
d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\R6YUT3H3\www.wemod[1].xml

Filesize
285B

MD5
8a15607471a3ccad3280981d81cc1f57

SHA1
5f6dda76790d51fefa6415c0d0f18e50a80e4414

SHA256
4389d62171080c2584004a89bba5adf386ea2d1a6423351266f37ac01050f463

SHA512
ac670d560e8a213d64d7edef6e29176f52394a19b0aae5bb733306b72dc8952ff61ac6c3babe145bbe331cdce97e5a9ad4ca222e9389b78f0f0110f7538a73ad

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\8I9HQVMK\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\USYYQCUR\favicon-16-0a4b2be4bf[1].png

Filesize
447B

MD5
554f79519014036b16eb5744be8c3949

SHA1
040cccd506752f18496f4c51b794c23fdf518697

SHA256
56c4eb9b3bdf6d7098c3b33641b854a4971bf1ff26ce68d4987788c0774603cf

SHA512
6661bc0091c6db232375e701cccf5f48d6533715a2fbe3108a42c2fd7e7435a3523e7b249ab9d40b1ad34c71ffc307b668ba31e00b8708adb4e46f321cbf9f2f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\Inter-Bold-1217aaefdb[1].woff2

Filesize
103KB

MD5
1217aaefdb5b537c20e131c4874ffc36

SHA1
2fd4e214797fc7033402daa7f7e99d8231c10c73

SHA256
a7ca1e762fafb354a5eb894c613b964f135a23fffec363e43386f07dc457ed5e

SHA512
8048935499685832ab658651ac74b6853ceb171f1bae7b78418afc4c3d479381060d0051f43532b87db43a713e47419bd81db6cdc2367bb24289b39486018699

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\Inter-ExtraLight-7d759358c1[1].woff

Filesize
137KB

MD5
7d759358c1372fa6acae4cb22f93defa

SHA1
de4313dfa90b143522a234dc2fb0374f82b5b836

SHA256
07f5b5f734793f48613d8da246f4db2b564bfa7149f62526326be9cb8bb94841

SHA512
c8d3a8283caeb94abee32ff3bf07825c11751ec21381e40ac16ab281dc3608b3f6650cf5b6fc1f0329b9e1186efa4c90404d2efb7c43f03cff2625a05243a737

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\Inter-Medium-46d7404e4a[1].woff2

Filesize
103KB

MD5
46d7404e4a2eb3cd2ff9bc83023e259c

SHA1
0ea29babd36e7825170939638ea235fc6fddd96f

SHA256
cae7b340613b2a060e0e200528f7e962baa13a44d868036cb2ea02fd7034e6d6

SHA512
146eb55ed22f659cdde7490703f046e2bb6c568a03cc13e123a7890cb296afffabc29f9c660de3a6297529792ce5094af55495875834fb003b2982ef7eee6418

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\Inter-Regular-8070997696[1].woff2

Filesize
96KB

MD5
8070997696b1c91905fecba458f96640

SHA1
7b52ac6f38f16ef83edf01d3bd1c90ee2b29e357

SHA256
3787e2f283651744e0b93d1fefb5936c7af26db8014c0def6651d050c56dd47e

SHA512
82e807240e912803e4466efc2a595f6f8b8adc346312be4c1ea99641d4e3d7b54f4eaf69036de0ac173b0c1591f448ca7dbb0885bed3b90437acf84799f253d7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\Inter-SemiBold-a553f44ac2[1].woff2

Filesize
103KB

MD5
a553f44ac2c2f8ffdb1290d33b7c2425

SHA1
79fd2e20f8798683ec9af33159f72d793f5b20b3

SHA256
77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414

SHA512
a70b85ca748168837e278941621ef29be669679c706ab10ee0f7e04408274b496df36c9bfa12dfd25b4e9000b1eedea6691d602b94a27732cb421395baf2e84c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\br-3d8f40191e[1].svg

Filesize
8KB

MD5
3d8f40191eb49d039cfb28b9f892b9af

SHA1
6105c382231c7ff1eb1cced06ededb79f4b821f4

SHA256
822588a9b5481dd7846c6986e714b7a3e94f0fa8b4bef7f1b0f962222b9e5164

SHA512
bbd16ace115fcff39bedc84f86da0235a290568d411efeb9d6e8c49c8753b1256fd37d6f94c53920a294e71a0375e364bb7da862110758cc2364696488b50af9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\creator-graphic-mobile-563e9ec351[1].svg

Filesize
6KB

MD5
563e9ec351687ce2144fe73e81295f29

SHA1
e4677b3fb73fa31735fd8e5228370b5fc2f98316

SHA256
7a2856e00ed715dd8040929d9155021dc82d5e0baeedaa24754be69375289a2b

SHA512
64264368fc16c364ac6a4e748cd84eac6a9d5a785bd59deba0b3b3ae582edd482dca5acf02a9cb5403afe7df169d7306d85c283540db93c1789f483c11e13e71

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\creator-wemod-icon-d80df3c177[1].svg

Filesize
1KB

MD5
d80df3c17704c0d189ac97a4484b86b3

SHA1
5f693974db0812dcae8e8d67e7ae1e4fc1dc5d62

SHA256
9383e4915d0cd5cba6d2d5eff0c62ce50046aafa91dc07e2e3bb831402840361

SHA512
f3fbf55108603e9d9c5904839f8a7c7ba20411b36673a4f335c80902b133c516ecc02826a238996fe5cefddb58458650775cb5df09346609f6560f62dbcc8694

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\fbevents[1].js

Filesize
225KB

MD5
03586b206454f04f971bb64ee4b30713

SHA1
31281b6379a9286347fd1199d920193287dbe62b

SHA256
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

SHA512
82a7edd03a5085da01c61d975d0ab67191cdeb72f0ccf14fcb1fd24687b1ad083578f39ab82c699ff28fb7401141c42d1e464a1418f84136137a07cba05d404d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\scroll-down-8d9c7d4e8d[1].svg

Filesize
801B

MD5
8d9c7d4e8de5fcdb58a366567c89b634

SHA1
cdff97cc555f99d32b97efbd1b4652f5af2f8fff

SHA256
ebce43c0b7cc7ab7ff80b920305c3017e9a4e3060cca330e313f2641a9fce712

SHA512
f99b965460e660f255a7364878b68504a43e90278879c61bafd3dec6ca436f5dc0d061d7e6515357e79c1ff34f99c8d851947693e5c4fc0d2416551c2ed4f0b2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1G6WS7EK\tr-df45c7b97f[1].svg

Filesize
580B

MD5
df45c7b97f777182ca3e6a1c3f5556de

SHA1
1d12f09388ad79d72db4243be8b4db271a1a1888

SHA256
bfb2dc9df2c2f8cf4ef32e6b2dc2b364c9631773246a49b8c24b3356d59e412f

SHA512
9d1e9738b42247c3f8cff8e700fbf9978dc3b396e1747d44e8ee8690b34f1ea2203700ac7b981839af7c4d2d20955b34925e337d709055c1dd8da75a8fc3f532

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\app-d27fd2a801[1].js

Filesize
193KB

MD5
d27fd2a8018178f0ead230562fa436cc

SHA1
3d4a3a8eebae85e22feeca9a5eea7607c1802534

SHA256
aff8088e3e2f8f00a9355838fab2c8499c8f5bfa73a3933debd18aa787a0913a

SHA512
2dbd6f56dc60705affd009284499e61da775b4c8c49890f34c8935ede4a25f3e9c95f5068f120fcd24b4afc07ca743113b0be1c71ac4129f608d3751d3c2ff2c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\background-poster-2d0d258a9c[1].webp

Filesize
13KB

MD5
2d0d258a9cddb0c9bee139c0433ad963

SHA1
a98688dbf55e74ae79c6aa8b04cf0a61894f20d2

SHA256
58d5064e50b7f90627e1dfd12b9191e195d036ff056060eb9f95a43fa1fad5fd

SHA512
ab6a19a2860f3399b5599357ac700acfbe3d397a7b789161e4d5045c381e71c2e74b1a71d66fabc89bcc6fe7ae793d22ac1bdee5682bf402bbd1c88e99b92c66

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\de-dfc7bdf141[1].svg

Filesize
224B

MD5
dfc7bdf141be1f87217be3f4a7b08e87

SHA1
77b4647e4b7b4d20870cb87a3085aac0b5189631

SHA256
d01fc7298b1e1be1a8997a8399204532e62178649b3537e44dbd12167e9a474c

SHA512
cdddfcba636539f76f07035d6d74725f1dcf1a78c083b83788df30f90519d40ead5ff02363fc334ae0c5e0edbd2951db2479d1bc99ea59ca25af59f3a338c655

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\desktop-bg-fd5459cda1[1].svg

Filesize
2KB

MD5
fd5459cda12a98665eac5e60df2e46a5

SHA1
a8aaad719a6ea612b9a38adcb0b7f392278d7edf

SHA256
766f272fbf29958844efb8e08b20f0e7d33d9c46f2889cbcfb602438b829b1bf

SHA512
e7792e752e21eaceff91ced2846a327bc862f1fc77e1e6b2e876bbad98a2256f3ec2e2f38935fc932aeffcb98807804893eb7b70f9706e49162f08fb280a9263

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\es-ea4d6145a6[1].svg

Filesize
89KB

MD5
ea4d6145a6e95bdfeb3f8df6a02b4275

SHA1
30fab10bd5eb77d2b3b69d4b0c01d18bbbbc7908

SHA256
0b6bf4f9d4e0769ea96b2a36ddbfb50ea5baf90642e40c8d655dd05813445dea

SHA512
4efed4c56f1c3bb4ec66e1cc419bb3eb6c9d5e5dd1aaaff605b52f5c35ce1b805aed102f7f21c509eb1697ad6c1a77a650268cbbdcb66c80f9c7c6492549b814

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\example-cheats-save-cheats-icons-cce4c595cb[1].svg

Filesize
5KB

MD5
cce4c595cbbd4ee61f0324e4e5a148f0

SHA1
80aacc4befb185cd4262b6c50a6a5960056298d3

SHA256
b6075aecddf94d9fa1d1a658b3a7dca788ffc006ddd1370e7c1dc48ea1765b5b

SHA512
2bf70bf141aee8a1f03f737ef0ccc4d91d505442cdeca4c0f2ca5de7e23efeaa5696dcc58ebe5857105e0619c6c2f6783ed5423522df8b48aaeeb8c9e445761a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\js[2].js

Filesize
269KB

MD5
8d5fc925fb805641c210935147c855b5

SHA1
b581d94879748e5b4a255d031040fc1598ba64e0

SHA256
87212091ded4130360825748c6a188655108926a562456fda45dda973bd5db26

SHA512
b91449bc4859abbc441d86ecd192be5fcf85c3a413b28196a57f07e2ef3034394505ebc368397044b6861b9b4bfc60e314db892c172609d8276f33f16f0dc191

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\slash-f270ed7157[1].svg

Filesize
362B

MD5
f270ed71570f3d766ca0d80d9e51c666

SHA1
357a9a904da667ac01e984216a5f585b35e7edf1

SHA256
e7d9fe77eafe2782def1f495d7501e273fed4f2ff3f0ce7cc285d459e99ee6c5

SHA512
4f116ce110224a2cee5d189b8ecd94eac6a799e0b57c1e2de2f2ded54721c12111f6a4c116968622368a05e979c6123e833b6b1b36cafd9bd3383d41b99cb4c5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\thumbnail[1].webp

Filesize
20KB

MD5
7b94a48a5f4497ff9d5ca769c9584fda

SHA1
cd3c93a9341480f04fb6b008d2afe011d5fbb583

SHA256
3d496e5e4a2582b7c21affb1bc9a6ce779446aa0c49694d280aa5a1c211ca0d6

SHA512
697091f283417574ebfea38f219c1d1b88e2985528a0785604f7f461bf5911e7bddebd0cfc307d7930086f018afbe41787669a33b6862e4b4100eee978f7e86d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\thumbnail[2].webp

Filesize
2KB

MD5
bf23cb9c6f019c14713f2c10d1fcd28b

SHA1
ff5d146d4842c9f40aec136f42b383eb5af7118e

SHA256
26af98fa8b86b7e49e918cd63be455173d710a987f9be2f7ef62cba99558261e

SHA512
faf3f4222fd7f1b92752a4d9c3cfc917d9ed96f16232c562901a69253d5e5ba5797a8fda3f92d4b91a58f690288588bd743fed30a365885936b8db11d0207b6e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\5PGROS7F\thumbnail[3].webp

Filesize
27KB

MD5
852d266f48f3667191ee55a0fa8c5bfc

SHA1
9612b35372c606431f9f978134350b3aa64cf9b5

SHA256
78b87d74027660fbf9875c84ed426e0569209d6782082b118a4eb01f3111872b

SHA512
594d9e6b7f8a51509f0f40a038f93a4aa036a97345143dd3649fa1517a9e4e5734b06c85b4b94ed4ba842a6f78b815f18ea344bc8f0cddfee230662c5320255f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\10046150-10046491[1].js

Filesize
218KB

MD5
8aa73bcc4a4ad363a78dac8714700d37

SHA1
15b5ba79d36c2add890a040cd70a6fcf96869976

SHA256
5039506c63c42d6a106cc1432082f0b27c785ce08421e0b06d117e07db420851

SHA512
25c25f3703d17af8d0db3167f561f37d83f4c86326a85af74e4ed9db912960136cf7cf4391fdf91def5e09a97732e372b14d03fa9d98d7e2f323a046e51eaea3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\Inter-Black-e11ae7208e[1].woff2

Filesize
100KB

MD5
e11ae7208ed88b29513e6f9652113d46

SHA1
e2e70e0e57291aaaac0f9ecbac362a7c4c2cc1b7

SHA256
9af11e9250e89490528ec7ebd34b5b3f9aabb217409251700349924b446d426f

SHA512
476948db3e332a500777bc6ab7aa78e39a4b4d612ae2b3d61c246ca42baff1fdc0d44062794966ffbb73ec0b4757fb4cc7967760e4c815e2eb656ce3d74f25b5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\Inter-ExtraBold-a0c781a9f8[1].woff2

Filesize
103KB

MD5
a0c781a9f8dd2c57ae264a4cd3fef718

SHA1
bd1c933f1aa23d96244b582367c2e045a8d7252c

SHA256
cd43194795f55e3d871219c1a4059746526a815273a0804dbdb06b62ef4a3de5

SHA512
5439ea71b2477bc0b0afc4b6d1c6e962cde1e95416b8c655c7a16c1759c1adc058617fc45924c483637dbbfbf97f4cf7f2eb26a6520f6de3aadd666790d8f890

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\Inter-Light-4e2e86733e[1].woff2

Filesize
101KB

MD5
4e2e86733ef877fed3bfd4a109fdd60c

SHA1
4e7c5c7ac23d7f7a5cbf3437846cc956a950e788

SHA256
1eebd630004644cb30b944cc4ea92e6ffdb932f5c129a03812c5d72696d43a52

SHA512
27e1404ea0580278f7cdfa9440ea3ca2494c8dd4fc4e48cff69a84863d2a21b3beeebfc5f0d8dabd25fd799d936c6b0790dcc346d5a8ba1d98754f5d5aab936b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\Inter-Thin-c51873c62e[1].woff2

Filesize
97KB

MD5
c51873c62e5cf935f028cdf0e24529eb

SHA1
efe6da84f8266b45f369ac2ebb83695838eab700

SHA256
5a94b983f9fd519a36f44b84214c9ad8b468fcb52b92ca06ce728d27c2dba8a0

SHA512
4ca93646264ddc9dff21b8304b8fee1072364e086e94351491e1126b38d93fdf9bda4353a907ba9059c850dcc5e68812b2894f849b557547235458b0a2c9426c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\app-2430755483[1].css

Filesize
315KB

MD5
65149e1d1cf58528688d726f2d51f644

SHA1
7257ce9947c5f3515e46bdd3934a32be9282703e

SHA256
bb374da289db54978175c1b0ab96de98995630f5ef9fecdbaf2f0d97f46e06a3

SHA512
5d8977b1ae77367b7404316784717e0eb730def4a147d182852d93b4b81d79fa8cd5a315a0fa01105786e6be98dc813e963321dc06b096d5f3e9d7dc0cbdb81c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\creator-graphic-desktop-865206b9b1[1].svg

Filesize
77KB

MD5
865206b9b1afd1575d2b55d215527be7

SHA1
0262760249333f2058f60a9642c2ddbc60c97b06

SHA256
c860085cdc808ebaf4eede6752d46fba00f9da43d56b798b0d565c76736be2d5

SHA512
442a0af663d7385233e8753525bcc88da385439341778562d23f7162ec1d875a1375eaa140865227e356525b6ea5a94cb65e05b36d184d2324662bf8c72df617

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\fr-efdbd2a688[1].svg

Filesize
312B

MD5
efdbd2a688f2e3521238ddff38f69e70

SHA1
9a799ce8e51cd28a0827708c324bbc18936e3f17

SHA256
179f926e5f4d65b3ef5ef5c18fede80470010d10ea3e1370bc19f9d7065e9456

SHA512
77115e4be6389ae82b88f93bc27613595380e702fabf3b1d38de319a2dd31251d8beb3ba3ca6e7d7d90dff4dcceb14e8f3f2d2894f9c841f8664e362cb906ceb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\jp-67f291c719[1].svg

Filesize
505B

MD5
67f291c7195ae6071754134d7b34a106

SHA1
07974c13a9b635c3b2a8948c59b6b167664e91f8

SHA256
1595496434353dea9bba780950ffbbaa3415ea748e39b65d3508c71940af29e5

SHA512
d2f4383902d63ab4142afb1ee4fe8c70f7be190b1ed53cbb1fc04e16d984a908cbc0b607db5c2fd46dea480472d6e4728f9b3f5500965cb3ba30991feca12ba7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\pl-33a3321fb7[1].svg

Filesize
241B

MD5
33a3321fb7fcc4b225c3fe18eb6f259c

SHA1
e537441f6321d6005e0914e74308008c47299078

SHA256
e173aa6cf864f93bb22def2fe9020ad91b7717fb929e9ab1fcaa2c3afa951e51

SHA512
976a2e091bc0d7271e2c9518e5da319635d6abf39711088ffef3688ac78885bf4508577cc742634cdb98abfa7454bdb692cc4058a2f5bdbf9908a3ef4eeec9ad

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[1].webp

Filesize
10KB

MD5
a5db21950048872d54b8199e1e329c98

SHA1
01cc8a74f082374aea66c0cbdaf42ab5c0ef17c1

SHA256
34832ff1f5eec088a109204d5a426f9a1c9be783a6487eeee3b6edb93231ad9c

SHA512
ec7932118f0b40e21014deaf4f53c4046e0b9679c19cf7807a53f1aab5940339cd34d7a0d800ea3297922495f6dbdcca1c0ff5dd97c1647d5735ba142d4408f4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[2].webp

Filesize
8KB

MD5
1e54efa3b8a842bc6ee36a2ac347d27f

SHA1
a378b73b750e20c15eac394cf9d766509be79e50

SHA256
ed26dbf0669bf27f0a075653008c0f1ca505212f1e28b5c18b53253ad01cdd24

SHA512
5ba5c6b57c2dd62f15417b28f276ec68f6862d1b1e1a8b96f185f05a90765038c89b49cc7f0af7bd7d18ce002aa6fbb92e733763e14e41a85f206975e8f4af52

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[3].webp

Filesize
26KB

MD5
3da1b32f3cea9aaaf81d07936d882d08

SHA1
22bc8f4c04ddb02422cc0b4c16f38409d1e2243b

SHA256
d37606c01874c0f852fcc6fca374051f6dc9a128b34e57a5de2d31e8691bfaa1

SHA512
9264b1740063c897fa8f0e382e3b41e8ebd188c8d0bac6ce22a7607503d18ee25d48db486715f15ca2bb1ecb05a5edaab2a2546962bab95cf8d12c0a76eb2e55

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[4].webp

Filesize
28KB

MD5
c365edb337b37c99ec9fd0d80a3685e5

SHA1
b3724b14bf787b3a4b2701ea067fba38abe6e01b

SHA256
15a53781bff1b2c8ea0139ee35d311f624d82eb2ae20e130e892c0026c55b868

SHA512
7d82f99307da728dc4ff1d73af2faedf9be2f136105ae9ee508a03d219ea74d26e88d9f13599f5aad9ee528e7287851c5df0cc8fe406855616ad5c4feff473fc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[5].webp

Filesize
25KB

MD5
b31ce6ec62ca017fc345805441bd55b4

SHA1
1bf3df47c4acb052f6b03a498a5eeadf6f5844a7

SHA256
b90b65c29537be9fd1bf6f4d18191acc70208ce9da937f1d7e24a7070e37c553

SHA512
d00e593b5baf71746f01199874624f0fdedf6cd63e3a56a4be9bfdb7f236336a6e2f7e0834c3fc90e5f1501f2013f430915d8f662bdf1dbf3018f6a5cd4212e8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\79SZ112Y\thumbnail[6].webp

Filesize
30KB

MD5
6709c94f3ac5ade4701e9fb65f7a3b18

SHA1
8bda98d3dafa72d27da0eb82c1c9451cc1ed1340

SHA256
065ac04e643bbbff55d29b5527122367afb6980d6969afaa70d0c34463515cbf

SHA512
42891748a1be67a3ff752273d1b7b1596cbdcb7fef60d0751c653299d2e46b729f9a8f742e9574b07485783b463a2ceb3e4bf205a7c6b18aacd45041f9aa98ef

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\background-all-29a095a620[1].dat

Filesize
3.8MB

MD5
7b5513090b9e510b84c9a20f2dd6aab0

SHA1
cb782b116520dab92655e0a909c136052fda9cd1

SHA256
90254c97749a0257cf31c852baa67694ea372a86cd18c35d207ab86118f66836

SHA512
d2b25e3f8e32c082cdfdad7274311563b82c73b03dde3f9c220661c97a055c15ee6cedd527bb1bd4520532178827b55d4425d18c589aba81aec2531eea536c8f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\cn-f47f2ba8ac[1].svg

Filesize
812B

MD5
f47f2ba8acb5067eab33c724da2ba1c8

SHA1
f6fa9e08e98db721f70016d3421c19d1e1b8cef1

SHA256
8ef49d6ab7c04e529ee32b561cae47c6173720d3dcb8445006102d9e1f7dc253

SHA512
9f6963e90a31d1f132b5fd4ca71c268795ddc1ac84469a8c866eb8ca7a658789eba9925cf06ed512a816cd54bf1d56739bcbf2e7b253f956016fa9b8fc10ea64

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\desktop-en-e09560b0c3[1].webp

Filesize
84KB

MD5
e09560b0c355bf75ab8cd91e90dad183

SHA1
5e3bc8acecdf21ae986668ff0b48f456282b5fb4

SHA256
9e546601e70d77d55c36dda48a52a832d777c5650f6696db92a0300f87d17181

SHA512
5acd821b0a93b1cd2288e9280d085506a0dc313e5a34f2842eb0f87cd6e6cfcc3508beffe078abc14d647763c382b0d6205c46745f94cfdc937395b64e33a8cc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\js[1].js

Filesize
312KB

MD5
fd30f05af58cb1e7522700c170d3bd4f

SHA1
920f83395a407e49157f357bb04503e18f9a4fb2

SHA256
9302212eb4f2ac40900431b5176c4fb89f4b802eece640cce702d539936ff627

SHA512
d65496d618527486c7e797d510a418d0817da48afcbf85e433b16826b6b6e354451590d36b277051defd3921102f6c75a9c353834ed7b96508187927e6c62ba7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\kr-8e2a8138f8[1].svg

Filesize
1KB

MD5
8e2a8138f819175227f31fdd343d6138

SHA1
7c10d33c9b02960ee8f037c8a8f4170887e10a6c

SHA256
af747023e02ea3d7f8156a5bdb4b04bfc4e52fe457c393a5e37d73427c443b1b

SHA512
03c3aafd5be231d8cbeb52af6e96f8b5c5e475b6adca7752c1045b4a8d307d0ef8b342d56036070a521d21cd13be4d2187a6cb608b9990b2f9d6d0ab70c2be93

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\menu-8be136dc7a[1].svg

Filesize
836B

MD5
8be136dc7ae34b747abbeeb03b76283c

SHA1
54dcafb81ae1728a71198da5ea0c677a09f4bff8

SHA256
0bb552f7db71b649983c234b756c3a84bc6c115a2507949f3eec338374cc88bf

SHA512
00917714a4da4f5098829df9bb0cf6ec5d5636b1c85aa8ad3a2b34e234babbae4f0589cf2a5b6eddce14c3bbb63598211db100ed6404e0e40b1d5441d7e79552

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\menu-close-c51ac698b5[1].svg

Filesize
961B

MD5
c51ac698b55a0f8cc0291f00cf9baaa5

SHA1
abecbd2ecb0ed1735c3d6a71ba62c46b120f39bd

SHA256
0af330e7216e064c1e5fd255a884e291ae64e78859cb3669799f561a7a5d7496

SHA512
035449cc1ca680867eafd5056ef934ef414b59498804cf7d933eaa7645d4a900d4a3db01c1b9e2fbe43b728e50919243d9664d86741b4e609f596feb744e3cd8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\optimize[1].js

Filesize
180KB

MD5
f3700715cb26a8a80940582e944d5459

SHA1
0e2ad8784ed42269a659043ffb97b1651d6f4cdf

SHA256
d7a18546fcddb37f1df46ca8571b879a63f21d7fa34b6a678ba4b544e0725edb

SHA512
878be06f18f7b822aa91634df300780e1b4f8ef6a3d7c73e40e142087e16a0eb7262d3b3993d01ea51e96b4b426554ba580781ed537d97e244b43722b0dd791d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\thumbnail[1].webp

Filesize
30KB

MD5
26af04ca4fb4ab03ef3adb4707801389

SHA1
c9af56c7566ad70ebb66b9227e86f9d188507c19

SHA256
002da5525aa0dbfbcafb740a262f92cdaff02c4d625ff39a46419170c23d0be3

SHA512
fa838a0dfaa1f353b2a6f090301c5e8d5791bf04fbd6a19d3ff92514d74ce40ec27121201cfb22e7b0a81f753a0f1cc6bc680c4cc3984bfe086bec38ce92da4a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\trustpilot-stars-24dbfb1cd9[1].svg

Filesize
1KB

MD5
24dbfb1cd955f8626d805bfc4e4a79c2

SHA1
0440ac857b41f57601e8f93e812881dd5138fac2

SHA256
9b517d3fbf734a749249242f16d470a4f7b445182f7cebde45bd953284edfc88

SHA512
96b1a8452de011722773b73f40f3d8d308acf645ff28e270fc3eddd2ba0cf1a1669157062d5a8a26fcc025fd9bc5a8e5e3e0af0c558fcae068cdaf5af060895e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\us-43f31a3962[1].svg

Filesize
4KB

MD5
43f31a39622611e032cb8c441f73ca4b

SHA1
9e8cb38fc9a30ce150216914c044880a2f9ed71a

SHA256
96dea00c7ba84ee6b0f814435ce16088a32dc60c3006a897cbf298da605604fe

SHA512
807a9d92b3f57968d5cfd6f88f89d510e7f33b64a17ab18f62dd9e96e7075cb7de4e88f9c38d8f2d6c41c49c8da82a65b449ad898fddb391e2881f5de5abe7ff

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\SLAUSJ2C\wemod-logo-40777eae11[1].webp

Filesize
3KB

MD5
40777eae112e634071fa0242e1d9aff0

SHA1
42d16d30ff47256fc44a3d33a23b00bc7278fe95

SHA256
6df25edec1f5260919bacb15d25b32864c5e681a679610d7c828989b45e13490

SHA512
b58169ff0a0494e10d7c7fa23ba64f30a2a275308496964a2a23cfd6cb01c2991a9c50dcd2d312c73faa8d2f478df641265ccadf7bfde78bf3fb4b8187959a14

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
e935bc5762068caf3e24a2683b1b8a88

SHA1
82b70eb774c0756837fe8d7acbfeec05ecbf5463

SHA256
a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

SHA512
bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\6DA548C7E5915679F87E910D6581DEF1_7811B3BA7B60651413EEB6D44C2249AC

Filesize
471B

MD5
d6cf2a01974bcf1963acdc5a4aeb902d

SHA1
6c1008e2b3799d54db5ebb07e1081926a44e08d1

SHA256
8ba0987b3eea85ce2458afaccf594cbc7f2478e27b1d99d80bb032aac854596f

SHA512
475a8cf0e015b969a1fbc1ad91acb333718d4048addd16f72759767e4c6469e2d2aecec84eac84d8802a7cfd2100a6c7288487941440aaf4c3d2de4d63c99d87

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12

Filesize
1KB

MD5
7fb5fa1534dcf77f2125b2403b30a0ee

SHA1
365d96812a69ac0a4611ea4b70a3f306576cc3ea

SHA256
33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

SHA512
a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_77E2956DD9098E2108A0AED4BDF2A9AF

Filesize
472B

MD5
e7d5d3ac857d5b2ac6cd2549ce0a52fe

SHA1
e451333d6f71031724d4e8bbdb61d799f3fc4c22

SHA256
1721f851144e67745dbe768f28fad5d337b221f63c7a4d8429863f4232da7354

SHA512
4e9ae1ccce966d41f0c2994034e71bbfd01b64fc0cb1d2aa8cd93095f909ac77961353f05bbe36a01684b58013ee8140d5e00560d8247cc2b65eaa17fb006d49

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8

Filesize
436B

MD5
971c514f84bba0785f80aa1c23edfd79

SHA1
732acea710a87530c6b08ecdf32a110d254a54c8

SHA256
f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

SHA512
43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_0EA8BE9F5A236A565654851B389EB70B

Filesize
471B

MD5
09e1d21144bf61a442c5595f7506b6f0

SHA1
2659fad1c2c4f773372e4964a221a390c5635bce

SHA256
7d125fe3bf1be4419c7cbb40119f084a4459e2a442b99f7ae49e137c006cae80

SHA512
fa109ec70d7884bb01024894fb9942f8fdb113ca018eb099d0f20a79148b78bfe00de5e9b8f1ed2c70204e460c81573875537f26494eec57c6592d9864041811

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
170B

MD5
734d78335b12b7553b98a9ab80387b60

SHA1
2e926531c23eb0cc14654f2f54c5cd512a0bbf57

SHA256
61fe441f5c730cbadf860e292f6922f10484610634d52be13b1b7845386fb6e1

SHA512
c0053047001229b0013392328246bcd346da6b4f302bfcc2b011be4bb72e24e060270e300ee2395268f74aaebd1c965b083e02882f124d95d2aa87746c71a623

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\6DA548C7E5915679F87E910D6581DEF1_7811B3BA7B60651413EEB6D44C2249AC

Filesize
402B

MD5
ff25c1d2f9d124a86f633aa6692ce5f5

SHA1
1e9c06eeedff0f516829127f26414cebc1c685b8

SHA256
ccf695d3c30dfa11d329ceb6cf3fbac14d23881a63b71274028cc528b8da63bc

SHA512
8ef3edbe7717479752019c57d5701105163b0d47d64d8c3225c865759824481f2b0363bfa513fdf32853cd84471db6b871b041cd8775cc6f74f30733f91b6f83

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12

Filesize
174B

MD5
aee59edfac016f2831c4a8a6123ff9c6

SHA1
d90a38988e55e9c41e3bac70433d986e4fee491a

SHA256
1bd073df6dc516c6de7e8d208e4ae304e0c0610b09a0371a05a157703f776ded

SHA512
08af5a5d854f025c363e664879ad35be91fef10321b617d4e6d383eb6ff32359d0b2d21bf0494a7353969a461783f357ee47ca02d6ecd105692725dff825dc46

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_77E2956DD9098E2108A0AED4BDF2A9AF

Filesize
406B

MD5
b7343399a0848a79c5f405d86a60d9eb

SHA1
6d61f25890ade1e31ea0dc188eb705da391c8c2f

SHA256
988c937b3c92c474ac203d92d082baaa3ffcdcee95bf3d72eb50c15fab0a69bb

SHA512
f5372d9c21037abb925df4f861c630c00e61ae2ca0f4ddee4a263b07ebcece530c40e2ce65dc0a5547aa25efd84b938e636ffbb9274eebfad5a3a3b07bb7cfd5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8

Filesize
170B

MD5
55fb1f2766f83719bdb296c969991c4b

SHA1
a79db417c72eb0f846240534d97a9f4fb18352bc

SHA256
c23fa32a2fa74b940f15ae7d4ab328046dc69b18099b883bd58f206171a8d9d1

SHA512
311fe56e68fde1a2e3f78624aa886e2f44eefe394dce7defd4666329739dcb97593a280e4428cad70b1ba457c43033e4314f88e3b62c39fd41e4c792f89e731d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\DDE8B1B7E253A9758EC380BD648952AF_0EA8BE9F5A236A565654851B389EB70B

Filesize
402B

MD5
e083a4bb1abf601f40874f50bccdc092

SHA1
ea1dca6864252b299a09d373715dc1c74dfe5630

SHA256
32de65e580216ec1a42137a658a62ee92a695935987d4895f5add8323e2ce6fb

SHA512
91e3269dde0b7b59299e199aa8e7b7a3f715fcc625c100af9c10f1d69580f36d8a63e882b3b0d36477533a1efafa9d4d1210f9d36a08f0ff3c41ec67fd074f34

Download Submit
memory/200-16-0x0000022D70020000-0x0000022D70030000-memory.dmp

Filesize
64KB

Download
memory/200-35-0x0000022D6D3B0000-0x0000022D6D3B2000-memory.dmp

Filesize
8KB

Download
memory/200-0-0x0000022D6FF20000-0x0000022D6FF30000-memory.dmp

Filesize
64KB

Download
memory/1704-331-0x0000029131DF0000-0x0000029131DF2000-memory.dmp

Filesize
8KB

Download
memory/1704-206-0x0000029130A10000-0x0000029130A12000-memory.dmp

Filesize
8KB

Download
memory/1704-337-0x0000029134200000-0x0000029134202000-memory.dmp

Filesize
8KB

Download
memory/1704-335-0x00000291341C0000-0x00000291341C2000-memory.dmp

Filesize
8KB

Download
memory/1704-333-0x0000029132CF0000-0x0000029132CF2000-memory.dmp

Filesize
8KB

Download
memory/1704-342-0x0000029134300000-0x0000029134302000-memory.dmp

Filesize
8KB

Download
memory/1704-326-0x0000029131220000-0x0000029131222000-memory.dmp

Filesize
8KB

Download
memory/1704-323-0x0000029130740000-0x0000029130742000-memory.dmp

Filesize
8KB

Download
memory/1704-328-0x0000029131230000-0x0000029131232000-memory.dmp

Filesize
8KB

Download
memory/1704-270-0x0000029132600000-0x0000029132700000-memory.dmp

Filesize
1024KB

Download
memory/1704-217-0x0000029131B80000-0x0000029131BA0000-memory.dmp

Filesize
128KB

Download
memory/1704-208-0x0000029130AD0000-0x0000029130AD2000-memory.dmp

Filesize
8KB

Download
memory/1704-204-0x00000291309C0000-0x00000291309C2000-memory.dmp

Filesize
8KB

Download
memory/1704-340-0x0000029134210000-0x0000029134212000-memory.dmp

Filesize
8KB

Download
memory/1704-202-0x0000029130980000-0x0000029130982000-memory.dmp

Filesize
8KB

Download
memory/1704-198-0x00000291307A0000-0x00000291307A2000-memory.dmp

Filesize
8KB

Download
memory/1704-196-0x0000029132600000-0x0000029132700000-memory.dmp

Filesize
1024KB

Download
memory/1704-138-0x0000029131C20000-0x0000029131D20000-memory.dmp

Filesize
1024KB

Download
memory/1704-136-0x0000029131C00000-0x0000029131C20000-memory.dmp

Filesize
128KB

Download
memory/1704-62-0x000002911F6A0000-0x000002911F6A2000-memory.dmp

Filesize
8KB

Download
memory/1704-65-0x000002911F6D0000-0x000002911F6D2000-memory.dmp

Filesize
8KB

Download
memory/1704-67-0x000002911F6F0000-0x000002911F6F2000-memory.dmp

Filesize
8KB

Download
memory/1704-373-0x000002911F6B0000-0x000002911F6C0000-memory.dmp

Filesize
64KB

Download
memory/1704-351-0x00000291333D0000-0x00000291333D2000-memory.dmp

Filesize
8KB

Download
memory/1708-43-0x0000016ED5400000-0x0000016ED5500000-memory.dmp

Filesize
1024KB

Download
memory/1708-45-0x0000016ED5400000-0x0000016ED5500000-memory.dmp

Filesize
1024KB

Download