hxxp://www[.]landstar[.]com/

Analysis

max time kernel
53s
max time network
54s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06/09/2024, 13:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.landstar.com/

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1340	msedge.exe
1340	msedge.exe
3208	msedge.exe
3208	msedge.exe
4188	identity_helper.exe
4188	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe
3208	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3208 wrote to memory of 3240	3208	msedge.exe	83
PID 3208 wrote to memory of 3240	3208	msedge.exe	83
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 3268	3208	msedge.exe	84
PID 3208 wrote to memory of 1340	3208	msedge.exe	85
PID 3208 wrote to memory of 1340	3208	msedge.exe	85
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86
PID 3208 wrote to memory of 1572	3208	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.landstar.com/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed34f46f8,0x7ffed34f4708,0x7ffed34f4718
  2⤵
  PID:3240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:1040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5804 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:676
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 /prefetch:8
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:1212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,17839034992678783486,15547154763398000164,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
  2⤵
  PID:428

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2112

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2256

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
94KB

MD5
a735025bb21fac6bc9d1e5aa2c61775f

SHA1
e26c5b0df6eb978ac750388c4d2162949325555e

SHA256
5fd5e7367f39651309c1cec0689d06abb599ffafbc3caf7079b4a8d0aaaf5a03

SHA512
e7d0e206d2ec0b0f8ebc3c8f4bb3338e81bcc160f7c455ca46cb2eb658bddd592882f0b62484e71299f790154b78161c905290416c1bc5e5580cd0bc05d81be8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
55KB

MD5
5ad67628093b90d7b09f19fea57ebe1d

SHA1
c983290e8692fe0d4a5a6f7354c27ad4c61a0221

SHA256
4c79b51c58fa56da28c18b94f01cd86596fcceeabe3f7e624cfd355bb966b63c

SHA512
77831e58cad399009e784dca517836ed2a27237890f5ab63dda6409b528952313c33f76b689076162f239d3de2da1aa96d369c19a3a328da431ce712642574b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
100KB

MD5
ac2ed77a650c7554113cb74f56fd1b0d

SHA1
5f00a59c039ea71ce0a974c50af540712acfec47

SHA256
b56a67cdbe1d551de97088948c4deeaa107e524eddd677938417e22a1172e7a8

SHA512
13c5e3002ccab5a444c7ea5a4bae1790412cc770c4cd66faa4f1098c848142805a93318b3d6186b2815af3c980f57e845234300070a12991d9ece508073fb552

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
103KB

MD5
02b50472b7337c2168162f88a0334160

SHA1
a8f1329720487acf5db38c8fa216dbc058f2bd46

SHA256
31217c6760b0e45db9f96c3bdc6247009add9e128a7df923f92128c03932d004

SHA512
c10e7306052e656497ede690bd33998400dbc99bfb5589c42c33490c7255f7c6c106fddffd463e3a0fdf63caddd8777286335a64cb4c7283ba1efeb10f0599fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
57KB

MD5
8555657a73b1980473ce0887a2250b5f

SHA1
70816655cdd058aea3a4f2358db65fcf76d291bb

SHA256
a8efbcda248f73ca4e939ae858eb2aab8983388ce68b75ed695c960ee45e465a

SHA512
354bf500d5889c7a74d86e2747adf8d77dcfd7354ba2e6f63f3aed12d25bc3752135611041ac2cd0e0602b9841334f1d4ce165a7a3bdf91843442c88e2b85e22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
26KB

MD5
97a3bed6457d042c94c28ed74ec2d887

SHA1
02ce7a6171fb1261fde13a8c7cbb58992e9d5299

SHA256
ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67

SHA512
6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
144KB

MD5
3329f97d9e25aae7127b452584602763

SHA1
740f730446f82df6777d95bf1e1d165a1a00d9ab

SHA256
4955ccf3572ed5931e9bd681b0378dc8d878f71a2cd94aabb9e382ba85d40a5b

SHA512
d9665f70f06265fc933b0016d43d3c01be92c8e8499b75b5b3e6d89e4eb4254f93ebadeeeb7b8b082252257b111b6cbe8eb072263c5f3a9e256286e6bf0398cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
98KB

MD5
3ae06bf79ffb5378ba0ce44bd075cfb8

SHA1
0481ae21665ddda57cc8841e32d1509263078a6d

SHA256
0534a8babd29c65552d0115fff910053c0cd6b26b8cf42cfb179d525434a95f4

SHA512
f620898abf308386eb3332ed07cf36f0a9268a7a769403262f036e5491a6d318cdd5020704ce68537781c61562585b74d3c1d5ff8b25c0e83af3950a1bf4f249

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02268cdb38a1193b_0

Filesize
7KB

MD5
ef762710e54241446386cace269679c3

SHA1
8f74bdb8b418000a704efd0be38ae58bfe6f21e1

SHA256
7544392feb8da802612d0e463520e6e48448d899c46552846b1a02cba018dc5c

SHA512
dc4950114f7c1fde1a02e7a053381bb113e5e80576d69909592432f591fede41edd6fe99a3b876bc4c12adb686aadfbb9dc944f9d21d0af7550fc4206eb10c27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6b0fd7088d2e0cb4_0

Filesize
250B

MD5
a93a395db91236cebd1d69a5aab3e570

SHA1
514a9c0056be16b66d6f4afe0ae4c91f994b76af

SHA256
973cdbe75bc0fe9fc08fbc034efdad30d28e1bbe1047c9464066cca0bef58414

SHA512
4821e035827c4f2c464baaafbee425f30ae1baf76464c1bb922419d2b21ee9ce3e953c0655bb72dc627d2d98b76a8ac209bc79a49e522fc61d3f591e6cac7673

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\863a7ade34119280_0

Filesize
207KB

MD5
bdf673d10ff4cc4c8c2a0b60912f66a8

SHA1
b28b91688014aaf449bc6aa31baa5a182ce09e5c

SHA256
b965be43dd20d3401bf92b39c6ea39f0483a80ddf90182fa991486dbd0a064b4

SHA512
134d8adc1a4f91c1b527fe619ad80734e27eae9ed1a96421761648d0bcc48851347e0ea0a4654bf4753d0c706b43c8ab06061b8cba77af279f429fa370046fc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cba48e6402f88eb4_0

Filesize
4KB

MD5
f30e688b84936ee35640fef92b09d53a

SHA1
8d97117c11a915a819de55ba8b3f38e96edc9b94

SHA256
119364b121e3e000c4a8f6f477aa6a57b4446da9820484c08d19bd6bd65c2ff1

SHA512
83e3ed8a61770a00338e2a6063c6c0114b23d203c04ae8d0d0d61a1ca8922e1ed9a2da485d4d69f5904e752187ef74d1499be11fbeafd5708172b9427ea013ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6439c376eaf57e51035accabd4f1a0b3

SHA1
8892a8bbfb7dcc3b5c400a2873b010dba7197738

SHA256
b9f88fa1355b69736789718c8972888ae36333dab4d85d69e40df9d90f7627c2

SHA512
6a0e47d5c57fed2b5cf6ec502c924b681ee8383d5ac54ef43f04c7db67266c897629c843b1af2970057f4ec3c55c6fb195dfba099e3282c30e8bd8dc109edc3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.landstar.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.landstar.com_0.indexeddb.leveldb\LOG.old

Filesize
556B

MD5
6ce28f991d47763c4a47ba69e5302a63

SHA1
5a47b80cfa3f100a25a35bae77f43d4c37d99f7b

SHA256
8d0b1f133bc163e15f7c6ed066d37b8e70e8a6b334b0a21c1b45e029de788419

SHA512
c6e4b765b5b7e733d202606b3728d49e5f37ac4ed8658b9a733a471d01df13cf449bc5cfddafc687fd5276142401e43a724b9fff231cba7eba9d20310384453f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.landstar.com_0.indexeddb.leveldb\LOG.old~RFe57d37c.TMP

Filesize
1KB

MD5
56675b7d197989d77adee7f10c911db0

SHA1
a7d44fa0f07d935b4a36ace0085292a2702e367c

SHA256
2362ee765c4c803c963473c71539f54ca4a6d15a2770488ead432c685b56c173

SHA512
f1d72cafc18b3770bdba069f79c9f06acd369a53391ae4d7b5ece08b9e1c874665e64448414abc65610eee0dd15ffe709b983b73c104900164bf9cf1f19477e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
656e50b69d0dfd1772093f4cd81b391d

SHA1
fe4b49edc259a7fd2fc9708f8a55c137485d9854

SHA256
af9f2c46e01af822dcf43271533d1c37775b0b434ed46da77139120530e9ee5c

SHA512
50ec5d52c1ba226bb8f98f18ac83168dca2875ba84a0fa438d6d7d8238b526af99124a6c33e1f2d13a417361d6dc50597cfabdb69691850c0c1cf70f4b1c90c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
9c68fa7f6effb9d9584f2df63993269b

SHA1
5d21de1246e45c407e2fb5f6947dca6e6a7b3215

SHA256
ee31567eb0d3b54aba320e26187fe999c2ef64ec695d28169482e552b24ac105

SHA512
8a01192653078aa6000492ff46f6498c8133c1b6e41f24111d2cf69d487f0e4f43e4e90d5d8d21a84f13f8b055c94b557b6d85caab0b1e463475e336d7e0867a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
095c7930f5438b858d3dde9f50b91140

SHA1
4ba7ac914ced1529dbcb4b4e98b9d834162f56ac

SHA256
161d1014722324c864c6f5173126a1bf278aa5539e6b3c9805802ea955a15ada

SHA512
5398a7e3d4b4c48358b6250017fbcf9d232784aebad32a38746e1925b0bf3f8a7c5c2b20bc674cba8700b2aaf6650f5033571ce45c37ef893844fb01d5f4f029

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
6f3d5ccc0eaf2be6e1eda970bc417545

SHA1
787360e93b71ddc5ce1f7d52889ceeda1475e05f

SHA256
92241d666f105ac8313bf5f34f32cc68beeaf823996febb72fead1e40aa739ac

SHA512
6ada4cafc368d2f6ccac9593ad32139a2b01485281e4cd13823f0c249059821fbe65a99f69d7239d9291bced59f25532bef3ffa0a5f1516d7504a764a04e5bdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c3eee99346917454a8b0a445737916e2

SHA1
7928394b76b4541fdb1fb7e659f5059cf80fb793

SHA256
8a184d3bc9a3fc2252fc5e2e47f87293c55dc873c2a706a6b8691c9d9c134f86

SHA512
453c47f982ebb02ab318dac47e4151708da6a6b50a327c59993c04b2164b273b030ec9118304962c3c708500edfbfe454abb6399a7def636333d6bb5eda390c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ad6626324dca52cf9546e2cb9192c726

SHA1
6144bfbda06da413868e429a6bcf7a6309ea8a58

SHA256
510d2d68cd62f0aadc90d7f06405131be945660c2097c3f4fc31bf449a5b7658

SHA512
0cdfead82d80b3ed3a148b62eadef95ffd98cfe35659f0fffcf51bc62531c74b09c281320e9065b5b646d058d73e0724d3aeb9d726419a5639501e113df5ea72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e7a18fc2c14d5cf289702fc783d4e1d0

SHA1
d3c641eca20463fbff32b4ebca33bf9e10ee796c

SHA256
04ab10776981bca71cb344ff14b8f38a7eaa62f7d8bd56539ff58467ac76a7b1

SHA512
6d441ecf7b8eaa6e9065e0bdfe90a0041ff7b2d8dfd1beead3b82e3bb3c9485677a97d87e56407a9bf132e763fa9d546c509720291dd3446729994951fc0cafe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c246.TMP

Filesize
1KB

MD5
763221791e5cec11a4c33ba8b82fbb36

SHA1
b61933714b75e9bc5facc01ffbf8feaaa1d012e5

SHA256
2f9841622c23feb582d0d24d50eb8de1ef567b6f0b8868c2e513809952e9e365

SHA512
e62b249f49616025e3428ba7307592a55d386d502a0d63b64959ae2dfbd7e1fc44654a0270bfb2bc466bb469719f4a87d5b2cbf5c24ed42b08e3bc4e258cd83c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c91e851031fad4139a2d94d91081c22d

SHA1
590385cdfb5ab258ea781495ade18f0030942faf

SHA256
383686aaf675cbd42558240b8a9365c864c94a0185d36b9d44c033a86f4c3ca8

SHA512
a3366205c95975b2396641873f7a7230fe03d02857c44092fea7a08b555307784e4f94a2781341ed96507e9d3035725678a9238d7cd154678229fb7706be02e6

Download Submit