hxxps://megadropz[.]com/s?svDI

Analysis

max time kernel
258s
max time network
270s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07-09-2024 18:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://megadropz.com/s?svDI

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
443	discord.com
400	discord.com
401	discord.com
402	discord.com
441	discord.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-656926755-4116854191-210765258-1000\{9EB67818-BF03-4A2B-BD49-DCD5536F2B40}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
1156	msedge.exe
1156	msedge.exe
3724	msedge.exe
3724	msedge.exe
664	identity_helper.exe
664	identity_helper.exe
1072	msedge.exe
1072	msedge.exe
5640	msedge.exe
5640	msedge.exe
5640	msedge.exe
5640	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 46 IoCs

pid	Process
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	732	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	732	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe
3724	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3724 wrote to memory of 3820	3724	msedge.exe	85
PID 3724 wrote to memory of 3820	3724	msedge.exe	85
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 3016	3724	msedge.exe	86
PID 3724 wrote to memory of 1156	3724	msedge.exe	87
PID 3724 wrote to memory of 1156	3724	msedge.exe	87
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88
PID 3724 wrote to memory of 3124	3724	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://megadropz.com/s?svDI
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8fc5b46f8,0x7ff8fc5b4708,0x7ff8fc5b4718
  2⤵
  PID:3820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
  2⤵
  PID:3016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
  2⤵
  PID:3124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4688 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3996 /prefetch:1
  2⤵
  PID:2272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6168 /prefetch:8
  2⤵
  PID:2284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5932 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2284 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
  2⤵
  PID:5876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
  2⤵
  PID:3756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
  2⤵
  PID:5752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:5784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
  2⤵
  PID:324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2016 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8216 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1
  2⤵
  PID:6072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8860 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1404 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9100 /prefetch:8
  2⤵
  PID:5844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9128 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8332 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7312 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8228 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4467875594787469608,936576523391101862,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9396 /prefetch:1
  2⤵
  PID:5716

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3720

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3684

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x52c 0x500
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9e3fc58a8fb86c93d19e1500b873ef6f

SHA1
c6aae5f4e26f5570db5e14bba8d5061867a33b56

SHA256
828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4

SHA512
e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27304926d60324abe74d7a4b571c35ea

SHA1
78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1

SHA256
7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de

SHA512
f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8530d89c-66e9-4311-a90d-b76f9440b9b3.tmp

Filesize
10KB

MD5
bec2b8d9f62bb419e5f351eee82906ce

SHA1
ce20e9d090d1c402eb1d78a812214d59950d40fd

SHA256
9c49b34e71a8dd4f948b0254c6413763dd33db20a5e261d5a58469dc1890b33e

SHA512
fdc310bd144fb9fffb5ba9d8ab8f708344350ab01d0045bbbc1263b1f78c7acdf76bc5d297800ab56b2e995a2b931287bddaecfcd41603c1ce64b59ddcceb44b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\91fb86ad-6155-4cbc-b838-8c43e2f33af6.tmp

Filesize
3KB

MD5
82c0567f009cdc84e186c111963dcd88

SHA1
fa5128f4205557b8bcd399de0254d75bb37eb6ed

SHA256
ba9b8003a6f63be1ecaaa783e227c5aa26258505682c17e3814dd6b6f2db99f9

SHA512
b7c7448142d9c456fa527683bd67eba7e767f3c2fbdcf4406d668febc1f142ed805ee7c7fa3bf384b043c102c1ec58fcdbf1fc14d40b0291e91a6cc2cd831e3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
67KB

MD5
929b1f88aa0b766609e4ca5b9770dc24

SHA1
c1f16f77e4f4aecc80dadd25ea15ed10936cc901

SHA256
965eaf004d31e79f7849b404d0b8827323f9fe75b05fe73b1226ccc4deea4074

SHA512
fe8d6b94d537ee9cae30de946886bf7893d3755c37dd1662baf1f61e04f47fa66e070210c990c4a956bde70380b7ce11c05ad39f9cbd3ea55b129bb1f573fa07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
41KB

MD5
9101760b0ce60082c6a23685b9752676

SHA1
0aa9ef19527562f1f7de1a8918559b6e83208245

SHA256
71e4b25e3f86e9e98d4e5ce316842dbf00f7950aad67050b85934b6b5fdfcca5

SHA512
cfa1dc3af7636d49401102181c910536e7e381975592db25ab8b3232bc2f98a4e530bb7457d05cbff449682072ed74a8b65c196d31acb59b9904031025da4af4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
1.2MB

MD5
9b9570e1f7f5a6fd82f17a13a4f1dd52

SHA1
922548f8324b645cf5cddf4d49f0778900050877

SHA256
195836ff1311b8e85258e3b8a0da7c3c5d7e5a38eec9fff08e59d6a41422229b

SHA512
53cd0d03b9e927f197b732d288dd2eb27fdab0228726454ec5ab97f3ff48250497c4fb5fbf892b85a2c84588d8ab659c4803f4d0952954252469acc54f978ace

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
20KB

MD5
c5ab9804e1a546dd80d33ae5dad6bb7b

SHA1
9c7b1a2329616a3b459119cad6e77aeea385c459

SHA256
71552b4f459db452b159448fe634ae5c3ee8f18fba0d8d4af2368f05c9719ea9

SHA512
de87701f4e8774b50e038026c384e67a8dcbc831bba353377afdbdbcddd787f914be4399ab99b5b688b61c34c796bcd33c4c53c2b34bc53b59da8bd733f48bcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b8

Filesize
144KB

MD5
25563f4aaf20e9f83a0fe2690ffd099b

SHA1
dc2ce91f54a312cc253fd035a2bdee26ff9ff00e

SHA256
dc6a9531c92b6cdc1898d907cf338d1d7474f43187bb6157cdea13e4a191988f

SHA512
39afe93980bdbd37430e2b7f05e76ff10abd0c35d1916ca42e48d8a598e68747212a0e4d00a18f1300941dcb97e74204a0dbf8ed228117713140228632a93eae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b9

Filesize
260KB

MD5
84a35603d5c9557fda7e366cf2336f76

SHA1
7613051b4b6a220fa76550b6602c6daf88ad6840

SHA256
5ccd13ca2f827be6be70a488acb6ccbe292321d42b89e7467a1127256ccdf3d2

SHA512
87f0629d7de42198ca3ce49f7aea9cdac86395eec915c85b95b7768621e65ec9ff43346d840368647d1c2e11f8a1844abb25ebeded087b5d67e2fb04750aeee2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d0

Filesize
3.4MB

MD5
f99e27fb02ec561ca931253c2259575d

SHA1
b95ef3b757239a4e5122ab94f2a0fa84a86b6955

SHA256
65884f56ddaa284a5e9bf04e392caf3385900f01ae1d71bf1cf3b7eaaf4fd530

SHA512
0a8dca1e5f91dc7608deb889a4429db951048dd1d189896db5185f01fb71dcd8c11b986e8cdb307b1db8e54cb4538621900d536ccd590ecb4ba23fb43def41b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d6

Filesize
31KB

MD5
0b132f8117d23307620446dcabaac844

SHA1
2b8effc6ec228f6c119985dfa4ec656a5f145e92

SHA256
dd0b85dfa2859f3ad25e5c26f499c38f3586fdaa476e4c447f7b79d75e04674b

SHA512
dea089938fcc8d382832ec4c946bc368d0689038556df75131b281df9aced6d979439f8122b9e2db5733405f9f887328a76cce5cdc08d9e1500a5d4587718289

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000da

Filesize
37KB

MD5
3d6549bf2f38372c054eafb93fa358a9

SHA1
e7a50f91c7ec5d5d896b55fa964f57ee47e11a1b

SHA256
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

SHA512
4bde638a4111b0d056464ce4fd45861208d1669c117e2632768acd620fcd924ab6384b3133e4baf7d537872166eb50ca48899b3909d9dbf2a111a7713322fad4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000db

Filesize
43KB

MD5
82ac90703299ad0b9ebbe44704ddb799

SHA1
4e05289475feebe13f2b7ad2f74b0ee65e482ac8

SHA256
107cace668a3ed82780ddcabe4fcbbe7b4c97538c8fcc01c17c4bd24cc0213a8

SHA512
ad99a828c2763fc0e711b625ef32ca297c3e46fd52da36433166a791211b3349c487a118914e5e6b5daa2b27dfd68fe57a72e4541a651f2a38fd4a47b0c98462

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dc

Filesize
38KB

MD5
71d3e9dc2bcb8e91225ba9fab588c8f2

SHA1
d7e38ee4c245f64b78eb18e6ecd7b9f53b3254a8

SHA256
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813

SHA512
deda05ebd575d413aa2277876991ecc2ea238907390753485ba1b487ede2f432363c46daad5f3f240eaaf8d3258150829a3ae3d2d9c420ea59567cfd440361a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000dd

Filesize
38KB

MD5
ff5eccde83f118cea0224ebbb9dc3179

SHA1
0ad305614c46bdb6b7bb3445c2430e12aecee879

SHA256
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

SHA512
03dc88f429dd72d9433605c7c0f5659ad8d72f222da0bb6bf03b46f4a509b17ec2181af5db180c2f6d11c02f39a871c651be82e28fb5859037e1bbf6a7a20f6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000de

Filesize
38KB

MD5
7f63813838e283aea62f1a68ef1732c2

SHA1
c855806cb7c3cc1d29546e3e6446732197e25e93

SHA256
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

SHA512
aaea9683eb6c4a24107fc0576eb68e9002adb0c58d3b2c88b3f78d833eb24cecdd9ff5c20dabe7438506a44913870a1254416e2c86ec9acbbcc545bf40ea6d48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000df

Filesize
20KB

MD5
4a7745f248721d14a0c91ef721c96ab6

SHA1
072935237c063aad6217cf4568a0f3ba2a090c45

SHA256
123f97043a7fcc52860b5416da66de5bdeaf0ba12130e765b4bcbdb444ea0a04

SHA512
c9bf59d355f651eb0fa99d508223d624e6c41d9fea086a181326179492d8fece91ab023799c53d53469384d0c11827610a14fd67168a2de46c56c5165dfaee80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
795e495cc6594f6b35c661f01eee3ee8

SHA1
1371e628a8c74d808e7e80c334758c94b633d377

SHA256
feac47861feb381774acec877e295f67b51ba1d76785cf62135015e131fc099c

SHA512
edf840fcaa73716c3ea78b063cba20bb532826e3ae108910dfc6dcf2d123e83f25454a4f63f39384bc0fa44e054679bb96839551f602b05de49e1ec02a588dd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
8a3e25b9760965a6c658ba44ecb196eb

SHA1
509bda5467001c0f84b62d09b9f483a2649e2f88

SHA256
96e4b414ffbb56b3ed318ed7406b220fc2c4d923a10238bee30efdf48d94581d

SHA512
2738b1839d3a27f104d6f82ded542940ff920a558eff7316889fba4106ca55b67cbe912d8441638fec867f2fc6f4446b3f0e164c55dea51594e35fc81ede4c11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
ff9e25c363c2c8a45f18ee08d97887e4

SHA1
78df5139d89a76364c710d69ec1ad32182231eee

SHA256
add91e3c3c7e28ca491872fceb931ab3cb9dea3805f1c8df61f415f61062c8ef

SHA512
912aaae13af394dffc72695b9c11beaaa247dd51f7ecfd1bc60b45aaff4738d982d027316faf8086aa24141af40571817c6bd8e8bed5909ba1ffe32935380920

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
7KB

MD5
8d6b21fd1800d519e8d501a10a2ac7ee

SHA1
6c8700091fea05c4409c6ff20195cd7f9e397223

SHA256
6df2a93270857f9aef84042769ad500fc214d2607e5a5e467f82161e1f03e93a

SHA512
908fc67e6bd8bad8213e04b195a951bc008941fbdc517957a34c838755ab0830ce49dc5e5faaa797581936d9ad3bd9bef1030c25ca23d07ac4424a15099a1a1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
8KB

MD5
1b4a174d9940a81aabbe160e6a285f18

SHA1
b79b3148093cdce36eb390d4c31fed4c95123cb9

SHA256
01eb3fb0cab3d8d3b088f7c414e49e66aa40ffeb0eb86d859f9b627cb01afc1a

SHA512
1de4c8dda39b60674cf11168c6d4c5e80ba1ba05f757086a5f001d822c61b15a7d6899316d38bbfaf6d936759700f8e1ab067528200422b8c4932fb4192021e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
3e751e8fa5cbf53624f4fe5d96c68866

SHA1
b5dbe2a98183f81a548b868339ff49ed887fbc24

SHA256
243e584717ccf0092f65fee44970a53bb6cdfd204f02bf5f4c87b00b61976e43

SHA512
87fa814d788d495096e907903ec5a0f1d0e41476025b4edfda92dd013f6ca2942001e7142c1f9761001ababa33b39a511ee01d8a078697d8d5893d2bab67427d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
1e561ed0d3d708cddd6915794949a957

SHA1
a573d97d4beca15606325de6a0d74b3fe293c98c

SHA256
7cae4b937a4022429946c8d657bba4da50d29b740bd5d6a604347a19a8d770b7

SHA512
53acac2da7392240bf9329a071cd04e8049b46bdf1dd44fb4b1db81d87ab1fd59ca00b5f9f3470a05579c2f68bc414d67da83f0b500ed68af4e15aa7ef0c9778

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
ed6633488f27a3bd25a57d73f5eedf5d

SHA1
cecf04a53900043dd19f1dfe2274d7358c6d37a7

SHA256
445243721a9efee7976ce3c60c72a143eebe0e7a7468525e9e798821caae9bbd

SHA512
5d6fc7902022137b6b73685dba0ca1bb219e45b77386a28e7c016c079070fe9c985015d84aad4d5ce0cbb30790aec2a54125fe5cc85728152d97e3400281d70d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c1f901d3f0ce6eb1f12ab55f57a46cc1

SHA1
ae4fcc041579d3a63541efecbdb73c04aa09a948

SHA256
a7aee7b219781522bcafa00c5fdc14df9d363232012c25dd0fafb5cd6dfb0ae6

SHA512
877b1e405f60d953f992b6721e0b7c1b12c3e2ded76d2e4d2d56ce690d4c3cc186e9a759c94ddb11dff9f94def1758b259aaaf281ff4816c681dc81ae7ea0797

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
cf6a079db327df2f667db09b004b32e5

SHA1
0c52c44bfa4973b68d2b58a6c75be4c7a4ccb4ab

SHA256
767690649680c430789c5d7df5e3222f54c21b9f3c3ce5a4a3dbc29f1bcbf0f2

SHA512
d8bb1ffb1da15fa7f06c2fbf441fdb2bb6b732a57502983e91329a8ecc8d1a8308cbcc0babada11f82974ca6c11468f069fe6d704057e614b76c038155b905d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
96af8bca31132ed5a8b6e4d7f1dcbb24

SHA1
1d33bb7ba875364678d2af6ad2fdf70f236f6968

SHA256
6e44f41e6bcbeaf2cb15addd5a277ca117ea58c51747a6573dc3ce7a63476d4e

SHA512
798733d00329176ac4a1ece2540f635df806db87d1ef47aeced92911c719aac55a4002fd0594fa18c38af9344fb3599ccdb48bd6001c339bccb3bef9a14fec76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
cc1978504d9345869a1643ff051905fa

SHA1
da55d8cbacdf7cb642c22495791beb0ef0d22571

SHA256
55290030fc48d94af84e977cedd19401eb459bf841df595e3758a97effa13b26

SHA512
4ff55aab7563a608fd14fa8b405e193fa7f19943fb1310f42f9dde9f819afb118940c6658d2ae660ea2443d947e9c14385447bbac4fc7c22aba7759c806c1d28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
0944f96146c98b6761067a9e914c7695

SHA1
9d143c19455b75b2b0bfc3726dcd9bd3ee264c74

SHA256
64395991dd33127c61117a1bc5d61b28e5e76e6908473d44d8df0cb0208a7620

SHA512
ef690265a9eaadc4ed2792df4f1078ab7074549fe82a76f67f8ee311072fbdafc6409ed7818cbc6de041d374a6ae1a4d98e580759ba06a1b6603d219448232b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
318aa59562c1a375caf4b0ef40e1cd8e

SHA1
bb201eb95c7aef5acb68d6e2f2d6c14cb56eedc8

SHA256
0f4a09e983a11e643ea0e2e388b1f117acbab4d3f29ab7e97a678068c6dad284

SHA512
aa85cdff28c977449bba48ac2916a6b0099cffabb20cd81c1d626990a3f693f517a9df1de8437bed4dc71aa77389df5a262694143c178a4f0e17dbfa0e2ad70c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
87c17ae0404edce7de3773641790e7f5

SHA1
2e37dd02334d7552be191e18ae96987a21ec5fd5

SHA256
8308e03723247f54e33979212ee15bb87fdde6caccb7dbd4bab23e70326e51d7

SHA512
9c7ae51082e3841ef733d19542bcc65122085142c731ef8d293c124deee302e8357cae27c4702501a810c5041d16e83d0759cbffa320d6fe1697ebc761d42e79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
a63c42ca48810c1c05cd4c79679b7c12

SHA1
6c19a940373af84883061adbb64f1500d0be492c

SHA256
3ba2ae476c80f59a796aa932215ac56be5c66dba69a131235b1275885f920e8a

SHA512
a338037aa2b125f1c134e8d7e67f52cbc5f968a23d9bf02bc06e46ca0fb4277fb50c3f8add687216f1e8283cbc635ca37337b7f9e2cbd99653564b689dd61243

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8df8a839e024fa58cfeee2ea21bdd721

SHA1
0f2cb3ba0dd49b5b2883d72fcaf510ef0c7cd5d1

SHA256
540d8d6fdfed218bc56129882b8b144e82e7f16e779ac6d278f18f16bafd6bc6

SHA512
2bdf845223cda6887d9092400d97d8bf2268235df98270fbf8a87fe93ac5c6ebf40aab118ed76ebe1637840dc97a72a2ce4c171c4c9199348aaa0e8a34cf954f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
e99464c68c8c53f394ededdc631787c0

SHA1
942d580886481f5076ddb7ea2e75d17eb6f00cdd

SHA256
d8ce91267ab857ddc4104f05cc832b7f367cb7ac498a3f7a7cd63a1a40c6f3c9

SHA512
aa6e6937da04762fa90f3e683c0ceae62269fd6dcb4a957bcc5b4154a7dd2a1c5825c0881e79f3e9e6f294aa3a7e8b13858688724e09e643954f23ee6a29f7c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\560f4a8d-4e94-4882-8d4e-13b0e7d1ac83\index-dir\the-real-index

Filesize
1KB

MD5
7a6cdbf0da2898464c08becddf576a4e

SHA1
465ecdaa31efec417d5ce826acfdec6739333042

SHA256
883581f95c0b4591aa4c783fc6e81e66d95425dfc4cbf8b30ea2d42b3e49d71f

SHA512
cf93a1f12def725b6a9665cfb5585265a7bf4c0f1db7f7721ccc29ec52ce4702c4b1eacf4696aa53dccd9dc14ef658b32c5ef79a1586fdbd0c6d4ca23b92eab8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\560f4a8d-4e94-4882-8d4e-13b0e7d1ac83\index-dir\the-real-index

Filesize
432B

MD5
ea10f99a555c07eeaccd22c6ed8f6088

SHA1
885696e1c366b0db1f1af9cf004e2531861b17f3

SHA256
0a67f86178b3dfa1a7341b572c367dadd5a788f13025f26e7a93c11210073581

SHA512
cea5e8e4a6d45d36d806003d1ea8032ef720142d59a77f3b4a3da122575f54415c0c26b14c0274060fd36813ce12866bc9321cfb297d01542d56f3962d967ec0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\560f4a8d-4e94-4882-8d4e-13b0e7d1ac83\index-dir\the-real-index~RFe5a2af9.TMP

Filesize
48B

MD5
435b07b630cb872bab5b85b1b6f833e6

SHA1
a89894784df9994ec414f5d114c70e3373cf6b8f

SHA256
519b094d74514113674033186835a9646dbca72f821a4498ea9f0db4f7b7b80c

SHA512
e0ae1cd4323b1a95f551a31174b7ffff726138cd8d4ea5423e76c5880b711c2bdb7e5a96401abec5c7fc877f48a479600154d3cc1b0db066e409ebdb6d139be7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\5c880f33-df20-4520-b1df-fbca1c513e73\index-dir\the-real-index

Filesize
72B

MD5
93576d1533bd45f41dcd2db539bd31b9

SHA1
a75c5e1e842baa51fc479b828f31a45cc6dd5f5c

SHA256
d18b5a76b838575df09aa1df816ea8cc643719764fa3e81cf9cebfd9a5a119b3

SHA512
6e382ad714c8d12929356d0aee7c4b6b2affd830c5f12fcf78bad7a4e35dc0bc3c1d1492bebe7c76d9efebdb8e5cbc1fa2a66475060ca23ce83557f3efa113c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\5c880f33-df20-4520-b1df-fbca1c513e73\index-dir\the-real-index~RFe59a157.TMP

Filesize
48B

MD5
1045ceb0c9a6ea1423af4ef597e127c9

SHA1
b4b71a81101a72340e0ccb86608fd615e4cb0367

SHA256
3df7e32802de2de404ab8bbe8183ce60b0884133f1bdb85c5fd84da94e3ac0f5

SHA512
836d8323543d8627dd225b6b52d6433ff1778a9ff7bfae71c2f288342f730d9532daac28f4778706a17dee98a8db99bbf707a54141f81b40b4a3ae2243649be7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

Filesize
86B

MD5
de97af8b853b0438ac06f1656072cfd3

SHA1
060cad1209a468e16695a05ef0f71ad72181b85b

SHA256
75e9fa818bf8985a28f294114f283a5f72b281ac95b1c520cebdff42ae9cddea

SHA512
8bef7c4b4af1409d768a899ef1385e890b8dcc3d8673fb8d5d782d292996feeb39788544eab5970906c073d5206cc84d0dc42629329e0889f5eaec40d2eb8d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

Filesize
176B

MD5
9f0e905f0780a03da5cc30b5fb01e37f

SHA1
7f9b84985b08f49b7280e39cddc184ad1bf3affd

SHA256
7bee247bab1f3a5f23a995879ecf6cf37014e1b847755d8df2336b84ee30316a

SHA512
ec2466bb3045d069214a712c73fa0631e4592bcdbf9b85fc6e31e8a26334c0bec5671047f73b941681681f0d4abb2b40f8ae683791dfc99d1eb62a3a90509514

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

Filesize
172B

MD5
d65d795367dae305663dbb49040e2c65

SHA1
89e1f019de8da9e5409a91b68f1f628d0ab8d8ce

SHA256
772d42aacaa940ec5ebe977a55b620b236d876c0cb4a569535db43cbb4e295b5

SHA512
f4700fb3f1173cb3762af7eb3cb34155370e09268fd5a449abf7f77a68efc86c758e69879acc96f776326850dbe1f296f9548f1f2b3bd19e55a389e61c2ba7b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

Filesize
172B

MD5
8c7b38d7c5aa5f2b345548d3043d6952

SHA1
93b210603d60b383eef4af808dbb6ca2fdcdbb0a

SHA256
bd899d60f8b4f33005ab362f05200030da812b4ac8e82dcee42f27abb5ab326c

SHA512
1d59599ae3ae40dc28779eb7c3c7394d9a9e5c60c7972d7e46c56109f3eafae48341cde3cfdd153a18d7a9d381e27cdf9a96312bfd032b2feb91a2368001b8c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\f01e5581-25fb-47ab-9480-52a1bc3c9a2c\index-dir\the-real-index

Filesize
2KB

MD5
9a72eeeb21c5de658999e112fa4b13d1

SHA1
f870f58cd85f02c02d84353e29ac57e79f44f782

SHA256
4b0b5a4a247fbd6c79121585f036c8913ad6ad1e081ef3ca57d37d4c719df554

SHA512
9ed1f91205e1d203b70651d26443ae48c04a437e3d4ec28ef6d8558e3500ba0c52c3e82de60ae40deb7c613dad083a6014650f74bdde04d6c3c77c6e37fa4c25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\f01e5581-25fb-47ab-9480-52a1bc3c9a2c\index-dir\the-real-index

Filesize
2KB

MD5
8e0ec86532d6322224253ca8f5421001

SHA1
9851e791f0a250a23b6a8499636265124102cc1d

SHA256
40a52a65462f2ae180eb15671ad4bf1ed72a9b054153b71a6e498093631a6e7e

SHA512
ce0caee6e5ad0a5d487a52ed6e2dcaf0c786e663914fb004c9296b17df183a5716ea88d804d4d117b21458ccd11a8f5b46dd0a8b81b6e10793b27c492c2635c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\f01e5581-25fb-47ab-9480-52a1bc3c9a2c\index-dir\the-real-index~RFe59214a.TMP

Filesize
48B

MD5
13579640d15abdc093950c6e711b63a6

SHA1
ca3dab7131cad4f7cfc27ef596e5f9cbe62d7be5

SHA256
16cdf329349e4024d3f778e7e1c637e5acf029f1041eeb84c387bccb97100b9a

SHA512
fa3df5bb16bbc46d79697fa4249aeae984e373958b19a5fbfd04069106cacfc82b8e4f2896eecebce65d9dc6cc729f006fcec79242be1c3cbc2ac657411ccfa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

Filesize
93B

MD5
61a258134f05b354450c56e468cf9c48

SHA1
4f40631abdd6879376cbf796eef01acf1c8e80d6

SHA256
bcf59ecc1d3b97fdf10e4a0150c51d07db2b9ce42a7c4634b57e7b39b87570cf

SHA512
ccd7390d47fa71aa1aa963c927f2df5b58d9a23f1f3e0843f9b0c4fbca55ea115623400c55385c93e8ae02d03e38fdee8c1042cf6d437699c2eb8b88a004ff92

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

Filesize
89B

MD5
80b4e265ff6d3c83bb1f4514d13ea1ef

SHA1
215ac44357a94cd1fe741950058c3ce2b149783a

SHA256
e5c1ce4e873d6c417dd31dfbc1988a4b22d4fdbc7d77e1c166ae47ac4b87004a

SHA512
e7755344970cbe2ea6b2b92b496f446366488f32bace38446ec53c7bcfc3c138ff9a016dcccf3d018b72050734c213f83e49d73324e42f75260eb676905ddd53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

Filesize
89B

MD5
7a23e1e90955e3493d512de81847a95a

SHA1
89e7025beb226a78c4c0f6ceb6ba8fb58701c3ae

SHA256
f801835324080cf2679339d7223383e1573b2a086a9725ef482ddfcea15de176

SHA512
8315c2dff8a3e6dd02d6c6e5c599642e18cdde501e6ba7d30d182c17e8e017c33c8ce9eb1e9d7d92435dab08643e09ec3b3335b5bd054cc480ef17a5f94b4aa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
51bcca21fe37e98f2e73e068b4fefce1

SHA1
67d74bc31821e3bd0089e81429f213870bedfacb

SHA256
1cfcac660760816fbf943b767ae2b8f8df251a49d70b73142a65d9802f2830dc

SHA512
3f250866af46ea1093930e68a0c003abd0576448fc14a0821a9341f8980c33df61428e3af99b3d661b42bbde2e6a1b594422635a784d8643490b1ee9e780e992

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
20aeb80305957cc0483733263ca7ca54

SHA1
cac9f989bc72fe271abb7533123e1ed9963cbd35

SHA256
2bdbfe96ae47b70f6ad2f9a4aebadab10a41aa8fd8a5a5fa96f155284f6a1bbf

SHA512
b1c0dd89603d75ae8a13b0777d984bc988585cc525ddb3006eb3d24f6bee256022d948aafc2f836ce6da6df889569fa5262229225f47bf1452cde3df23bf9add

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585a6f.TMP

Filesize
48B

MD5
ecbc79b80ae58bef8d1e3ba986c32345

SHA1
4f395d65187162f6c486eb60ac0e6516804725b6

SHA256
b609f2445a25ae9c50b6500474c775c1b90b73acc08c8275d5d3cbc4e54f5c22

SHA512
4e3117da3faea8e1294ece4528b97ff133b668570e84d239a7cbe1191f8cc716891f37cc347c21920768da4c2bbb945d66f20c8dc4a949bf04f90cf012dde391

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
857b1f524e8439f511bb9b5c7aaef1d9

SHA1
756335e4518d82d0ff2154ad9ed74723e22a746f

SHA256
50d8f5886ef3209204fee2ecc764daf3f469c4241f68633e9440be877448fb5f

SHA512
01eee25dc5cb69390d4b40c1780798aed4f969e1790b8264c0adcb33086fff962e840ef722b2664292bb2472973c8caec2f32977c4057201008a00ab7b8d422e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
2e1c24c92e788077cbec3caee035bf7f

SHA1
d40fa5128010ede47d8e476ebbf96a0a3709e207

SHA256
2ee85bd688d78d48c5850fdda51ecb0144a612ef37247e5418fa60f1e2a3be9d

SHA512
96be3474c9b927fba8fb04458385afb1f27dec7e6864d2b0f17266853a60d889a53b15a5f2cdb3cb9c68d56cbb3448b9019cb8b801093e0ade33a0314efc96c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
ed6f9fe0a52a90fd1894e52d8927ea53

SHA1
4272513eacad644710dcffa82d18a8127ea30822

SHA256
f8f9214be043c419866cc0f8079c0ba4488cedd76c0a20b27fd47ee04f190cc2

SHA512
8242053468b4361e991ee57fa7e6459162e8755f4040536d1a208416b8cef1ace737669cbeb86083de6ec267c4c3bd75a595fdd9f7af2dd33759f5d039e9356e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
7eaad7b6161387cf0d629efd91754ed0

SHA1
3aa93c6fc332ebc5673cc1e1459179ac440aa71f

SHA256
9e2d67a4cdc276d541a7cb408cef0ab6e5676355d52b385009375ea41223effb

SHA512
64122baad3ba907d6cbc011795cb497362c26994a8244704eb4673f70612f2826d0b69d1b0410f9786dcbc5c6c0ec7c4bdf4b8d48dab577a324e8b93167c48e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
6256b720b25c53e033e789b107a9e1b7

SHA1
d68a71bbac8e1ffe25273a842a0593645b92392b

SHA256
0f48c36e7f00ef179f98d80bee8169a0172e6eef02809386db12e919c57e8fac

SHA512
97de432c97d387122ae7e3b052586deb0faf6546d20038dbe9f7e2136638ba2bb0d9db162a8adce59cdcf15c71a1e91d6d06f20f21ecd92dc5472361dbf67f15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
bc3316d1c9f9d23464425e455dcd1b52

SHA1
91ab3111b1f89ac6881c8c0caff8d3307b208a75

SHA256
f2b528bf49430c8a6e2c185c8bd0bc1048d03fb76df97e9c8fe453ae51ceca8d

SHA512
63072c9760aa9f57bb53ba31b5322108317a47e63329ce2e3b4a15d57cad10ad35c1464a31caff822e1ecd76c10cd97c0dcee5da44d8e0a07200bfdb741b38c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
24ba437899ab0d8759b3df7cc6a70eb8

SHA1
c09edf50780c75ad71b1c3a9f199295a850fbac1

SHA256
70bcc264d7d18cffa45b2d9439005c193561b89e307ac87e4d3648e6c24cb40f

SHA512
1cfd31d8c3350d8575229946c928bcf1e2b11120683646a3247be112357a2a290879af63180dad52dec0d696267a1d952035327f5aa5e7b91362ccff891d25c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
160528f30664a3d2cea8af7437753f76

SHA1
d3663a76014c24355a6933e50eb599e06f016a1e

SHA256
8498909aa70d571a6a0523ad86bd0a636126f075df3a22528c51ddcf20577762

SHA512
a8ce36bc6fc9b7411f5bd16aaf04a10d96728bb9b4d51a97eadc1c7629c124776231629b4e70a2073a4917150f4866a4b5d5ee977b8a0e56e13012574e844ade

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
3bc62e05bb32c97b55fa9d7bb1833a8c

SHA1
66381ee7d4c42a0748417699ef22689dea5a0028

SHA256
93cc0d47f01efb9688e5fc8b989e8f5a32fa05194ef9a7cb0eb6a08716d2ada3

SHA512
1e0fc16e29ed7e54771a4cb67f7ec63fe11d4542174a4a72d854c16ab8607a588da0dcdefdf4582a83ac17e4116968262ac5a4d416c0c3d50cd58b18dd4e6ac3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
8848a9d88647f38d6264aa8187cf68b3

SHA1
ee0ed1ea7cc453883d05f9b6bf3b4a504f2175dc

SHA256
52f5e0778ad6645b1216187ac30c9e553e86837e891f40b0e905d300fb3a57c1

SHA512
0f92f818e62dab2b72c75c26848bc0a5f2e0c649b14924c0f7f15217f3ba4efa4ebe2956bfc6a2705fa8a45d633757d5e5793779ac2860f3673f188aef47357a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
241596c44317ba048391af1ad2b45686

SHA1
c3c102d65c8624db17ef2b480e0b58abb6a0b0c4

SHA256
ed7c3ecdef8f12870a24e4552fa93864aa0557278d379a720ed3b003f49281af

SHA512
cf939426f880a964c6a2080f0f7d3343cc074180428c4c1e0a0e22de31ff204b147102a1cf2456bafe315a62cb689071b8e210a506111cabf0f00cd2d2d398fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
db9ed62da1d0b8fa44abf790867d691c

SHA1
ca90e9d088dad64fa8a49a5d91c6329074d52a52

SHA256
149a2f2081ed4b5dccac246c0b7656f3ec3d464b3d6b66ac3fea2184bfd4e6e6

SHA512
8ec584287b194382976787cf41294761d713ff191c970b65fb2f93ead0d72a40bee9b026b784c5d38b70c0eba1e48c18dc6769b8728f99e0d5499e520af17ee9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580710.TMP

Filesize
538B

MD5
5f5cd145ac4a421056df0fd763c64c2a

SHA1
acdaec85b7b8ef4a7a6a7ddcc73ffa4c13c173d6

SHA256
7445473d30970cb393d0d7eca2dffb1749b40ee098497ee04a885b077000b9e9

SHA512
07ca107274ec498150467457dc631de4c7f6fdb56addfe24d3674f730688fab2f19523750e5c1fea5ea36e3dd692ce85d222bbd7f0662948a5a5bf8fd8498862

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
6ab5de9caa9fcd75e22e2f0eb767a54e

SHA1
2245683f40729bbe35d03e7cd2f98cdc21425f90

SHA256
29a08763eaec0e2c00018d28404a3659d4e97303023f2ea7a1104a9484e0a182

SHA512
cdb046b2bf1aaf8b4cfbc4cf5cb1f1acee08622e131d68fafbfdfeeb88b58dc077ab07f199a8515a2eb9c6f2e54296e0faf11b70d27a39a16c3009a076d8f199

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit