2064d0c06709478dd0fd1f7026c53fdf3e165193ff2a0bc26a930ac7f7cc27b9

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13/09/2024, 02:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

35KB
MD5

de0ed9f3035e3f011a52fbc4cb7bc462
SHA1

bd5b3be99e3c9c9b2306f54f52529ce79f7e633e
SHA256

58cf327adfe96dd0b477ecf8f849710fe3ea37b5cf5325296d8afb0a4884206a
SHA512

d39142bdbbc5d5037ccb5e7ea14f011f0a6391d40fd4d6eb7ac5f116db56d4d541601fa90be7a6ae4f6568dcd9727fe99f6d6981692e4cc0f4425edcd6b83131
SSDEEP

768:kDbjKRgy1enD70cY/jx/fxbHonwod9TGE/1/vOqVbpQ4xPV:kD/Sen8ca/fxbHWHaENvOIbpQ4z

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
940	msedge.exe
940	msedge.exe
4844	msedge.exe
4844	msedge.exe
2832	msedge.exe
2832	msedge.exe
2832	msedge.exe
2832	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4844	msedge.exe
4844	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe
4844	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4844 wrote to memory of 4324	4844	msedge.exe	82
PID 4844 wrote to memory of 4324	4844	msedge.exe	82
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 4072	4844	msedge.exe	83
PID 4844 wrote to memory of 940	4844	msedge.exe	84
PID 4844 wrote to memory of 940	4844	msedge.exe	84
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85
PID 4844 wrote to memory of 1008	4844	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd183e46f8,0x7ffd183e4708,0x7ffd183e4718
  2⤵
  PID:4324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:4072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,16746967644973763023,3803699056154161840,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9176 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2832

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3408

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ff63763eedb406987ced076e36ec9acf

SHA1
16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

SHA256
8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

SHA512
ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2783c40400a8912a79cfd383da731086

SHA1
001a131fe399c30973089e18358818090ca81789

SHA256
331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

SHA512
b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
92KB

MD5
e93ff52cc13b4a793c613bb58b94b5fd

SHA1
28715efee382e2adecfff7abd98059bbf894fd07

SHA256
24cfd572d2c9f2d792330b39c40c676ba13db52911d5e8f69521479a67d91c25

SHA512
4d48944fc1164fcc8c65f435dc5d03ff8a26549bc3a4534958591a597f8dfef4957e95f2546c4b615f95756f39f8e34e91fa2c2afd58427a7b0ecd7f9e24f9a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
82KB

MD5
2f88fd6236469a3d4cb8471e8b5ed185

SHA1
a0489f20eedc0acba4aee7cfb21d4979e1e260bb

SHA256
c7ec29654148f174e8315276e093621489bdbcf9c92921efdbbd4b5e348a1b49

SHA512
2e816744f4c74bbccbcdfa83a67f64464702a572150a98bc2a49ea039376b8b6a55e5d487164fa4a424fd17652bdbdca4c778aa3d3d7efbde509454fbf15f475

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
550KB

MD5
c2c5d909e294173edf8db49575c34320

SHA1
19b6f327a2092e5b4b4741c53cd5a4a6bdf50875

SHA256
3034b44c4ffc2afd2bacfb643a647ceaddd854539951ba18b5d7f238bc719793

SHA512
ed18936b3a6e7adcc6a3e50d655c2eec2ef5c937dd23f3e5cb796e18871e8f6370e2955ee8ea7d9ad3863f3be20e16bbbcfb7ebc5b7f04a8cff0c7c0e21349e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
509KB

MD5
f83189f2e765c4dc9734be1840f22e7b

SHA1
3f8b7bbc476d608861b966da3556ea618ea4a0f9

SHA256
32102ee6aaa6181c8b850f649cc30556732e0e21bd9e566a7d6bf913fedc2a65

SHA512
12f9d9aaca1a8ea5d72455a5c1d5f750166879a3944f8f12ab815c14d12ada64195ef8c534db0d749cadbbef91e86267c3313c0a4d9e193a1ab1e9d4e3af79e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
38KB

MD5
f4ef7f1891b7b0d1fae872ddf282158c

SHA1
5006f3fdf03185c4d4cd126bce15b93f60fd6c30

SHA256
b3bc2b8ffb158a9bde4ee98dec4a065dc9e1bf1d4fdfbb2a8c18e05dbe5082a7

SHA512
daa2e57d79d8b985786830aa1646bf008a9e771e686e7d2552e4bc96660e5c7e073e2cfe13db47128f74401abf888d7fb8eb5e00588fb71c8365d3c0483a5f3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
56KB

MD5
cbd3ad74ce7288f60b24a2c5f461c3d1

SHA1
b3cd71fd4c301b7485959e199548b41145b23b67

SHA256
b1faad8f1b04a3c6be95be120b5fe82e8e0cfc7281724a1a5be99d625eaa7806

SHA512
24884143c28f36cdfc7d300d7cab256ceabda5c796e7ec52f124f33193c35cacf523416ba3c77b774987106fe64b0303b93c22ff5710e7576c0534c95db3496a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
45KB

MD5
e2f365af09afda992ad3536908758256

SHA1
9ee6a65010a32f4c8e2abfc1ac28ec11fb90e4c1

SHA256
dca99f756b5d6544531424cc098916f4935bcc15bb31f5d5865a8bdd104c539d

SHA512
b6ae185119026a3e9e11f40eeaa132dc27de90db788a9e2f90078c3b4c61d73c2b2127131151824761fccff59a4c20432384d462ec6e2c9c906a07a21759cd07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
50KB

MD5
1c27a242a8b2f0235b730045ca2662ac

SHA1
5a990fa22aa4bb7c22b8e072970ced157891f90e

SHA256
55d2b6983ecec522454e92e1b0b7f808564088deba875311250df5886886838a

SHA512
989d17851d0e7e1d559edebd269c58c99b95f0e77f017c712624d917577900fed58b824bd392762d9d85bd5be16a67cf79792c4ef4ab51e5ce87e8be3c774a33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
38KB

MD5
455a7dad1d255786938f3b2c6125e7bc

SHA1
e01c4d9e847b5a07667dcdf0e7d3561bbd061ebf

SHA256
81c3fe186b1e361c1382a3975ea880cbdadcf9280369235e5c6b280ac0ea1bbd

SHA512
ad725f5d2ad8fee2f9a5e4a184593bcc5c8dbd0c3b0303f87d06a386dfc1d8366fb8586913e21619f677dc71cd04d5f152cc0c5d5f3064bb5de3f1b30bc01647

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
132KB

MD5
b1796c589b111233f946ae5123b38fea

SHA1
c4e80f583f19025c279c16323f58c198aa18b9d1

SHA256
3b8ca841ad1632926a4f8665a00064c4a0187161e95e36ccf9bbb5adbc92f993

SHA512
20f439bac21d8b5f15e07abecc873e53a7535f11c318c81a2c719ccfdef7ea1170740495e28b359a3f457f9235c806782e37351f90356497b52a69da4a4b79b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
138KB

MD5
342606b1563ce3d37730a6cc547ecb69

SHA1
1665faba1b3469486fb36714babf3a3683d2951b

SHA256
b5c6cac01ebdca190146753d29efcfe7ca7f905d2cbb8791f34af08e1b0f999b

SHA512
2cdb87a9b1ea6141f029b4f3755c922e15a3bf02c2f4046752bf122bf8b821076cbb6ade74dda0b0beeda87db07ea6c1ba3a4231a9045f246617dd64600875ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
119KB

MD5
7ba34579474696e67de824b1b1a27ea8

SHA1
5a2c768c374e9f9b4ff91fb5b3f3e1d140661948

SHA256
c27b738602cbcd6ff29e69939b3bb80c598d483fc2bd3234d3af66e85ba93ca1

SHA512
90013c287362292277708eefb90946a4295123d413a0f8a49338b4e020c4d89299e42ccdd94786dded655092a8328042a7e836854001e11d67d974f5ea2282cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
135KB

MD5
79ce83a2b8af7133aa9f3034f97a87c8

SHA1
4e48a71581d56f700a19b2a87b6cb528fed8aeba

SHA256
05efac76144863c4a33324d941ece554bd4755322095bc5a0c3c042934da0201

SHA512
430d4f7b599d63ead7e948ae901722e0d66f061070daa72512e5ac378fe7c642d9c1edb7186591be95ca86a434105f29ebb4d49c67d821d1c6890cd9adebe620

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
116KB

MD5
86252fee63b2527f132fa9c07f615a61

SHA1
fd056ee5389467f02d925858bcfcdb80b9e4f75c

SHA256
1566fb49f8486031006beffa5039c2b739201927d0f8a09a3a4d4e9249d9d39e

SHA512
f1364462f095005e19f4f546b5b8178d03df9f0243d9a2bb3f5e806e2546e655587473e62c4c76b7a4c90244d77c9d82b698396df5d12e3d3091ef5af647c961

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
42KB

MD5
2bcf799192e9a6ade46553ff58cb5da3

SHA1
4e237f38cbcd85fdc3bd4b97d5195b6b42d8d49a

SHA256
2daf974263efef78ce10f207a4678cf6fe9020fea68aa1c50df1c50e0e0a0273

SHA512
dcd8b13b188ab3663c2a1670f68de428b51be07c4526af501faff80474c596aa37fa61b19beee252df5acdf792c5594200a28ef7073eed5d967927c2159e015d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
199KB

MD5
bb8a580834a5ca7b35f432b7d4f51527

SHA1
a43d915a21df4cc7343339e242432ed62627b87c

SHA256
47282bff7fea740f86df049de90d35aa2585f7548ac03d910b02e0b966b0c2dd

SHA512
5e9da0bc3fb2b30cb8f1761a85e8a69541844ba7e31e07308f986a666fdb3e4846822a179b6aaeeac15d828d8b53a0e88df41e1950135f8de4d1eb844230084f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
52KB

MD5
37d9607531f68cdf6cfcb4b495ff5327

SHA1
94500e9f5cb4b277bfc1b243262fca041aad6a55

SHA256
925f87092adf2cf7abc2e817c27a47052482422f850d54a562a8f60642cc4b5c

SHA512
7c69c510c308fd0ee02407d26b636ba36a374ead101cada705e3d707076727fb4d8bf2e5306daf0bc8f08575b2a4af611733d996f0abdbe0acbf9e2c6fb2d9bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
116KB

MD5
96782363f2718af3675f52fa0ad84519

SHA1
99e4d6d0d01f27fa5520d8897b71e075eb3911c4

SHA256
b08e1abb47237af0162d53a091bc259921c9ce52dd7440b70c06054d6f709892

SHA512
0e7337295d79ad315c9f517cb9f5e3ae2dd906455e39154abb6b10182b8c998d6392e4bb14d63880a455d2dd548c2fa518ed3c2d89d20d739ad3f91c70bb0abf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
49KB

MD5
1e03ab2d82bd41a032a6cb56741d505d

SHA1
1633d6c2395ff4b65b2ddc75b3a8d0ccb398f7c5

SHA256
6d7735c399a167535c53af321001213c5dc0475e61e3757b629aa9fbaa160795

SHA512
4ed578efaa2d3ab9db4dcb776bed715fe17942119a8c90a0e513acc04f908f5ccf57d8881abd1efd19d0e3a0cf83e816a9d53a6310f2aeb6159dd3b60cb708a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
72KB

MD5
7c1ac7e5a07bcfb76d53ba35c2c904f6

SHA1
238a2df75dbb98aceaa0a5898509aa97f1ea0314

SHA256
2883a70899201f79967b8fcae6a2a956fb29c36af1f40da22aae13226f34f3ec

SHA512
59d29cf8c8e277159e4ffc6f9389bf8bf659ecef39b8e3c12d745300827e45db5cca976dc28bc395ad59cbe9ba82144be2d5bfbf8723aedeec290069896fa01f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
113KB

MD5
94098340fbfdb0b1299417e6090be3ef

SHA1
d091ed81012c82bcc6d2b635be3b3a487cca2a80

SHA256
668cbac91f7b292a8ffd830a8e904f4d938c650edb3c25af5522a2380ccc26a5

SHA512
2ee06105435ee9b3dd2ff94c2e6550fc8c24b481dc4cb148154cb11d6d4d8964476427d70e677db499942a7afe9e5bcbd32ae7c3dc07eeffdc2c4d0255f50769

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
41KB

MD5
893d7a83de51083bd49c0af325a99e9d

SHA1
64625019de30e9bd7d187f2dccedf90aea5e52a6

SHA256
c0de9a70d8092c2d7ef3ce2e5b6ae5e74293ccf4b6da60133c31440ea857e409

SHA512
ab13bfbd0fb211c7e561aeae01e3ae49acf5651705e34593debad8f70b051316472ff0c00e115b8184fcfd54d12121d685218a0b0bc7ff24cf75d6caace879a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
890B

MD5
b5fa38b41d52e0d708d5d81e336a8622

SHA1
4287895325f0ff63178fe99ea7df3b39ab72be99

SHA256
42f17ebdcfa892fbf8bcfc6443eb6cfff3edb873471f326819a64fc24bcbdc33

SHA512
52a245b320c93ad0a597617c1ed6d41a6de1ea49e0fb0cf59b1772b27831027bd98794801b1279c6c804ac1962a1b63110aab84c27298f8594b38e87288b092a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3e7f3d641eb4223e435eb0d0078ce7ef

SHA1
e3ce5654b3fbcd561c9ea32a24202087c57028da

SHA256
da048a47a5e22ca5803661583eb95aa03149aaa093a219aa170866f41c07936e

SHA512
b1ebdfcd3f13aee93e4c69a104828ec2064f3b3df47828d4ca52d6dc968b59415177286b2853a1d724dc7fae3ee4ef5a44dba610ac7d908e892d6014acf74c14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a91fef885ceb065a33105d07cb5541c5

SHA1
b08e39385f2cebf9788dd704f179bc920686b87e

SHA256
a6c19ee6656595769dbb3e7313ba250dd1ed772e97dfc24158c05e2f9e209432

SHA512
f4f11acfab8c4e959e54b860bc5865924e69500416fdbd3951f5703ba983364e1d69c4ba55b1e86ffaa30923e293487267c4c82f061639204af6561c1c1335b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
be6ad77d1742292d7d9f367514ab5a4d

SHA1
a71066cc347f5f316f7e406c23844b96d04416cb

SHA256
4bcde434da4fba1933fc7c2f655800ef5895926ec3a2ada82182aea3760ca780

SHA512
0659949d1c9fb6570bb0c254ea100886be7676ea9220499d69c74ffe52517d0c1e824ece9cec8cfcbb6fcfa28461d89d93a5848476c76d4af4ce05e1f91deb7a

Download Submit