5c0a7244b2124d7f56978b715b6f8866a7a25da7e1d8e231e2b8aa38c32f2959

Analysis

max time kernel
145s
max time network
144s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
25/09/2024, 05:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

watch.html
Size

795KB
MD5

f14f8f395c7a47eb57233baa68d9dfa3
SHA1

ea4b9c2fab2a0bfe9260ec661c7b1c515bc4b528
SHA256

5c0a7244b2124d7f56978b715b6f8866a7a25da7e1d8e231e2b8aa38c32f2959
SHA512

7487b09e047108ddf6eac933554e4056fc0474961a2411fc70c0f992e3af88d1a483f3502314e940d4606618326b6939c611489433686940aefbe8025765301b
SSDEEP

6144:fYHNkQNk8NkbNkyNkhNklNkLNkCNkaNkaPBUn7MWHDRfL99nqcWy6obRy155FZSU:fSNTN5N6NBNINANMNxNjNZPa7opkFg

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4536	msedge.exe
4536	msedge.exe
2380	msedge.exe
2380	msedge.exe
2596	identity_helper.exe
2596	identity_helper.exe
3536	msedge.exe
3536	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe
4884	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe
2380	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2380 wrote to memory of 484	2380	msedge.exe	80
PID 2380 wrote to memory of 484	2380	msedge.exe	80
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 2348	2380	msedge.exe	81
PID 2380 wrote to memory of 4536	2380	msedge.exe	82
PID 2380 wrote to memory of 4536	2380	msedge.exe	82
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83
PID 2380 wrote to memory of 3856	2380	msedge.exe	83

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\watch.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fff55523cb8,0x7fff55523cc8,0x7fff55523cd8
  2⤵
  PID:484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1888 /prefetch:2
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:2404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4092 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,8365789088238656125,11997830737303673365,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3136 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4884

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5008

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2236

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9af507866fb23dace6259791c377531f

SHA1
5a5914fc48341ac112bfcd71b946fc0b2619f933

SHA256
5fb3ec65ce1e6f47694e56a07c63e3b8af9876d80387a71f1917deae690d069f

SHA512
c58c963ecd2c53f0c427f91dc41d9b2a9b766f2e04d7dae5236cb3c769d1f048e4a342ea75e4a690f3a207baa1d3add672160c1f317abfe703fd1d2216b1baf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b0177afa818e013394b36a04cb111278

SHA1
dbc5c47e7a7df24259d67edf5fbbfa1b1fae3fe5

SHA256
ffc2c53bfd37576b435309c750a5b81580a076c83019d34172f6635ff20c2a9d

SHA512
d3b9e3a0a99f191edcf33f3658abd3c88afbb12d7b14d3b421b72b74d551b64d2a13d07db94c90b85606198ee6c9e52072e1017f8c8c6144c03acf509793a9db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ed78ec729f9597c822cffd1892059e8d

SHA1
800451ba23230448e34ab3e4f7da13f62c938d87

SHA256
a636e821da606b99eb0aae2406e57d87da365130f8c0e36549c98f857a1b7081

SHA512
7073da652aa8e00ead4dc647aef48b620ec7d7f20966071f2f2d5cff6108341d30f4010830d42c1dbe56a0b47137a91ea94dc94a8defb30095dd8d081c7c2d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
90ed3f7196a01251e556b270f9d14990

SHA1
32d63dcc4849f2a745cea7dddc17a5ea2d28a080

SHA256
27f12868bd73bce0261fba9967aa48750d0a4d4b5f24e38e5d357f16fb8ea510

SHA512
55280f1174085a5490e7209957e11b43bc5c06451298987ca52ca2feef33ca4c02c9478af4ea5093bf58c556e12e5d1c99de58cc5bdd27fb38ccf352c19e9ce7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e77eb5b6217dd3258457776632df0cd2

SHA1
d4d80f8e59cffa5b51e5339d9b4f1e9dcde39195

SHA256
686da0f22a878adee1ea7b5ce79ab64fff429b058b22faae02a0628b945e157c

SHA512
4baf14244bcea931d487fae88d43bf7a1aa9ff87305388019e51081fb741ebe45a0fbad865b62c6fe06499027a745fd82c92d972c925e7fbbd3ea5da71ee12ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\b4b14dc5-c2ac-41e2-b157-8082b89cdb6d\index-dir\the-real-index

Filesize
2KB

MD5
05b7bd766b66f261806ce6e2379351e6

SHA1
1d43fe761bf2b44598de0ea495fd001f933e09f2

SHA256
5240919e7dd2d47f8e6fcf2ac52d2015358cd6fa2dca3ad09a98f7c8202100c4

SHA512
1ddd8afca62d9e91bf9c80bba6fefec584ece7aae2c54f15d2c1c6af28c04c135e735518d5c124caee6c82316ce46603703b0fc998953ae33f7641100b01e94e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\b4b14dc5-c2ac-41e2-b157-8082b89cdb6d\index-dir\the-real-index~RFe5815a6.TMP

Filesize
48B

MD5
c74d13797f8847c3750f9db1f5a1cd5d

SHA1
b10f728a5a62b507687cd475f0b0af58d30c505b

SHA256
818c840142de41bc9facf9d29ca8f5b0d6c088d062cb993584cdca94b08c82f4

SHA512
21824e5783fd6966ab02ce48ea834e683837f93512a0eee8d6944cbc8f355656ac037cf4aa86c79564da7dceca208ec1b782e75c22beaa8d5c258c7752c41f03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
73B

MD5
cb039ed99ce8085d7396cf4bccf3c33f

SHA1
902220d419ebad833d52bea150ecab37cc797bc6

SHA256
9fd7dfe544ed7d25445546e843fe010c7a41c48a2aa8b930556bba4d66ed1c3d

SHA512
a53616eed768369f1593c3eed4b5f2e0dac362bb5d525425b32ce50ff0a12529705db3aaf509cd31e1cd27085bb81e633d6edb4768ccbe6ec1bddeaad919dab3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
130B

MD5
0d333a780e20e26d787f8b91bcf51efe

SHA1
16f27a1adb54d0a29410bfee48d2b176a7538030

SHA256
cf5ec83a82b0af0dddf2ef3b0efc1b07470186b98b651f1f4b73bb9958c8226b

SHA512
1ee8c1cbdf2360739a78d99db72fbb353dcbe6ba3329675756b8e07b2798f5e9ef5cadd9ae7d214e6f08173009ab32a6179d2039a01c8602397530048345c3f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
66B

MD5
b41d040d7781a4a74a5df74f4859576e

SHA1
e6c50a5ad95c02b6b221a9ffb5e3e1a4efc2d0ca

SHA256
b241736708ff03baac4e4972c07633036c3aa5720515ff574fe1ca4a49508151

SHA512
6e6c3935f31f26774f7280e60d17ad230d4b31980831b81c69848c4c9518413074b66fa943ad08c057a92d109040ffd7b0cdeeb9a75cde021f8d9567b487fa95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

Filesize
68B

MD5
502be26907e8f8cfc1b351fc8da7a596

SHA1
f76daae121b0c9ae576a29a12d29fa95e601766e

SHA256
b39c5987b5ac49a1158f994b2badbe20558c63d1067448c18f0331e4953b7326

SHA512
bb17a1462fa878b74642c52fa2d4fe7df8812c0a751b879425e044a063a0643e0cce45a1fc63d9ded055900ce46108c9af5910762a74adb4943aaa715b42c77f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\deb528e7-1959-47a5-a5ba-8c7b2fc4ca5c.tmp

Filesize
2KB

MD5
89a3a195c69850df933f838f076d9be7

SHA1
0f4663192b39b6d82062ac4c65c97ab41719a255

SHA256
1bef9c8bdec954aff6037d33757d392057a713fdf77b3d727f6c1c4dc58b096d

SHA512
465a3ac88e19c1115e890728320520bc97619d316ec62a14d69865c06d73eecb9a9cbe7f7bdcccf557ba6a5fa0845a16f97bfeb102a61230438667b97eed2e5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
d2e38ecaaf0274e8bc64931fcbecd4c5

SHA1
472f11d66720976c4521a3da1fc23629d45cd80e

SHA256
52dc70a998c65d042a911b996f0d28a56371b24e33bf0c8ddd72f737e364c51a

SHA512
2633cc0ccbc0f9d08eecefb668879038fd1fb37a65d01bf930bdf2912472b1fa3e7ed1aef069a2812f114e378ad13249a45d408d354c24c731e2817957938f6d

Download Submit