6a3e68be30b640525accdadb9cb5b06b7ad0393e15967715d4273bbfc3d05955

Analysis

max time kernel
149s
max time network
148s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
30/09/2024, 08:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

135KB
MD5

365c15bc3dc66bf6d0a205dbf398e5d7
SHA1

546bccc81dfdaafb9a776d8d1b5e15535658f81e
SHA256

6a3e68be30b640525accdadb9cb5b06b7ad0393e15967715d4273bbfc3d05955
SHA512

9064bdde8d661f6d511cb990f932c31dfa6b7d39f893d4964ef73b263e47fd61c08bed9db8cdfc1d82ae9c4f07eeb31886677247cea9080089b555970bde508f
SSDEEP

3072:Wvr1ed9DZci7MDqYpEBoHSCy+ign/JVR9CNcQLvKKnv6Rsrw:Whed9DZci7MDqY+BuSCy+7967LvKKnv8

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
3816	msedge.exe
3816	msedge.exe
2088	msedge.exe
2088	msedge.exe
1852	identity_helper.exe
1852	identity_helper.exe
4508	msedge.exe
4508	msedge.exe
564	msedge.exe
564	msedge.exe
564	msedge.exe
564	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe
2088	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2088 wrote to memory of 1676	2088	msedge.exe	78
PID 2088 wrote to memory of 1676	2088	msedge.exe	78
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3868	2088	msedge.exe	79
PID 2088 wrote to memory of 3816	2088	msedge.exe	80
PID 2088 wrote to memory of 3816	2088	msedge.exe	80
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81
PID 2088 wrote to memory of 2096	2088	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff861733cb8,0x7ff861733cc8,0x7ff861733cd8
  2⤵
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:3868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2528 /prefetch:8
  2⤵
  PID:2096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1616 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,9166140523763174196,17370368313173654519,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6708 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:564

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8276eab0f8f0c0bb325b5b8c329f64f

SHA1
8ce681e4056936ca8ccd6f487e7cd7cccbae538b

SHA256
847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da

SHA512
42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
058032c530b52781582253cb245aa731

SHA1
7ca26280e1bfefe40e53e64345a0d795b5303fab

SHA256
1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e

SHA512
77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
76KB

MD5
588da3078c09c972237d966a031afb6e

SHA1
c1d759574267404a270da741f078a708f78f81d3

SHA256
e380e7098b84fc032fee6d34ab529e8fc7e2ee0841ec1d9cbc4b0d47e9b37a20

SHA512
b9ffea314d352ef543562c8dc10ac6ccfa1013515f36a85417eb1a1f0cfeb12d80be7acc9ffd8ee968cfc543cd219e69de083e4cf15ea4645ce65ae112b513b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
92KB

MD5
2d57a6b40e2ad1be5183697b951df496

SHA1
d1f6b8efee08c542ca25237c2434f2c429d9f8dd

SHA256
1eabf012b7a9b6a06b42b2033b0ce5cc7ebfbd2dbe2e9413e27ee9212bce2a64

SHA512
2b10fb420f65dfe99420f656a4432fb71655dcea72b3fb67d81499c15838486b9f358bfa4e5738d0547d91926ddbacca437e96ce1ca0c95d06991d2752d54d1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
70KB

MD5
4308671e9d218f479c8810d2c04ea6c6

SHA1
dd3686818bc62f93c6ab0190ed611031f97fdfcf

SHA256
5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a

SHA512
5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
394KB

MD5
730a4397e9631e01c19bb7dc28ba0acf

SHA1
672feb00102b0adb1812b125d07d2bf287512f58

SHA256
aa6a27c2e0a4905a2f58bd5514bc4c0dbb9f8430815a5efca93081a89e4107d3

SHA512
45faa9d830e62559a91e10c2875e4c42b486ac828a6e37be8971da5720256adb4ccc0c330358637e719d9e1ed7a90ac0cd3b0e6762c92955bf7ecea5b4553d05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9d5b5e0f1459d12230f0db799c73e34e

SHA1
0d09863dedc5b2b809e3e49ed26ec577e0a54d77

SHA256
03f1e0546dc61f5f5d0a8c6aebedeb11be7f5adddd1bd9669955a16c7be5b90f

SHA512
9b7941be2510b9aad7f30fc470a2e380cb480fdca21b2d906f43429572f204f2b5dbaa25e2bc2756741550633137e0342177349c9f17326af64435a8ccb791bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ceaf64f7de3475af6956f24548af1627

SHA1
766d202b0d93a2311c48e4a17871d91d0f4e0a4d

SHA256
799d9a838cea72d2b7dadd15b285cc133caca9d09cc1f2dd78b69f9fc8a9b227

SHA512
bec6356ed117bab95fb4aaa8078572a6a060fa65c02e520694da72cc592672821d87748dc84583846e3dcdc9ed618d6018eabe8042d7b9bdd1da468a112652c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9d68a243323315f3a82613db0322d7d8

SHA1
0b984e1137faa1e8ae69e29a44dad5e9ba746186

SHA256
3bd862c00aaf9d3025fa7d86807b17e8c106a9b54f954e5b86c0c66cecc70f16

SHA512
dcdb4df7ab3aaf6ab6aa83a9cdc9b3a0185944480af232c94ed2a8d24554ca95e998565de031b3a5b71ae2fd344341882319346a3d170bebe123b6786ab05b40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
958B

MD5
234b4e4894b02d77d1b5ddff180e79f7

SHA1
b7ccdb493f25c44c80e991ae978a7b07d3353d61

SHA256
25de150ff6e5b4ef97458d58aa6179ddbb1cd2d62cb29f5b22eeaaa4848a4b35

SHA512
1473e61a29626fd1cc05befdf3fb6786660c346d51e19a091eca966afac21bc351769969cefb759389af7d429ce05eb8088d873dec860f0167942296c5542aa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
958B

MD5
3f3bbf4379a82bc51676085991c152ad

SHA1
49004a47f9b3b90106df6fadd3c418ce8e5689e0

SHA256
d9a6f6ec8c560a71a554c20fefde24f09339ef854cd3c1691f9cd973c89d885d

SHA512
f789fd10c69636f66f959bbce1db05c862c98ff7be1a0c891279d9f4c27e1040148971ba921291f9d5d4b5b12faa9e0c0888fc17592bdfe64571015de11a62f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
cd2634d73d9283528161fd8dd49de9bc

SHA1
e414096786b15696c98e477ee7d97c6d175abc9b

SHA256
76c8fd6e05147d48cbbe1f2a8a43c338baea99bae27e1ad5dfa5b068c9251d9b

SHA512
b4f1767575c74e6b1e7b91cf4b5a2909ec5d1d28b9fbc08c75b8173269782f84135dd3d222e4439e8ee9ac4d363ff721a0a5379a88ba03c9fdf43b8712ae7f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
95ac436a73abd9b644cddb19e3bc2622

SHA1
e9b2991e01168367b7d6ae3b2be62834b22901e7

SHA256
af81eabfd648e3a762f0dca2c25372e67b387be4db95ab2958d7ca604aa4f853

SHA512
568d9da4aef827404e7ae908aab67e5cb701dbc779da9fa9a14edf2beb79b9a9bb425625a5784bd72a05fd3a95491d092ebcd0d6e9d191d3b7efaaeac438736d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e7b26eb12fb4b178f76524f6ae57350e

SHA1
7a7e65b9e218005bfcb3520677bf0aebb3c5986e

SHA256
6a2d124911cabc1e6f58f7835b75417fe0edb3d7b72befa2fd66ed3e245752bd

SHA512
0e76ee9b3652d7326e8c364f72eeba1e466a94acea6c2e3bf0ce2947cdc394a06e4e9e1a02f9f61c5567054af3bed2cd1028e8db0e76d680906e1ee46969a8f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dd8e43e5512170ee65533e2c09eacaa1

SHA1
f9d168a0496d4023b3b139222cb446ccad2ac348

SHA256
763c0566b0a473ea469a53dbbec37091e4d4708114029ad635c4376f3ae5ff90

SHA512
0638e444d561740327c99e8a38bd286611256d8b3e8e7c40358c48ce97913e3f8026ec3e463e2dd65df05f8887188bf216be64101b6bebb8b55688bb9f514f40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fa81880ea45163db8c675afe82d0dc6a

SHA1
c193beb79c8b99745e6f19f832ff0d75941d668b

SHA256
5fdcfb294eee523330320f1394e40e5af045ead311fe51ee0d72b068a0476824

SHA512
3ef89462d478d0c402175eda447f9cd03e45ed48f45844e0dd15ad093d47fc79df8cbb3eead6e9323b7a822b452ce88e08823bbada607276b9679722150affdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b871bf8ce3a584fa12f7e4ed6ddb382e

SHA1
076ec7cd015e9b66add16170b35d1079527de1ec

SHA256
c56e2f2c4436c60972c1c79a0d5586b915d23067e3b7d8f382475a1099063bf2

SHA512
30a558dc56ac655e020e322c14f2044d664fd88d2a5905a6c23b7971c8a3853864a48f7811007b1981889b61950dc88fb1a447794f188664f5a46065085a1f96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
19575de2f4f207cc37ece6d3f65a7073

SHA1
814411ed546f1480e5406488d60de7714ea01805

SHA256
a9bf51d53d6415b31af0ad712caa4599425ceb109aac8928ab10ca7a58b73a68

SHA512
462da0635936782356f54876016addd7c22c87b3c0fc659716e663aacca1742c09863ab69630a79d109c63f48c37761d7cbeb022d29514d64c964cc5a4525271

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
12ee3cc048c0911d49f52adb47844905

SHA1
806698369d28222c394c2da8fc9d50930e522af5

SHA256
bed36243793a2edcd7f935694af32df55d6fdc7aa27305d3d497f4941f3a0a58

SHA512
9a6b656c3a2fc4d98d4f5c8fd5243890cf84e03d34eebd6866866ee631de020ab4c2e869cf73288dd344022884aea80ea667913843a18f6ceddea36b35228c71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
7778320f38315b27b4559a34fb049e68

SHA1
bf9d383271986c7684af030ad820450d54c32bee

SHA256
59054291d5cd66a11a70104f2e7a6b0fdff9a428dce3ac15c5cf8ff9d035e01f

SHA512
66f529936088f1916af94aae1f27ff03decc9092566399ec28fe309bfd32bb2b99e978c7dfabab7ddfe0c83ac0d59cd8302fb346ef0b46a93c84f253a8b21551

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583bac.TMP

Filesize
370B

MD5
f84307021cd13b8a72cbd3b6b428efc9

SHA1
94d0d2f1554b55e4c95c5d88f151dc0bb36d17ee

SHA256
71c895cd8b5da65ae106e467f96570990791ccf31ef665ddb4297cacdae98be4

SHA512
0bc0dd7cc9b8df327184db85a8d40dc37779dc5aa281f8854a12822dcb88415aebeb15ba037808193e82036b22a3da502fd098902eef490681e257ba01d46ce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
393586b44a75a930d21d2930bef50037

SHA1
1052c1f5244bf13ac5dfea8490e8075a6371ce82

SHA256
514eea80f2093e99b5f4fa0e6e7228b5eae6c537ea7fabbd81bf52d5a15217cc

SHA512
a4b6a84f6e9c6c2e79fb9595407b274002488cb2551ad18c6f838cfad0d9e6c2a0c54b40749ecfcb1c6990b5d8d4051a229f54aee2f4172b1d1bc87cd5e0ae92

Download Submit