710e01b5fdc4202c407236cbe008923cd4a4f73c07917c4ff2044f391e86399d

Resubmissions

30/09/2024, 09:31

240930-lhgvwaxfrn 7

30/09/2024, 08:47

240930-kqcqfswcmk 7

Analysis

max time kernel
710s
max time network
698s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
30/09/2024, 09:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

install.exe
Size

30.7MB
MD5

2be27a4a7ef8ba8858ab5ce8f016b441
SHA1

4c2f8652fe8fb2b6d062d1eda612a8d37b68c9a3
SHA256

710e01b5fdc4202c407236cbe008923cd4a4f73c07917c4ff2044f391e86399d
SHA512

bb5ed4b4020a69847ccd6ab0ffe52e80aa5a89419b99357d0302c64066f27fec678916235a675337209c4474b5b8b424a2758cfbed1bdf04190ec0316f68f922
SSDEEP

786432:bDRy04MPKIKQen6Dv53HqmgYJAerpSdHKdXNZbZo6Tt:bDZpqQe6DxfFcHKddZbZXt

Score

7^/10

discovery

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
2268	squ7F03.tmp.exe
1264	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
996	tor.exe

Loads dropped DLL 64 IoCs

pid	Process
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
1264	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
1	raw.githubusercontent.com
2	raw.githubusercontent.com
50	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 6 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	squ7F03.tmp.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DragonFruit.OnionFruit.Windows.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DragonFruit.OnionFruit.Windows.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	tor.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	DllHost.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	install.exe

Checks processor information in registry 2 TTPs 12 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Internet Explorer\Toolbar	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1"	explorer.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@%SystemRoot%\system32\hnetcfgclient.dll,-201 = "HNetCfg Client"	svchost.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 = 1e00718000000000000000000000c7ac07700232d111aad200805fc1270e0000	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000080000001800000030f125b7ef471a10a5f102608c9eebac0a00000040010000ac055e9e3619754a94f74704b8b0192301000000c0000000ac055e9e3619754a94f74704b8b0192302000000c0000000ac055e9e3619754a94f74704b8b0192303000000c0000000ac055e9e3619754a94f74704b8b0192304000000c0000000ac055e9e3619754a94f74704b8b0192305000000c0000000ac055e9e3619754a94f74704b8b0192306000000c0000000ac055e9e3619754a94f74704b8b0192307000000c0000000	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings	firefox.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "2"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-100#immutable1 = "Mouse"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "6"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WinPos1280x720x96(1).right = "1076"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\NodeSlot = "1"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer."	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-7#immutable1 = "Change advanced color management settings for displays, scanners, and printers."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption."	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\MinPos1280x720x96(1).y = "4294967295"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\MaxPos1280x720x96(1).y = "4294967295"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WFlags = "0"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\HotKey = "0"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f706806ee260aa0d7449371beb064c986830000	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WinPos1280x720x96(1).top = "72"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\ShowCmd = "1"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WinPos1280x720x96(1).bottom = "672"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\MinPos1280x720x96(1).x = "4294967295"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials."	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 0c0001008421de39030000000000	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\MaxPos1280x720x96(1).x = "4294967295"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2842058299-443432012-2465494467-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	explorer.exe

Modifies system certificate store 2 TTPs 2 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\FA3DAD67CB6D14729D21D76E175CC81BF11445FA	DragonFruit.OnionFruit.Windows.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\FA3DAD67CB6D14729D21D76E175CC81BF11445FA\Blob = 030000000100000014000000fa3dad67cb6d14729d21d76e175cc81bf11445fa200000000100000037030000308203333082021ba00302010202108ef7343583ea359e4ad83ec4b4768e38300d06092a864886f70d01010b05003021311f301d06035504031316447261676f6e4672756974204e6574776f726b204341301e170d3137303830373133353633365a170d3339313233313233353935395a3021311f301d06035504031316447261676f6e4672756974204e6574776f726b20434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c1b39cf0e12c75ba5175b9373e2e349bd88a8d6e6fddbaacfe5fb9ccf8ae4a768556623d01d0876095ae0f04deec310df0c76c03ef67c3ee3c9b52c7989a3d075d6c37beaaa57f08c4fb943712066a3caf43c35e3978bd95a8f08b7fdd4496125be0e9d61f9a1024ac2a17de1d67d23c3b1665843e4f8a38c276572d4952dbaa0035a8100321ba3b397096ab54939cd0e96a9fb5bd8d0be56911062de8ce2ca111964ea047601b3ba154aceed1de2c227ddd97ee203c32d05174d5135965e868f3350a5d7e8372a0d9a3abe7295124f22896542168bd19b4998c9f9af4bf7dcd66298e7c6ad8ce4bdd7336412be66a7d2ab06cce4cdcf0c6adccbc37c5e15cbd0203010001a3673065300f0603551d130101ff040530030101ff30520603551d01044b30498010b92b2f194344e108e8bdf4830e195ac7a1233021311f301d06035504031316447261676f6e4672756974204e6574776f726b20434182108ef7343583ea359e4ad83ec4b4768e38300d06092a864886f70d01010b05000382010100195267ba1b8e9efc94ae335a85f245dd3424d77f46485f5fc535d0ca63d94213d75c18398fbc47457b47bdf12014098b6fa27f748c81af1459b18263b406a82579b8552b3de32d8321c640b2afd01ad2ceef84aa73e2cb34ccc924f2cff0c367b1926e1a4816e6358467327e0d3ff0252351da4c17291d5a600b4c5c0d2cfead996a447fdeff7899a798365e7738b2f85384f225a7e52821f026c47ffeaa85541e8687cf2818215882f702211d28691d153e9e283c60fbe1553ec79fff93d79621dc73805512e98a0bce37125240ea14f5d83170e88d82ed19652ae840c1b89fd9160b4edcf4146bd67338b42fd7d1ac903f32afc4e5804748279407f1a19539	DragonFruit.OnionFruit.Windows.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\onionfruit.htm:Zone.Identifier	msedge.exe

Suspicious behavior: AddClipboardFormatListener 2 IoCs

pid	Process
5052	explorer.exe
5052	explorer.exe

Suspicious behavior: EnumeratesProcesses 24 IoCs

pid	Process
2268	squ7F03.tmp.exe
2268	squ7F03.tmp.exe
1788	msedge.exe
1788	msedge.exe
2056	msedge.exe
2056	msedge.exe
3180	identity_helper.exe
3180	identity_helper.exe
2340	msedge.exe
2340	msedge.exe
6668	msedge.exe
6668	msedge.exe
7016	msedge.exe
7016	msedge.exe
5084	identity_helper.exe
5084	identity_helper.exe
252	msedge.exe
252	msedge.exe
7104	msedge.exe
7104	msedge.exe
7104	msedge.exe
7104	msedge.exe
5708	msedge.exe
5708	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5052	explorer.exe

Suspicious behavior: LoadsDriver 6 IoCs

pid	Process
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
4	Process not Found
664	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 25 IoCs

pid	Process
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeDebugPrivilege	2268	squ7F03.tmp.exe
Token: SeDebugPrivilege	1264	DragonFruit.OnionFruit.Windows.exe
Token: SeDebugPrivilege	3288	DragonFruit.OnionFruit.Windows.exe
Token: SeShutdownPrivilege	5052	explorer.exe
Token: SeCreatePagefilePrivilege	5052	explorer.exe
Token: SeDebugPrivilege	3684	firefox.exe
Token: SeDebugPrivilege	3684	firefox.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
5052	explorer.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
5052	explorer.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
3684	firefox.exe
2056	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe

Suspicious use of SendNotifyMessage 49 IoCs

pid	Process
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
2056	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
6668	msedge.exe
3288	DragonFruit.OnionFruit.Windows.exe
3288	DragonFruit.OnionFruit.Windows.exe
6668	msedge.exe
6668	msedge.exe
3288	DragonFruit.OnionFruit.Windows.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
5052	explorer.exe
5052	explorer.exe
3684	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5000 wrote to memory of 2268	5000	install.exe	78
PID 5000 wrote to memory of 2268	5000	install.exe	78
PID 5000 wrote to memory of 2268	5000	install.exe	78
PID 2268 wrote to memory of 1264	2268	squ7F03.tmp.exe	83
PID 2268 wrote to memory of 1264	2268	squ7F03.tmp.exe	83
PID 2268 wrote to memory of 1264	2268	squ7F03.tmp.exe	83
PID 2268 wrote to memory of 3288	2268	squ7F03.tmp.exe	84
PID 2268 wrote to memory of 3288	2268	squ7F03.tmp.exe	84
PID 2268 wrote to memory of 3288	2268	squ7F03.tmp.exe	84
PID 3288 wrote to memory of 996	3288	DragonFruit.OnionFruit.Windows.exe	109
PID 3288 wrote to memory of 996	3288	DragonFruit.OnionFruit.Windows.exe	109
PID 3288 wrote to memory of 996	3288	DragonFruit.OnionFruit.Windows.exe	109
PID 3288 wrote to memory of 2056	3288	DragonFruit.OnionFruit.Windows.exe	112
PID 3288 wrote to memory of 2056	3288	DragonFruit.OnionFruit.Windows.exe	112
PID 2056 wrote to memory of 856	2056	msedge.exe	113
PID 2056 wrote to memory of 856	2056	msedge.exe	113
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1364	2056	msedge.exe	114
PID 2056 wrote to memory of 1788	2056	msedge.exe	115
PID 2056 wrote to memory of 1788	2056	msedge.exe	115
PID 2056 wrote to memory of 2408	2056	msedge.exe	116
PID 2056 wrote to memory of 2408	2056	msedge.exe	116
PID 2056 wrote to memory of 2408	2056	msedge.exe	116
PID 2056 wrote to memory of 2408	2056	msedge.exe	116
PID 2056 wrote to memory of 2408	2056	msedge.exe	116
PID 2056 wrote to memory of 2408	2056	msedge.exe	116

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\install.exe
"C:\Users\Admin\AppData\Local\Temp\install.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:5000
- C:\Users\Admin\AppData\Local\Temp\squ7F03.tmp.exe
  "C:\Users\Admin\AppData\Local\Temp\squ7F03.tmp.exe" --setup "C:\Users\Admin\AppData\Local\Temp\squ7F04.tmp.nupkg"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of WriteProcessMemory
  PID:2268
- - C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe
    "C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe" --squirrel-install 2023.1223.0
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Suspicious use of AdjustPrivilegeToken
    PID:1264
- - C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe
    "C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe" --squirrel-firstrun
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - System Location Discovery: System Language Discovery
    - Modifies system certificate store
    - Suspicious use of AdjustPrivilegeToken
    - Suspicious use of FindShellTrayWindow
    - Suspicious use of SendNotifyMessage
    - Suspicious use of WriteProcessMemory
    PID:3288
  - - C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Tor\tor.exe
      "C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Tor\tor.exe" -f "C:\Users\Admin\AppData\Local\DragonFruit Network\OnionFruit\torrc"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:996
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dragonfruit.network/onionfruit/status
      4⤵
      Enumerates system info in registry
      Suspicious behavior: EnumeratesProcesses
      Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of WriteProcessMemory
      PID:2056
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff807d23cb8,0x7ff807d23cc8,0x7ff807d23cd8
        5⤵
        
        PID:856
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2
        5⤵
        
        PID:1364
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1788
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2592 /prefetch:8
        5⤵
        
        PID:2408
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
        5⤵
        
        PID:1964
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
        5⤵
        
        PID:2280
    - - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5636 /prefetch:8
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:3180
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5820 /prefetch:8
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2340
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
        5⤵
        
        PID:3404
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
        5⤵
        
        PID:4116
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
        5⤵
        
        PID:3760
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
        5⤵
        
        PID:3960
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
        5⤵
        
        PID:2988
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
        5⤵
        
        PID:2428
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,17005035834991778260,9324549533274627807,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
        5⤵
        
        PID:3444
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dragonfruit.network/onionfruit/status
      4⤵
      PID:5332
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff807d23cb8,0x7ff807d23cc8,0x7ff807d23cd8
        5⤵
        
        PID:5324

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:3804

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
1⤵
PID:3316

C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
1⤵
PID:2296

C:\Windows\system32\control.exe
"C:\Windows\system32\control.exe" netconnections
1⤵
PID:4076

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:5052

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman
1⤵
- Modifies data under HKEY_USERS
PID:4332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3164

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2704

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
- System Location Discovery: System Language Discovery
PID:2060

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:912
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  PID:3684
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1980 -parentBuildID 20240401114208 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9913a86f-1b82-4a70-ada5-549f2dd6a681} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" gpu
    3⤵
    PID:476
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2380 -parentBuildID 20240401114208 -prefsHandle 2356 -prefMapHandle 2348 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {08ba63f9-5102-417b-9e47-47a3bb400f5c} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" socket
    3⤵
    - Checks processor information in registry
    PID:1980
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2824 -childID 1 -isForBrowser -prefsHandle 3052 -prefMapHandle 2860 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 1324 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8b331ff7-41ec-42b0-815b-65c0e8d6b88d} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" tab
    3⤵
    PID:5300
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1600 -childID 2 -isForBrowser -prefsHandle 3456 -prefMapHandle 3660 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 1324 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b36c15b-d1e0-4004-897a-c4d9301ce22c} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" tab
    3⤵
    PID:5472
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4572 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4584 -prefMapHandle 4576 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6f65a027-0c3d-4b00-b1e4-faa815c1ed34} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" utility
    3⤵
    - Checks processor information in registry
    PID:5256
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5284 -childID 3 -isForBrowser -prefsHandle 5260 -prefMapHandle 5280 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1324 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8792051f-12d6-44a1-ad63-a1c768c23bc2} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" tab
    3⤵
    PID:6596
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5396 -childID 4 -isForBrowser -prefsHandle 5404 -prefMapHandle 5408 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1324 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a3833a02-17f3-4280-9763-6bae2d173abf} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" tab
    3⤵
    PID:6608
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5596 -childID 5 -isForBrowser -prefsHandle 5676 -prefMapHandle 5672 -prefsLen 26944 -prefMapSize 244658 -jsInitHandle 1324 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7978bb4b-9387-40fc-8830-4e2bbf05bc86} 3684 "\\.\pipe\gecko-crash-server-pipe.3684" tab
    3⤵
    PID:6620

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:6668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff807d23cb8,0x7ff807d23cc8,0x7ff807d23cd8
  2⤵
  PID:6720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:7004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:7032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:7140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:7136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1
  2⤵
  PID:5604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4284 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3664 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:5940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5984 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
  2⤵
  PID:6228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6172 /prefetch:1
  2⤵
  PID:6188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:5360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
  2⤵
  PID:5368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
  2⤵
  PID:6444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
  2⤵
  PID:6512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6244 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1744,18377708478365180064,8548095796747505737,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6896 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:5708

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3728

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5660

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DragonFruit.OnionFruit.Windows.exe.log

Filesize
2KB

MD5
1a09ed6728650fbbb12fe664ecb8f1fb

SHA1
e20a139ad18402bec0564c1927cf9a2542351a6a

SHA256
6d399bd83143ee260ddd5f1e4e156e4f5c51e67bf2e66a70359851c2b2d51bb8

SHA512
75ad9c49da694e53cd94af3bd48e46b35ca890c9177e6597bbfc8fbbc18461ddd2e6e69f782409dac659f9516f8c6cfaeb09a46fad6ff74c59870b9ae9a00fb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cb0f4ae5d65be851d313f3ecb0980bcb

SHA1
248c99427b54d8fa86707c39d92540276b9ed2de

SHA256
0f70fc24e9118bea6ffc5c36e63610096bd4ba658feb8e93e8cd3a3dfc16ff76

SHA512
7195c890ef94269c545f1122b6dc9ee6fa2b3951c45fe0bace9c3c0710ee23974290c3cafe07faec586e0012e991b66f0b0aa84680032c425d8885ad1b16e17d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
228fefc98d7fb5b4e27c6abab1de7207

SHA1
ada493791316e154a906ec2c83c412adf3a7061a

SHA256
448d09169319374935a249b1fc76bcf2430b4e1436611f3c2f3331b6eafe55a2

SHA512
fa74f1cc5da8db978a7a5b8c9ebff3cd433660db7e91ce03c44a1d543dd667a51659ba79270d3d783d52b9e45d76d0f9467458df1482ded72ea79c873b2a5e56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
026e0c65239e15ba609a874aeac2dc33

SHA1
a75e1622bc647ab73ab3bb2809872c2730dcf2df

SHA256
593f20dfb73d2b81a17bfcc1f246848080dfc96898a1a62c5ddca62105ed1292

SHA512
9fb7644c87bdd3430700f42137154069badbf2b7a67e5ac6c364382bca8cba95136d460f49279b346703d4b4fd81087e884822a01a2a38901568a3c3e3387569

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
72KB

MD5
27c7f731dec4e9bba6b41964296519eb

SHA1
1edd20446722c729122938de17605a7ed79f1ce0

SHA256
cef450db5c6277c3f1828f9bc361f05c42627f288ae1ccdc093dc9c887c705b9

SHA512
456313ef353dd02c46ee9f1f15c8863108d6dddfafa8e94171844eb3f7c5c80b2cf20e1db7c9e44aa284e8ee6d3722ff30131ca4d9f9b902dcce21133f234463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
55KB

MD5
e07c8096b0b6479f4d9f733c42bbb6a9

SHA1
0f56d9f4674b2c228d4c20f8e60904e8aa95ab3e

SHA256
6ad502c64d0717dfaf0c731d5c3d1bb9528bf2911a5e1b77bff233127ffb02ac

SHA512
74f418112c5dd452486f78cca5ff630ae3d30918e69e9a26a90706d03c490d1d393a61ec462f58d55286cd63a69d154a77172d54d48e3c47cc9b0dca41c884d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
20KB

MD5
b2f8ca2c1255b3cd6cd38fbd1cc8470f

SHA1
f9330396e647001d02036b49162adfe6925b897e

SHA256
6de6f20c90714854e25e36288a4b5429835ee69a93712e033f09cbbeec823bee

SHA512
2746c4a59b5ed27337fa21f8e918adcc416717a6602faf80403505da4b513c4408b7c7cd4461fee6d26dc909bb215d3b19e6aaf5ed8e514d270a9d12665fac70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
18KB

MD5
c6566ce9bcce34d8553f77e37892049b

SHA1
2860a8773ac22ad13ae5082f59b87cbd743eda81

SHA256
4b790a6aa9575829b69a42c3af3bc2431d8f0e82697a275235fbe5f1264fddf3

SHA512
14620ceb5b0d0d145b57b5f7d3edf7a3e13af4d8fefc01b64936cbac39798f101848ce6751c94c2d28336ee147f3fb59aa6e417653fba072acf2131180b70e93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
70KB

MD5
097d34f59eea7565a1532ddd9e7b565f

SHA1
6b9407615b99bdeeed1e7dd6f1cea277cde902d3

SHA256
c7d1907a36e244db726e4ad991bd0b53a6fa97b3a607466f41dd55e889692711

SHA512
1755ca498612c5c1c0c73ff18b776fa13c07466e2f3632b1e69598b0e91fd1eb568846f9db14420834b7b1a8b81d984b1f38d18642c2370a2f4014aafda9894c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
47KB

MD5
8e433c0592f77beb6dc527d7b90be120

SHA1
d7402416753ae1bb4cbd4b10d33a0c10517838bd

SHA256
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

SHA512
5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
62KB

MD5
a196156b5af5fbc091d24e5c86e453f4

SHA1
e094915ce08178c23c9bc14c34a071a00ce34873

SHA256
09a83abb9bcbcda3eacb9d97fd1148aca00ae25f1858f793bd2b9647141f9497

SHA512
eac1e441b2079d2be74d8a606285dcdac331322a059b5bc0c0475de4f01fe1af26b574a306525a5684f2708a2cc8ea439444472b33dd6d9aa682b8aee69d5c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
35KB

MD5
fd8f098d971ba00509eb186d66c64bd1

SHA1
009503479a6dc94b2b2383849429436694879c56

SHA256
6f0507dbf7b13d328831e933c79ee942537680ef1e3946931d7466c7897c702a

SHA512
b91a62daca50c98587972c7373c1486aaddbe59e026cbf2230d0016d3f7f12fc46345abadd990d86b4d6f584135d2f0815694e1eaf9bcba44bbdeca4c0b1ea7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
22be17bc87adc5982fcbcf72226ad82c

SHA1
117075e4dc2751b9ecdcaa46eeff64ac73832a8b

SHA256
0f72a056b7950656e857c2ca9f6a266554fec675c8efabb9be7d3304f733bd31

SHA512
b2271a9cc64d6ed8e0ff5d8fc6752be2e0ae13384c45016c23fbe0cbc382387b7748e40c1f590f8965ae387cd4ac04591bcc8c44df8416ac8b6627d35cd8b711

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
e8b5d63daeae72d98c1475fc2fc23971

SHA1
caef73144edd76e37a4ecde856a9ef8c0dd6f25c

SHA256
d02d4ffa2bd30e0b85fa4000cf3bc7df0f666f33570d730ab1632ace13c4ab9d

SHA512
67b7903959112f33938181fe40893d100faae72e53aed958e1534b0f0f3ff778b895af423b3a47d9780998542f94529166892f1f63f64430aa333babb1395179

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
61164b7da8c842a040fa3b07bae02994

SHA1
8adb545d44af2b89dcf4863be38f9c893a68e1ab

SHA256
a9799264f05dbaedfaf0e1786c9d718c0dc295834adf74cdd46b40fd3bc826a7

SHA512
bb3eb57ff03eb805ea8998270f0402f15459d7cd7e2fbabb38c76f673ce493866bb83ddedf9b2a46aa8b86faff5e663879acd074014be9e3df703bf835b3ce00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
0c971d78fc9954a836b135f1d7a8b4c9

SHA1
ccfac611c3f670072610fe855235be27a6713806

SHA256
a3c0b8462864a1af979a964a9041022824f98366a0d0f5b70243872504770868

SHA512
df2bdc1ee7bcb35d4799c93eb4e1b2ba20605c517e45d201762c24fa5050bdad9100c782a6c6421bce7ddf52e7701a9c137f1e0f89d4387fd298d2a472b81039

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
860B

MD5
64588fd5c96dad4c8fef895b7e445821

SHA1
2e837fa4b6304858de6caf3cc0af5a7e18fae56d

SHA256
2f54894ea99aae1cc44389b0f0ff039f73c9fa67f2f154ebd7934727ee988040

SHA512
950f5a599d3cb4c2f657fda6cb217c63ad21773b77cde89851211974a2255c7b11286509b39ec0c3b0140d009c6705b0a86f8c4725d9c866d42512f43caac7a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
860B

MD5
a52779c0726e3b697a5cf3ebf91ee815

SHA1
95a91cbb0125352c714b67f11602503c447b61ef

SHA256
34dfdd1af5093910db8b5bbda6e0ebe8535935d76aa2ea8b4be177c098217d7c

SHA512
45173ab7036e5849a77f052ccc35fcb2767921e94468ae70d1fb3578d0884c23b9258744c3631f5b625d8ba0698a349efd119d22d9787b3e03b39513a56dfd4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1013B

MD5
e68b70b91a348e32d2bda7b6d7ec693d

SHA1
be5e7fff35cbd8afaa9be7f0ae1fde820cd26e7a

SHA256
758586e281bdf17a8c770356e7769849fc33ae8041737bd728cbb26865d95370

SHA512
94da92eb890c20dd866d7ccdde2230bd0582eb2fc7ba52ac445af3486f79a0061b15bfa141384c2d7ca90c92c5177dee336e5676d8a818a8055cda7e4bb48334

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
860B

MD5
c5756ea60588261c55d735cf1e02bafc

SHA1
cea63c97684f11947218f5c73a6bd9fe6a9ce8fc

SHA256
ac7659b40b9a34b13c858bfecb8113ec34877d3c8cd1205ced35c90bdb7b528f

SHA512
5ef446de9375fb568c5b9d647bd41d88a19d5c7c14675e3cbceeec01fbe283ee74846b9df742b79f41e5fd597e27495fc4903182784acba4b2b8e5e8f7c9461d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1013B

MD5
57d31604ebc11b7c9027df25e053c11f

SHA1
42c7a48ad0a6cfb904f22bc51c005ad7650364a6

SHA256
ca207a54a175cc5f567d5ff5f3b95a6c3208c937ccf2693de31ec3cfacdfc3fd

SHA512
34f464f49b340d0a5c16c70661b0d81d1638b82fb7c0009814a21d12d2e91f6b990170666a713a5443dd4b1cbf14c66efd821dadabf30eb2ad05d6a76ffa3823

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d10aec2519a971d5b6c857b7426827bc

SHA1
c4bff5c737edb7c96ca29e5c89c05330eb8e10c6

SHA256
c7fd3c733198fe8bd15d98c0701295ce76d04b5077f8ad2aee2857b90bb1a4c2

SHA512
9be639fe0e85979a2a24a4fae2352fe311d7b45f7c11cc8be71ac4d57fbc93bcaf3b57133fcf1643917f03347af6c2bea0bf21e370b3ba7ed29b436babe161f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
daf020defd8687a0c29aa2eeb18ff67c

SHA1
43594b3d16b886d74427ecfaadad97e1ec2ef54f

SHA256
54adde53a4b2e1a84c4ddc41f8e1c917a42d904d7d5892b3204c5cd7228b14ac

SHA512
7081de42cc6fb9f387e7c6b1eebd53d12162d184cccb423d6cc1a8923f87978367a78708542912baff7c7c5c85655683ebaf2418d009440dc88cc8818f03e8b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7b366b29c5fea7ca54c404f1be6eb336

SHA1
d842373f3949690c14edd119231337d65c8dee97

SHA256
13cf2e8cb1d486c94df7806aebdb3aea5927928a44d313ecf30b64c7adc5f5bc

SHA512
e97cd30346e8ea992eb065e181c0ade0de97648705de9afb2552acb84bb22e6f8a61341b6f3bc48a8d1e8a6bcae0018bba08e1aaeba7b7909f910363ac027176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dbc799a32a0374d0c4be3abb53f3071f

SHA1
e81cd3742c5d5a01ab95ee6bd6296f0907efb1dc

SHA256
832ddb966fc870350725038592b15d2f0c55d2975c5f7580dfd8f82103944df5

SHA512
501e82baf6a2a5cacb2760d658371db1786531445336cfaf2a5d79448d1c1ab50a9a957b06adfa8a78fe599559e64ee043f347a47802b0d73230f7b8c520d7c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fe3d5e55e4e2e838cae10f1924613c2d

SHA1
5877a9adc7c9edad098dae0bcf43585b87c1a6dd

SHA256
e77b3864fe1d704d1676a62c4daba67c8919ac69abc62ed66379cd4e21b8f7a3

SHA512
f84a46ebc8a0c19706648b6c2d83695e58e97472992b7f3517c33f1e269064d58cbd36133f35e5d8c3649fc317b709f565b31988f5a0972e598d20a490ef332f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7bab86e3c3684ca61a598d4692296add

SHA1
0e0b30391b4f8f1447701fb37b4792daafc6f520

SHA256
d64c3ee79f9ef3c006248a8d82c61e5bb8afc811dfeac4bb981617ca14ce531d

SHA512
958bf6df7615280fca92f7b44ce65409e16ae28aa11d66d02e0c4e7206656c119839cf13ce863efe907713f1d249da445ec4935a31997c288e7a7c6e0b8c3781

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
aa7e06f28ea7b52e468852823797d032

SHA1
d61447ef47ed29e850df68f9670fa521df8d7448

SHA256
b93a5ff308bb5fad0847d6569fb90a84fc0f94dc5f30734c1be9dbcc51e7b733

SHA512
ddb47210ca0a21f7626cff4280664da5e47c1c695c5fb2732c9f4ddf45cc6b89b27b942be009955100a80f20cf9a7cda03209a216fc26c41ab8b830a6697cd61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8829d76f28a5686655fa501730df13ce

SHA1
ebb7fabccc1bc8dcaf24b98578f1395b03cc3ff3

SHA256
a7638cbbe94d38fce388b654f78000ddf50194f08af675e5008eb87d197d90d0

SHA512
64200f7870ece92c541e6c2c95fa41ae2734ce4e5b4e1384da5f98a8e45e406abdc4b429ec1ae987ddddadae93da2894e7aa6243dbfc10c58869f75c57632e33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f4584254be3a65d4146076667fb72b72

SHA1
259b5026ef8dc8cdc4561c71a150a6bbbc0c5976

SHA256
dc8d42d4a9acf13e318ca0425127040834c10d8869982b4aba7e066384bb7ab7

SHA512
220a513232982c23be9acf6837a7561514c02232ba5fb57d9328ba1e23e1cf14878125014482e5d9c5b484a5082a2b5b8837a023d5f22a009c80ed97e7f29689

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\0084881c709f5773_0

Filesize
8KB

MD5
69f391bbef69e010d7c71f05881b713b

SHA1
654e86a3ef51a210a81f02cd4ccca57d709f865d

SHA256
f35af13a54539923bf1c8f996803543ffb09cc064058eb955dee5d842c9fe9ae

SHA512
d5d51741dfa9b791b201340a78c31647840fc22359bab84d07497062f87239651e44db57891c0e2417a81cf398f89655089b0605b5196bccafabe20d5550d25c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\014ccbe9eda99459_0

Filesize
24KB

MD5
02061cb6ce93c02a85e23309b1c99f6f

SHA1
79e57bc3efb8283e176f1562d1944d1fca416e7f

SHA256
9553911191f884f1a41cd7080e175ba20b2900010141dd6aa740d0f8f10600d8

SHA512
d3643e5d83970d9f4dd08bc2c7740177ac4629f87f19ef5a1b0d5bbf5f93f0f2af9909f0a1495a3ca79899b4f66a56c2abb092e43f64ff4b8108a09fdd196aba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\0374e1c5ddeb0cad_0

Filesize
13KB

MD5
5ea3ebb9a589cde5afa4cc00e9aa8e18

SHA1
d4f8ffe7a53189cbacb1c39a1a53276b0bb2b522

SHA256
e844c7f021dea012594c9bfa15bb5905701bbc4d402a90644db39833ae7ff41e

SHA512
55fb6932356e63f70af699333aa10fe3ce386b618de013557d9d8c4853d237389bd1b3d4329299e7664a64fe870218263398a7bc10208ce4c2af3e12875d93fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\056d9d304e7ce140_0

Filesize
203KB

MD5
334c24bd146ab27e4bda87e4290e0edc

SHA1
3fe5a3e203dd30688a479eed858f589676959ba9

SHA256
22c55461d325e61d2a2fa9b4c1b8f1a177ec77e52dab7215db9e02831d99a86b

SHA512
2f34d9dd82c8c892444c5e5827fd45ea21e1e8db1a7747d8a026369ec2f3c0deb075f91c9b4c3c351281da0578a665a907a183c99d2307b7f12c8787e6022c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\0e0592915222b5be_0

Filesize
366KB

MD5
d9e54cb5be16b0c312d42204f31ad3f2

SHA1
91891dd28a19aba7ed9e179631de193851d3bb50

SHA256
eef7b3c8062d1db8c3b1a6dd271109d86795a7fc4d01939406e111c594bca209

SHA512
876cf7cbd9e00dc55534a4bed601b78c12900be8042c9c5714e7bcfb572a8c0a8f4e8586a097d8ad7052e73c005eaf0bca2267893d33565ed07dacc11d7adfab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\109be4c1002db928_0

Filesize
13KB

MD5
84c9e70dd9ec3523924dea91579fc30e

SHA1
908bbc92bdfa9189b69c1e9b49f6eaa3745bac76

SHA256
7d7fd78e9588850a93e740be2d00dc64382f16a29ff94d1a0dc93768042ff5ea

SHA512
af2a52407203576c3e02de42bf2f76ce65e0d9bbd8c00b8b6647d81d6679cb9ea161c80c51c4cc489bdd6cd9d3ac87a312ccf960936362e9174ad86d2338b3a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\13dd2d8be7548611_0

Filesize
6KB

MD5
6f2f6eeb166a15dc68251945c77417ce

SHA1
3b737aad717280fad7ed8e42b19a12fb7d229164

SHA256
c73797f20a4723249c72acc60ed1184668587399d159f5ba8c45ca4512975f2d

SHA512
16b2744063bd692dfcc6a6f17abcbe37856d1170dd9e868637578f2328d1975e4931ccd34f222b6859bf669ddb742fd9cf912d5f0cc7031af66cfed550dd6fea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\18f93b495a13b068_0

Filesize
18KB

MD5
7185973d215ed90d5a20981108982340

SHA1
812d1969911da5412cadfb8a142ecbd988ea98d5

SHA256
dc330654c251a642c80924de65fccc7a01dc122ebfa2da184eb8e91cd02ccd84

SHA512
ea13368b91b727c1ded4f6b0aed8ab0a16e0494759953fafe27aee2d6bddbd0c9d2e5ae51a6fb9e4556bce00a659aba6745d87645f7d9aff4fe8ceaa50e90fc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\1de13e832726a281_0

Filesize
4KB

MD5
058614c2054b54e04d6450adfd5f42a3

SHA1
1200895d68aa1e3e3aa76592319924b4d2bc0563

SHA256
b361de5204a4dcdd0b68e7a1003f84818628fac9935a65dc1cbae7492a0a91ca

SHA512
6e2ea277fb713e04b5be364cf81f1cbf26db65aee752950fbcdc933a6265a2fcf4b4ef556207cc036f6f7dba82dc02d90b71942ec4b3eec26c770bc95d85e663

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\1e71b76a9a21e871_0

Filesize
4KB

MD5
5f95b0711e4cf4235f4984e54e0556ce

SHA1
208de892f96f1f204e8cdeacbf39ae41aca6ff06

SHA256
ae76be7ddb7459afbecd968a027c42c1a23345d1fc0c9f326e573ebdded1908b

SHA512
42479c35058dd2a8d921d725c8707a980b09fd14a89d96721132d6ecc09127d5c0cb7ab6db5b7ca0fec6af1e86659471e52af0760d4a81f9e5913306c68df707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\1fdd832851c374f3_0

Filesize
74KB

MD5
d7ae6423addb918ef97525bcb7f9fd6a

SHA1
1fbf99bb1ff87ac833cc2d8ffb0e6b802a2b3103

SHA256
7aae6c23590fb5f264a971ae61e5f7ae6458aa91c278bfae673064ceeea2065d

SHA512
bc333572fb500715230e4f82edc024329429898a2b458ee9f834714e3e9f53eaba48e7c10582d2bae117539d43f423308e0835a93e1cdccf618e60dece50ab46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\22e597493e1182c8_0

Filesize
8KB

MD5
53b9a1dfeec0d444ead39f3ecfb43f19

SHA1
cd0c4d46fdaa1ba4ccb6aa5045e075f72ccef674

SHA256
19621170b70eb161b512227810ecb021eff66246e7c2a687eca4fe655c8df878

SHA512
0e5b56f35c1454a978c68de19163092c18e1973f0203efbcc6f240a51ffbb4554893a8c4a0c253bfaa52440ee0b6bfab3a660cebb15bf0dac419dbaa07a19e01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\2500b4ca58563622_0

Filesize
5KB

MD5
fbdb42150ec87ec90b699680948b6618

SHA1
91de8668ff00e2806198b8e83d9a0475ed4ee4b5

SHA256
2a31302162fd16caea04a64695440155a29450536f000f6d8d65b623be97e87e

SHA512
5e755da0d73a3db11e2e9d96c5813da2e73048c732dab4f4a8538ce4772265a45754919349bbe6d659354dc0e66bf000aaff385dd8b1eeaa8a25975ae726bfb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\2bb419476df4d13b_0

Filesize
4KB

MD5
7d0bedc91ec01a1015df89092812d328

SHA1
29f97996d9e203e8ee31477a0f22a0a2216867b4

SHA256
7f865ad8c70742b624d550989baa165af9afa429c476f76744d57d4bb3832b7f

SHA512
09a59c225c93d71695e491e2619e9a9c30496b274e5064db4425e428570cbca53ef3ee0362d2210cc538cec4a27e45387c701665589292b4454c2a016f244227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\2c235f20444814e3_0

Filesize
4KB

MD5
673a8cfd399d6c9360cad7221e99af4e

SHA1
683fe78a45e6637d18612f2c2093226f5a37ddb3

SHA256
30ed3230b5a6c13986e24a78376792524cc1ad70dd521d52c26211c626453175

SHA512
db46ee91ec741dcad8d7f4e4ba8bbc4f9ef99f9d7902269cf247513570b2f1a67779e961737aee64f39a0b9571ceb5425ce14a74cb6777dda08af08cea323003

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\31034704912d6a51_0

Filesize
13KB

MD5
579e563cb32a66e635fdeaa5b2209ab2

SHA1
9096d902147c482f4f0c21fda1d97e5d91e6ef09

SHA256
a8e8654056d27d5086dc617411b39bf58c9d52055d9e7b39217ca0dc26838c69

SHA512
615fd7787192b437acef459b3d8cb064c3a50864da4b22478357adade87e0cc8f98ab76fb4772723bfb3b51b8c81209f25d8fd04be80481a59429a42ac071f97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\325f1111e90f75a3_0

Filesize
4KB

MD5
be6033ba8bb547a2599755efe0d232c1

SHA1
f45c92947aff10332f8c2fa2d3dad7f61e5d2369

SHA256
cb4c0cafab27ab202a5863b233f8553922485a4720f8aa6f46564bd9f38dcca2

SHA512
f45de138fc759c68a059bd9c5ada36242df45bdae05517732ceb98c077794937b6e391de51eac0d546fc3e2e0ff20e0c6710427c3c93728b6cc8a834e95f6908

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\3435e2c81fe1d0aa_0

Filesize
79KB

MD5
6a168997f2eb358d6651f2492c01163c

SHA1
e7c2addc4eaf78879c03e86141e738228886d239

SHA256
8c3f78cd2682a75107b502846fe7f03176f8a88f9c4b17bf9ccd37d34ab3e315

SHA512
1b8e49e6060d36b9809a80c3e4f856d6e1a3e7e8121c346e64fac94c931f278c8fb0fc5885f7e8d5647dcc427d9366986fdaf297348c7423447338d20b2495bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\35eca7fe22c12254_0

Filesize
4KB

MD5
cdae521af7cb01bf2def40f0cbba0cae

SHA1
88e59d57ea5839736adfee305df3ffc36b518b60

SHA256
f6fe8edf19164e62350024fb7023c90f5c00424d77731fe312b07052fc87507e

SHA512
4b998c940fca3205a7a0348aeae8acd28fb57b937204d826e18cf515005f730619b56eb5a15b87af3594c360d38b140bddd1646e0e2a90157c7f052bceeb86d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\3b9ac4c6845d9585_0

Filesize
4KB

MD5
85e3efe14c713bc5e10661c8747ce780

SHA1
3a092d9244f48945ee46c691a5040cfffac36e80

SHA256
939c2efcdf4da60ea216cc34794e3d53eac03adac17870d5611329f26d76fd2b

SHA512
511a1250b67c572aacdc7f49cd63bad4781db1bbec84a83af126f1a43b29a20228980cff3e73345cf742f36f659a81001bb3b22681aeb3f9501f984f16d02c59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\40cb1ff528ade337_0

Filesize
4KB

MD5
afb3be1ed6b9378d7baf356358c76a59

SHA1
3d0a9e0d84f278e922f87e8e595ef9a8ae15f85f

SHA256
c1131d790a37ba7bf27bc4363e95a8a8861a9470eca42122c60e906b4b8c04dc

SHA512
24afce61f58f9e680c70f86a32c1af8be1af2bad03091e2556cfc7f2d6bfc1a7c1519ab0fc8b43a72da510464bfd1c901dbb2b1b557c9dd901c4d58c7801abfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\4136a94a73e7fd8c_0

Filesize
21KB

MD5
b896b444d8d37ccb95e5379d4ab3d3d8

SHA1
609f1cefc9f8469b0f9ecfa9c82453c7f23875a8

SHA256
c815ef4158536fef2d543d01862be0165c3fde373345bb5dbe3d827961b46d34

SHA512
2ed250372930d6e9e8aa342b1e84543179bc66543019ce3760b010cb9e7b916f80bd215a93e216573940cc5d824a42bede869ce491170270b377fc2a2d094c71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\419aa543a9ae692c_0

Filesize
8KB

MD5
e088f1cc7f063dfb12acea8a8037519b

SHA1
e5a33b5be7f541e9b8477049715d64b7108dbf54

SHA256
5bd3406c13194908af65feab3fa508d80eb40034804bb16a8db9fd5b945cadaa

SHA512
2857544fcbe59a2a2cb3641de013a087ea6070936233d3c82d4e5dca5cedda35b8e3bd746d1e57c183c9806f92bc5ae274315e01013ebd9c4ede19b2e15b514e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\43f33c6fd7c5eda8_0

Filesize
159KB

MD5
564fa0b964002e67fde6509431082345

SHA1
d21221db0bf4c9a556d737da106e1bada6bc3df9

SHA256
18b44f680796c484541f67fa84ffb5598a1b7ec1cb2c635755a591c1c84966d0

SHA512
47347efd3d8d54d992440a54ea446c044e4f9ef1754b6342f441d43bcb73876f8735112564871b7280245c2fbd647f41b4716b1ebab3a927a582cd7707c213cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\488a1c0bb2734b86_0

Filesize
4KB

MD5
6c4f4e9f3f782f3cdf8ca89e7abb2e09

SHA1
c7c241ef180c13a43cef7a9e9dc2f69d79e9cbc3

SHA256
aa18d6014bde5ed5837c654f47468420c0be4b1e28631e820cc54c6772ce9fdd

SHA512
85a4872a37eaf838f4ff7047ccaa5a18f0088df301243f302acc25332d42300353e4dc2ff2bda2b8e1a42fec17620ccaf2365faff54fa8aabdd81b6679c2322d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\4b8305bfc0a559e6_0

Filesize
39KB

MD5
23cb8088bcb8e2bfada08e735e1059da

SHA1
a638b2b2ea1c17e8665bc31778564015473f3cea

SHA256
caadb7bc77aa77de23ab8f1bc5784152f2822eb191f062c2504b8c0abe054de5

SHA512
32b902ac41374b6fde85d114bf044e2cd4a6f1456ffcee0157c92cedc0411b52feb31a158edbd12ffb2435d324388de91598e05f4909fe9c298aca52b1fbfe64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\4de2ceab538b2e3a_0

Filesize
15KB

MD5
d8b253d4b7aab0b4faeffae2ebfe1a8f

SHA1
0b5e7277fe53e132bb54ffd00cbe276931077321

SHA256
b58558570d2ee90b63151369347194d4e0cbc9876115c915bbb3a2cd97cf4583

SHA512
6ee604f0a07b4be6fa09cea5ee658d8118739f422674096924cd06d52af412177d4ffb885b802604e97c8063389e5c658b94143827be7e77d8d78a7bd4dd026f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\55003c89b88b75ee_0

Filesize
4KB

MD5
be68a8425e5ad2060427b44eb2e39cc9

SHA1
883c568701a5602ded8612eeadac5a2bc630ec2a

SHA256
5f7215066d112a323a12b8fb4fc5e4c378ac07ba5df758a8820dd6a17189a28a

SHA512
64a21afa16da5c1a18252af8534dec94f72a4263965e7b975cfd405e4dbcc9d90ddbfe204cd59a41c2c63880c3df6fdfc69c5fce0d711dc9a09db9997669ab2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\5e1f1c1adb1b674c_0

Filesize
39KB

MD5
3e54363e8adc959faf9dae01cecaa300

SHA1
8d178fc2a2c7f767dc9088192a74099d5af260cd

SHA256
1de04b95b38e713a172520723e0f3a3c1e6905b4f2c90f210ba31b3213cb1d2c

SHA512
e026d7a02a646cf79a7eab61c54d0386eb62254de61704eee35a2bbc2dd20b787341478bdd21b85968e4262d5171f15651a6781661f39783b7b0019111257cb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\5fa320afd6ea75cf_0

Filesize
40KB

MD5
9df00f212950fd4aeb2462555da2e661

SHA1
48c2deb60a8820624156eaa7672ed60805f2be43

SHA256
006a9c3be0e03b56029a42b06769a2676d22127a0650323619f26f2c2314279b

SHA512
ebeef492bf842279f02a9e029ff81cd007b29638b48f8055eb0cfefbe62a9252fb6d270e3120e3fbdb2ce4f9b8fea3bacad73153f15562ecc95c1e8a184e3212

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\604e55bd61624fea_0

Filesize
71KB

MD5
f5ac4fcc3c9d54c1f77182294f153f7b

SHA1
6ecc9ed23b9166e3d304c78f09f6103225936eaf

SHA256
00325d20d9350bf34a7648ab291b50e3a7273fcb987bd41c035a85e4b2e78111

SHA512
b219c41da4277e2f166643a04c7bb3fca1e9e161b75e346e53918c36f6b5795a808700ce0409b53dd7670797a8abbc4ce3f1700e30d0d65ea361b3e5ffd28dd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\606758deb9893809_0

Filesize
781KB

MD5
cce50fb9fbff89fbcff66286fffbfa89

SHA1
0dba688da7dd10a0dee53996d6f92cfb97abec56

SHA256
7a1e724c1aeef67736488a4e9253413f892a41d0d7b6c02a4370a90a4a22a690

SHA512
6014d220c6c3ac2e36b14d4092cb5a393622710d988b3190a5b5563972c26ec4ec6a693327d6b6f40d06852f98e84922cc9fde578ebb1b505536a46c2ca1c953

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\607b51554ed8d785_0

Filesize
14KB

MD5
4e29d08497af5a08ddeae31310f2b438

SHA1
88d5664e5703af68e483e7d27a8e426de9440fc4

SHA256
2e9d9d49dfe7b6ba0f942eb3346c5fbb0d91ae098e934128ea128cfcb5f455f6

SHA512
0827442fb07ce810aff00f757e7974696189dad836d5d9a732021c9a7a3f390e83b7728facbf37fd8149fcfbcf6162b78a95943752022f0cb1a36e5774e33bf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\60d6c53e6a700f59_0

Filesize
27KB

MD5
80fec17019b866142a6ff839f942999d

SHA1
7ba7fdc97a9546fe826cd29141b0e4afa0001bc1

SHA256
e6630c0ad3fdde9a0724d3f3858a7f6e2ac7343aeef2561f8b2abc3b40da75a7

SHA512
35bc728464e37c3217fbca837184f6b8d433a221ec88bc34cbca2c8844d31722a1be96766e8555c9f43d546e6a75fea10cf7d40a58afd547a55975728e6c5f13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\63ea1f39a959b005_0

Filesize
27KB

MD5
3db0005694513da669c6fb165d6ed608

SHA1
6d19396a2a3951087eff988b600d4a13335c3a2c

SHA256
c64c51a068f35176144e7ee473e4e88d2f68538651b70445544f5465008ea08e

SHA512
41fef1502073c3144c972103fc2bac0dbc3fc1da904227c4ccf13cb0f51320c77f7d975024e418ed1fe2b8d632d86746a906e3dea10036e029d0110493852758

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\6561f0ec031a5066_0

Filesize
13KB

MD5
fa90082f2436af08c6dc08283d30c9f0

SHA1
de78281166138ea3a529b156752195f123bdd146

SHA256
32ab9f8914745504c3904e329ae5fc09fdd15a2241bf8ef8fbc0df0dbd835909

SHA512
dc1c877abbe05f9839654790e3132b9024ce822b2cd7f8cb9c2f4a122a31f8c6a70901084bc970c66e11e4674af298514b82611bfcbf4d8c9a01c7cba271a6e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\687a2de48f1a0309_0

Filesize
67KB

MD5
eec38ccf3a96713a302ca67e06f9ee80

SHA1
e2bc5194d15e2894513c0503f1de59f2acc2ea93

SHA256
028c77b2b62128d1d8c62dc547236b3ed6df6259133130698f9cd1e5301d5a0e

SHA512
5c90802378365aa7ec549070dfc2ddab0061d366cde1ee82496aee5b4d70d56cad27b47e8e39981dcde3d40aa89d0b759b2e3f7e1b22ee80d43bd4b8b06ea2eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\6b86c08a1df8b860_0

Filesize
14KB

MD5
5ec84620587bab4bc6f689634a2c5c11

SHA1
ac3a2379fe93ab382fe8c71764f1a1a020e9fcd4

SHA256
ba31270b2e471fc1e2ea80952f8534eb1316b36372985276ddf6a9b9234c0a32

SHA512
d5f51e0de58980a47eb2c4420fa6a2fe552defb85cad322b1ac2b7328f3bedaac4a0ab43461cc616990ffc2b0846f07aa6b7037876bff87d37acbdc4d607cd6e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\78f43eb672e12bb0_0

Filesize
29KB

MD5
e423812f67856734dedabf7f17e9dc34

SHA1
3e48e0085c26623db29702c09fe5e3e30386aec6

SHA256
b2c12f19cebe8b9938b187786af5ef50d034875c35d0a7ad3ef7f10a044df9cd

SHA512
b34e3051e0272ceec8228c98ed6e5f93bd44443403543ecafd017c874c33be8009b56e71be0d765f1501d5e14c8b6633c2c01a7f82dfcc7fed4f3198fd9f590b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\7974ba24e283ed4e_0

Filesize
4KB

MD5
4d34fca15fff1c5d2a9710d2fa6e205c

SHA1
a1873f1f9c9d76c26731533cce1320d6a5d87ac8

SHA256
293d148787a38ca58f2e76962aaea4a00d3f24e939da4436feb311d5358c97fd

SHA512
540a68e6b0f90366e6dc40f7401435ffda5b7d5664e5d6c105105d1e0bb21c12e0e0ff61a2813e13135fe2119366a32f84bb01db51b245d1c48c95262418f8f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\7aa01745b752f6cf_0

Filesize
10KB

MD5
3d8a862f0c6a137d75ce5eee9b40bd06

SHA1
421fe2bac50e952b70ca6b7eea4b0ad859e782be

SHA256
65e36a1276afe2e1ea9463380002ef254ebbee431d02902a18ebd03e3f7c8c8b

SHA512
0747596fcc9ae7bc3ceb734040acdf0792929e0f2fdbcb659b860466ba39e5f974a292b7191a29ae749ea263110520797c28a9fbc73ea731ff19af582a094582

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\8c0c306ed290862d_0

Filesize
538KB

MD5
b0214aa0b881756e436262c165fe207e

SHA1
d68f84c93f9958cc98e47314967ab18b4b994a6e

SHA256
60440fe184bf1e4381dd2006fa1ce2f56ae427fe8e4fc32fe32c844122f2bdc1

SHA512
2a8945c28b723ebfa4b4bf9af1f6db50fab930815eda121dc3d72d18fb5e838095ea6e8587ffbe885c26e70d84848a949ba355064e04a0c1b74841a0e768af8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\8dae1996f929f174_0

Filesize
7KB

MD5
b1f238f23b2bf9d0c23ca9ae60fa57d6

SHA1
b28007716ad0863a22cc8863d482d6080604b96f

SHA256
5376b8a761e9c5b3b5582d5749164214279a256abe54fdb1035454ae1e0e31ba

SHA512
27618d71168e90a143416fa4f0d284555208dc58ea3fe08352575e0065d812c083d10d0781f12c37ce8b6caedd3b4d184cad71aada78d768bf37edb04920c0e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\8eb98d33aa6169bb_0

Filesize
8KB

MD5
f76ee388a5e499bd7ca7ea8c5d73005e

SHA1
f63093a9ad46f2814c3ab2fbc200f88d0a2f4303

SHA256
b472afe4dfda7bae6a5d4188d1a0169a8027f78ccf2e3f8d71dd28d77996e3b4

SHA512
baa681fdcabf910c80c4645b9d723a51005a6c2657527fa26c1b809d2e0ffaef8fa630f5096bb1d148c3e63fa354923e2011e43e34fd2fd1688241a2a6b6c9b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\91fb33f8f98e4897_0

Filesize
4KB

MD5
a8d0e42025ce285386d1e1d936c30610

SHA1
79ff894d2587ed7c565127f2ac09cf54e6199db0

SHA256
19402720967257a487d945ce293b7e4e0520b82a66f3390eef781dd7304fa507

SHA512
ddd9bb83470b6c0e322e767dfccd21fe8c7a98333ef0a35dcdd35f8be3364c67d0df8fb476b52330f9c433cbd35151b3fb0cec61b7212cabbbf8475cd676d43e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\92ab20f1621db0bf_0

Filesize
6KB

MD5
c17677d324a7962456065de97a3a9640

SHA1
e4e11dedf7474fa33f0abe987a5ad88e1cd54fb1

SHA256
17866b4217cb9e5300e0ef917271678f83a0dafa8bb5be5bb439c25564068bd7

SHA512
ae89510ea47e6d5812c296a9288cc8ba742b84eca74a87c65e9d731069addbfa4cd1c6531eee903ca241c67d14d0dc008e567b516f25bb4c1298929d9a83a249

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\94997ba14d4d5fea_0

Filesize
13KB

MD5
14c9e9bcd09d626db47b1bd3acee7fd6

SHA1
60dd1faef937a152da439824c3b8f1f2ff0c0111

SHA256
7cc8c5ed51296ddbef5546d20814ca4941c95f3514cca30f74402c8b35f71a52

SHA512
28044715fad231c1f43174ce326ece51342a0b8b151bf607c3c64e7eeaceb86d4ea35826b883bd65b7f74f93e35dffa3a6634c1379bc93a7544a9130eb78763d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\983eca9ec9d1f8d4_0

Filesize
4KB

MD5
294e50fadd617a24bb14a6a285aecb5a

SHA1
a70fc70e8ea2c6230ca41f9ae0eea1e3f28a0cd6

SHA256
149bbf615fdae59f7f4dcbc62f10c7c4c4729b7db0af1e21ddd9e3505ba33fa2

SHA512
a7ae523b164fd4d4ac6e2a089709655165b76793d086e1137d179c830954ad8c27928af11dfd3b206d42e20f81f267c9089b834690e28c499d9ba28e159c9471

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\9a85a16b12528ab6_0

Filesize
1.1MB

MD5
619fe2ff23a2f2d49c00e0f1d28791d9

SHA1
af5df3f04c4a53bfddc9cd3fe0553558e66991e6

SHA256
d76e51e41623f40867065ba4ad2f10c88340e8a65ddd13fe69c53d165fa53d30

SHA512
ec7667d0552eaffa6ac0234dcb67f8ce4e4e982fad9dc594b654228c756c473a3a858005493d88cf25be8d7957dd996bbac3ee28db848049aa14eaf7ce5fe16e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\9d141ac30ada4392_0

Filesize
4KB

MD5
a6368f9e1da89d242b4f82167a3d12b9

SHA1
a23df8211dcee5ca52a6b3696bcf4fe3b89bd9c1

SHA256
991854b3309a1b8acf7326d2c0261bb652acdc57f89d8d4e911d5f67ed0aecfd

SHA512
7dde441a8c160d9110fe6235877e84b08b332bc461005c26a77f4e8996fa45ef3c69cf6a45168f45d934a306e6b46565f86536202ca05f4ae80169f4e5f8735d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a0aeb8c5a836d277_0

Filesize
38KB

MD5
995c54dc43daf8b620b6475c818a1a5b

SHA1
11f5cb7c249a8822fbd27794323093c5d971200e

SHA256
077a62a8efd88801cd1dbc4bee91220800354c93d048d98d71fbab28248baf7b

SHA512
8cc26cf37617d5657799f88954a1a40d1d6bd215f4531f9eca5c883b838c3b704797109efc944c4858b1891b99c9d6405d86edcbf5dd408422716def8ae4c042

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a4200eb022413f1f_0

Filesize
52KB

MD5
e1e2196d9f510f3004c4900cbe447879

SHA1
bf562845ccee21af0f4c2304457aa108483ba9dc

SHA256
65e101ebab13994552bc9fff63c139df7988d4a3fb38b95ab7eaaf647b34abf9

SHA512
268566f69db49a6a106984e08b53ddc6d0e84fe7ddebfa321b4badb25d274e51f74873cb34dee397b0a6fc8224f7551130d8159932c191e900668fba497ea58a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a4e825e6c4c3e869_0

Filesize
39KB

MD5
8c210f96e37f1850dece274dcc0bd643

SHA1
8f4e2aad9ab28741e5254d772d3fcb7d7558ef83

SHA256
1f49ea3461ff0606165e4e0c171d4a9c929b97792910842d9bbf3edd1f6e2b50

SHA512
c7c1fe94d08a2b747755a0a4e821c2137d4efd052dc365a7e482934dce5d496203f07299897b15475212d33900a94444c571a956064a9f60319654514363e618

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a5d2a067e1e2db16_0

Filesize
4KB

MD5
57a1e079dfc2ef841429ff7d338c8333

SHA1
d295016ca00d6e6b7be58e56187f92b5425e840a

SHA256
aec72db2208ee74bcfa2220ec370c79384e868e411622fbfddb5b550948f2c52

SHA512
32ae2234dbe4502c983c5b23fc445856665b4150415c292f5b23dcaa0a65286c63d73d2e8019cf0deb4e041a6a7cdcf2b57463081b82140920a5c6d59c333e3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a85990568204132b_0

Filesize
235KB

MD5
74f06e8071de66714803ed768e31ffc9

SHA1
ba7213f5a15276e74342469f0846bfb07e912e52

SHA256
cb0dc2db02b3995f4d9a17688e7a3d5eeedfb20d44c268e7d069c41fb5b3c18f

SHA512
c5bab005b81776f1b8ce5725771d47a83e06f845413bd036b3e0464cb96a1c2953f2fb3b297c09dc90459818c6b55c4d85c5b06a505b9104a9b66c7189058692

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\a96be080a4f5b6e8_0

Filesize
28KB

MD5
9d077b6287049863aab5c5f56ebd4ce9

SHA1
00eb1fa31443aa8b0c2864087c44058e6f1947fb

SHA256
20b419044aa30ded75fba371a4274e57bb0c090549192206acb7f3270de16b19

SHA512
541087591e6398740b1ffd374de6f4bd8763ad7402ae985a0d6307d1208ef30e2f36af699a341b557b71c804289a6b4a3726b6375c9a18d6e7873472ce2f0aca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\ae422b482bb9deda_0

Filesize
343KB

MD5
1cb75b336b1251cbed0e73a7889f7a6d

SHA1
7ac2042cd32c5ed35814b28a1b8d375e40322719

SHA256
85d3e569ab9a495a58e2ad0fb1b2e61c7f204436cba15fdaae56eb6453168114

SHA512
1c52c5298cc83e2b3222cc1501cf6973c7660e8cdad830485897182f0d58976a1e89a0eb99f9790b2dd6cb9f2a043bf50141c5c799056579994c953617e3379d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\af50da39406001f2_0

Filesize
6KB

MD5
bfdfe9449e739c6ba739f2955cf6dd6c

SHA1
288ffa334999ac378451901157ef6d0376350fed

SHA256
efb83f87a9cf01bcbe7ca5f32f07b96fbc049696577af19c1f0b2ded3f35a917

SHA512
adb9ffa7d66f2e72997c6fd39e8a6946960de8d4145a3adaad0cf786026b33ed415de7b065d8d3880e07ab188f8b6cb22144587c464ebb0a8831c7f8be94bda4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\b212c2aaffbf0211_0

Filesize
5KB

MD5
8fcb6a849e4766cb877c4193a74c5580

SHA1
e3397a415af61cf3d6a8b1d5fe44e67874829e23

SHA256
f07a563b2a8c3bfd5ffa3148246b5b274f798b90cb126db6e0217f85173a06ed

SHA512
1d1c54e12e7c43019e5864fdbddd99a5749d70003946cbd65a6d7763486eb646e9ad5da3e1f9ec36c8619849a96cc5e946500d909bf0f161a4e98b385f001e1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\b29e1860a04658e5_0

Filesize
36KB

MD5
24947d94e93a70c28cdb0ba07b5e1939

SHA1
13c7c3ff210585dc957e7fc4e49eaa33e693cd8d

SHA256
7403821bfada4929a9beffb859beb04dd870558e3eef91fedefce9078afff4ac

SHA512
30ab5c7f19ebb4c08afb15fe063e8635d76df9ff098970931185146fa05cb4a46054cae512e4fbf82c715dc409c453ce828022d9b2e0ea35fb1f81d8d7703366

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\b84dae9a31411946_0

Filesize
78KB

MD5
4c201f3060487f3e9c22b1d01754b575

SHA1
373151e0d541548e13e410571d477159c72e879a

SHA256
0300ac77b45a135c8b85a1a965ff52f33fb9e20e5fb295d557473d6aa8c61947

SHA512
893f234d4c397dd229814c808bedcf99df551cd81a4447a9569c2a8f8f2e7fde4c03849566c86eaff0dd4aa1740659d3b6971507e272c6882fa5f85fa625fa26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\b9d45ddf0a9b6e77_0

Filesize
26KB

MD5
d10e5de177b196fba559c2a555269552

SHA1
69653022214482ed79321da6952254244cf61785

SHA256
57da55b1c7644350afe92f2a18210704f8cf0623151926d093e425451406a533

SHA512
a905b5d5172ddd71251bbc5ae08b31c4fc0e406c9d594cdd962b3bbe4615108143b37cdcd6997584ea7a015a4e45bcb37b35a7ec61c5257ec028f4c14147edd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\be598b9016f5a3cf_0

Filesize
16KB

MD5
9e4e5d5756e0087acb61f4d250d7a650

SHA1
92a75573031b82248ef2d1602a76ae082fdd6428

SHA256
039d8ec488b607b5b6989e51fea3e2e2e7a3fe419ada0e318221003395f5ffe8

SHA512
b879e2b861c34581776f01fc1e481b475590a3a3a305399e0679fb5ca55a7a1bc7549416494985f757b56245c0f9b0a5b4c4895a7a3062fcd3b27acaa67e17ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\c6ba4380102c3204_0

Filesize
66KB

MD5
38ede0ce4dbc5cb20d14d50c7e7e942f

SHA1
e8f36ce4f00713ee528035cf3f7a2d1966c0dc3c

SHA256
a26b2086ce3a5b760831364029c3773e9baa611d7327f4add223e586d83eb5e3

SHA512
429c330f6bd932dd082a1be69e8c678745f1ee6955abd23980d2786577efb26089043af625eb9b40635c8f420c2f520d5d8a70b70d59e6e76205ba262c8a5eef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\cccc83828a5dfac7_0

Filesize
15KB

MD5
69c701555002961122c6efe6d2eca8c8

SHA1
cb01d53d017bbbdb208c4a8645265c5051d59b62

SHA256
01bbe79861c2171f8848a1136078c519f616b63f334b50510053a726697755ec

SHA512
4dd998fc2ca6af258addf8d7550b23e8c634de38be5370560ced5fca2d4d919af52a9c3d1804cb1b233184394af31bbcccf2cb916ae1fa11d2318660da3e790b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\d4779db75138a2ee_0

Filesize
21KB

MD5
f806df42dacc924f3e7af733014f2852

SHA1
454bbd9f2f086142f291ccb03991f6e5f66014db

SHA256
bc6e86506b1bbda58320f9fd7111a2972c5c46bd23e09d48630d17b55c1ba760

SHA512
58b29b1dcb1c28cbe1286dc1df943e7fe5e3e53f6918a08f7d15eeda82d8e29dabe2ca1cceba180612320c02ee7d5b6d67466cfed10006a275c27f1012e0469e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\d7e95087814ec1b0_0

Filesize
10KB

MD5
9044807c06eb9b0de147e4bc14008fa9

SHA1
5d186486a8c68e44907cc6f1d5cc089ae76e7807

SHA256
17bcb9cbbce319e59029c50436d85402063cfc20f707a7bf9d5181a4435d59c2

SHA512
04d24838be7af6a1888c3636ae6f0d7d066858b602136e5db7869befd50842033093d89e778d8003507a241c7474070b706b1ef9ed94331b4f3977b2fb983320

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\db01f5ea9d3dc911_0

Filesize
280KB

MD5
d67284d5b71f91d8f8cc3de6e182a097

SHA1
5388a00a1727b7fa221f005ececb19e75a71d942

SHA256
b293e763c8a86557c25aa9a44c613e5523f96d4d132962a77e02a440d48e9bf3

SHA512
56684607478ad299806636cf4619ad5e5e8b02517664897b75731aa383ada45426e03a0091e6077acd2ac2c8273086aa47537c6f32e97661b5e437ca5d122b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\dc73b465328aeaf1_0

Filesize
7KB

MD5
0da2e46254528e7d430e59dbeb0c5e39

SHA1
f26f64d895529c5aa8cb673842c49570785fb0eb

SHA256
abddbbdc8f7806093eaec63987571c806bce49f22a5889b1f81cb7728a0578cd

SHA512
30634a6327c721062e472b6c188019bc46fec62e784952c980139a35cb92bdee0dbc99c2fc92de97c855c6430480b722c75fe43903f1f5b5b712bdaa849ba86a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\dd81ad4de45dbd60_0

Filesize
4KB

MD5
5fe030a70910acb58d55b7f4eb20f6d2

SHA1
3107fa9e596da87d9847ed971b231a7b909763a1

SHA256
eed7604e244dc7a31b184257f51bcad619ee3dd2f8beed81037ff8ab24aeca69

SHA512
d6cb565bdcce5c4a7da53854d737f4f308445c440b65825c5fe09fcbd977766fa96b2ab3a1b7ff9044c55952a654f3c04236bafa86dfaf10d3a2a80325563644

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\dffc56a12be74062_0

Filesize
212KB

MD5
b1d95a04b04da0d32e3ef47d7bdcc44e

SHA1
871f6f55f911f01295f602054419d4b8060f5505

SHA256
cdf13dce036d78e0f1fb7a88456a98219d82d36513fe35ab04a9c0a7eeedebc0

SHA512
7112b75e57c7f74af09a5dac9811508f96cd1e0486e973a9a6a5d12f8fc8f5db185c3b724cd79b22c9e1c01aa70588806ce784b2d42b99890b3fd4b3e797d271

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\e11e9f46c0b36f1f_0

Filesize
10KB

MD5
992a36d415ea45cc8714284288f6b3e4

SHA1
b3cb4776645bbbd7fe24c7e7fad84fb7ac834e9a

SHA256
51d21b347fccb665a6e6d923a4b53ce60fc6b91d05f30eb7aa284d832a7eccb4

SHA512
c3400dfb20c2aa2b37678aa96431bbc2af7427f83f000851cb75b82ca5bc8227bb5bfef6f0a7ff9d93e0c27be9a4351ef5ec93d7b3993f1b4e7289c9aff5c052

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\e14d75e0f501a7de_0

Filesize
11KB

MD5
f23ac7da28569e1e89fa6a58c944095d

SHA1
a7d6ec335477b60cd906d11c98a14333b96dfb2b

SHA256
0f60e81a2635f6acaabd0c4d0206878587014130ec28199ead3c59beb8aa91c9

SHA512
8b4d38ea565ead2e7b834f40b52e8010b035098b4cab1d5b928727c3b7c2ceedc8059bd126002dc023f5b34ddb99ffde0c542b06fa678a13fcfd8e236c582a11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\e32337ce3506a61f_0

Filesize
18KB

MD5
1c94e2e3a8797d29a330fe5f016f3d00

SHA1
bf6096d86b0511881a4567f148d59c07a8ceb64a

SHA256
8e950d559bbadd757e99ffd8e2237bc619bcae7edb5e64cbde71be23a7d76626

SHA512
1c02c5be2f831abcf11fa41d35b09eacd86a03f94ce6224b25fe83c8b9e25e21cfda8eae01682ebc8b822a73f3e28a220b65b59f449a0214a8c5a920c3996072

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\e3c080a7dcaf473d_0

Filesize
453KB

MD5
c606c4f9f97ebe1e17fd6c67dadf5ec6

SHA1
f9ae76cda8e1e3f5206be582eb805bf4ca68f3aa

SHA256
42df581e0336c68864eced426d71349be290fe0db47bc98d353caf080737d10d

SHA512
c095bbcdb143037bfddc5f398d0252ba10e71d5496789d0f7eae46ce8a2fb968774833a956b2e89456d2044d65df738adacbe36504d5974c97c522da99582e76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\e5e11826a0ce55d4_0

Filesize
1.9MB

MD5
7c7f44d682c7ebbf5b304ceb16e5be35

SHA1
e801af8c3d6e8768dd3ee50bed8ec8141efb9ca5

SHA256
ada3a5afec8bf84dbeeb355af6e7337b52c4fe2cb1174d5973b338c3e0d18dc3

SHA512
0365d21d80605232c071976370515fddc4dd66f4ef9b9ed0eb0ea787b544a1b7c79c528b85869162b26c269d15420118de38b385e1dd617989e1e4bfad86c17c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\ea3b221b82af4b23_0

Filesize
207KB

MD5
93360973a763a677460252b536f1d789

SHA1
3cf341e9ac82b2c4c4922e1b052e22c5508f232a

SHA256
273b3ff60973069dbc8cad5ed1ddd7421896ffe9c4cc4e03f4730d821e9a4a0b

SHA512
16caefc2fe9ebc2a175153930d154965d8c38ae9fc2602cae5aa18628aa9b6083c8240228fbf50514d02e5fdf2de4ce152fa557a69c7fcae972b1945f1218ede

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\ea9079ed48bcb605_0

Filesize
7KB

MD5
e673019c0ee149a3a5864d0b436a57bf

SHA1
1f21c9fc5be8bfc08fcaaa1eb7516d49ed799c53

SHA256
5decd48ef26546d9f8dac889c771a8e029b2c722202033e43eed21f96d2cabd1

SHA512
bd228c6d3bea388246a41030bd7495fbfeabf9b042e7b91ac71976b83d4b6851e5696a7843209213876e17e2e406a7fe6e99029d1424cf932a7846e99588dc06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\eac0293e70e1efe1_0

Filesize
583KB

MD5
55f0824022a6f9e9d476d2883f3cd6a9

SHA1
e6ae75eed88133b2d5ea716f368693422e41c329

SHA256
583f2826f874b2c67817e5e5db4f8511e515293ee045bd014f8168e5e964c177

SHA512
696fc2e1fa3c8e87afa71b7af1834c43f898756875a9027b7581340a70d6992b0522f22e8abcf55caebe3a906c2825d41be8b4860e234d06e56a173f6ba11515

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\ecb8d6ab9db3736d_0

Filesize
11KB

MD5
c9e2ecd4044ba690d5e3587b6979eac2

SHA1
361cd1dafe626e91f591c787a3cbb1c0bd330691

SHA256
709dd27da49b4b211644c06e934c046a0916359aa7deddf6cf808cfcd14f5c30

SHA512
dd1997fce9852df388a7b8b6f5f6d0a9d77e39c63f7c05ac3a030cdaadd950960f9441382dd034c4be6e489029f1209e8f09089994c70ded8807567791d89314

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\ed455c7b07bc0fe5_0

Filesize
6KB

MD5
d03272d519e1b14f58283dbf982dc643

SHA1
df3fd0109379dfae5f57fe7b37edf4bf474bda6e

SHA256
ebe8df0750c365630c616cc65d9a5ec82311f585d380ab5815209a7b07c3ed56

SHA512
4f31d7d32ca0e7d86c381b7905c355ea15cadfa537f35a1df97ea9fa0e77fdc9d8be9f75030c34abcf79486b8fb4562e8a4e399dbab5fd49a1ab919e31325b5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\f1a39b9371c257f5_0

Filesize
9KB

MD5
ee4f0f41b8540dacfaeaee85f329a291

SHA1
eafdf6d8c539f77c884a1609ed7ff7065f27e567

SHA256
7d11c19beb62c47e9003da560d5e7653ccde373ab8c0249cf18f9dfe23c3a1da

SHA512
9d3b1ef502e9fd4900a221b225860b401c7a85d4f545a9a0eb8bd837944c78ea5f0dcc7f3fc297820deafb2583f3ab7db479aa1009f2df3a8eb40f7fc910b0a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\f59cc2c4f82d9604_0

Filesize
21KB

MD5
e3a0978b23640ac96af86d0c2d867843

SHA1
a38e1bc03e2747b32b976c92521a9dda8338765a

SHA256
7afc1d3e5601e0a464342c7d23d525b5fbe7a18f626a870d9488da8e58e6116a

SHA512
306dbbf7a01cf7363b8b31344d303b000e8edc834c511496571e61689d6bb6696d44cf25e5e677162d3416c16dd6b87e86140779c2d3f68e5827dbc948d58e81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\f9ecea9f7c0d5a0b_0

Filesize
13KB

MD5
398a40b082e2cff85d6acb600e36af97

SHA1
3b88b11da62d8f3835891a1ba41270522cc865b3

SHA256
2ddf2720c759de8b98abe97176dcd4cc9edc338c0d00dd4caebaae8274ec4c49

SHA512
d417f354bb531080bfe8bfc13d94b2172fe5c4748307fb5c6b4ae49a2eb3e856d8ffc11443af174fc877b2687d67dc0f366b672f8954e12a1a7f1d9bd47d9342

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\fc4c2e71f283111a_0

Filesize
18KB

MD5
2fa177f26aa9deae2f30a44eb09fed4d

SHA1
cb9404cd2e85c6d654bfdab34709cb7b229f4217

SHA256
628b9318a9b43925eca29181f819f24b30346d27d000f6bf82e2c1abcd35bbc2

SHA512
812de81f274ca8ad47b171810351e030dfe3db163d738e2b5f569315a775ef625678614c9e44bf3d71d31440b60c2b348725dc983c2a6d3065802f43cb1c0572

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\fc66ae3a3ae73d8a_0

Filesize
5KB

MD5
6ab5c9156b93a8bd439d6bb70443841a

SHA1
cd214059ba01a08d9ac9aae6026569cc2fda199a

SHA256
e89f4f4475688808d4faf76435d438d1eb382ebc449150f3953499fe202f1fc7

SHA512
43759649c8e901af7be97d4aa7e2572f719b77ef5f3468128d9832ad703f7bb297738d361a82cfd3ddf538f9835c79c9f7e9e9664a675d263eada411823a8c61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\index-dir\the-real-index

Filesize
2KB

MD5
adc61178c0270129d7f73e2896d5195c

SHA1
9135a66acab2c2727c6229efda3868b19549436a

SHA256
0fc5f4971872efced27fece3e4ede2c698c58874fb250bdc2e343635b2e2f8dd

SHA512
862daaf8c4fc3394de7edc980ba0f38cc846f9a11ccbcbf15aeddd797fb5614629ac2465af362634a516f5f256d3a3d307cc976196bda06aecabf5d22f66e93c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\e2edca83-a161-4023-96a9-292ca29f2e7d\index-dir\the-real-index~RFe5c2ac1.TMP

Filesize
48B

MD5
2cba12ecb071db550130844e7e25fb7b

SHA1
97b6327e72ae280e43803784ed3c605c04cde7d4

SHA256
faef48292639c811f96ba80718579b27d65ee2b8c9246fd4d8a7b756c7efb1cf

SHA512
7e1f583d40877fd76af0bc4a563c17d9534acb84e886571b9b23b754c6e1f45ff2f7e98c4c44b467b4d930df78c1b777f8f4804fca8c212c6d7dbd50a12b36dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\index.txt

Filesize
103B

MD5
15a95cca2f7555200f4c07db176e623e

SHA1
356142f8a237b408d1db0aef7dc64c69c8fc8fc9

SHA256
befd6b15e55babcba0141a04b08ad125c8cf43d5bc002ac8dfddd44031e35b03

SHA512
2e8517a2a094b308adb4610166c5834ab196a45f4bfd7e05e110df13b52f2c2f56cbb9ef6dd1c27d3e0b9d42cbf17541533e20a01003603b10bf811edbb48d81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b38088221e917cc8e44acd6f21e33dcf86378e0\index.txt

Filesize
99B

MD5
73364b9c8ee3e100280826a622610dd8

SHA1
ecf3900ca8a389616924b359525b46e5117edc94

SHA256
a15cada27d936533ffb6234c2f3e4c1c17063f25a83484349b279836931cdefb

SHA512
734b7a07296d131fe7f11aa0158fe866ce0ff7a52a6597f49d99af683ac7381bd5b17f85e10ac8c9c0233f13d779b8d1ed929a71f2c757051b3cb39f90846f9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
44df0ee930baee4ef985e3e48b5d40ab

SHA1
eb5e57901bea7283d51e88b46fb5c725e8eb41c6

SHA256
6f40e31cacac6a26dd4a23aec9b51e3b7bc351ae0ff4bb2484d5ac7c27692271

SHA512
fa7c93e93515c9655529ddac8e79f8dbb489f74260750788fd40c1b7ffb7a5f463824d22b04db0403b28f44bfd098729ab5a1ec21b77355cc8b704495ec2d30b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
a64360fcb5c90d7160293c7be490869f

SHA1
6be5a04d4799c20686715c5d4dc19ded580ebfbc

SHA256
cfaae58f84ddbd1fe7fd6de48754e47e1585280005c344d966384f1f734223b7

SHA512
bfcbb6d6c562fd7f0cd5ea9dfd7c7079e77bfbe9088049bdb18fc204a7ba54b2f3e0d6119b8d1b4c09f49283163e4e51d5dbf3e481c4b4b07ff953e05e55e5d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
2866cf9af81eb282f62bd9bfbcc52dde

SHA1
55ad934ad9d96929f76c9e85e9e3c529b30ff667

SHA256
b5a6b01a2e8cfaa8e543594d2af5dbe5b4089d52452f17e6178125d3019ccd3b

SHA512
8a88007ffd2d73390d5ca53c478ccbae91eb622b3167a24acfe2290ce05475029c624639e6987662877755a0bdcded7d0644529ce6a314419124cdd21448660d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
48f7ebfc2bdf0255efdb2ea4ffd0805f

SHA1
20309b253a1c4c6f16517e5cd4923478be5147d2

SHA256
1a47b4346c3cd3d91289abeda9741853edc2a26367e4a492cfd08280b6b05e8e

SHA512
a0f39c8faf5180feef52f709539efaa45416c939226ad2613292132c4d152f5db7d0297d21305fc90ceeceba2e5e4b008cf9b80743b803c624791be10614ffc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
98761136bc122c80e2cce2b3493e67da

SHA1
eeba5c584c61682281f0f1034f4e3812900c10bf

SHA256
5de689ea588a71322c5cc1ab528b48e4b92e4a5128d5e6c91dae278f62948b6e

SHA512
a54ab4473939daf31d0561641507f32cf4c9a2f2b17619cb8ee3270056c6e59806d3a43062574b8c446d567c040745c105cfe8cb6334079bdf74b0fd9fa7cea0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
aa1142898d9562f5b842f0e2375b47c9

SHA1
d0e9a5a1edd61698579d920455ea85f5a0f13c11

SHA256
2c56206ea07ea049cca14c5438c551b852fbf19463efe1c8651206d049bd431f

SHA512
ae0cfef77d9f169ba3f06edb900c90c876aae7ec43da6e2504935d96ea987ae7920e6af37c9a21a64ba8f92c0b6f6643a2d1a1a33b49efd081368520747eb3b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5c14e7.TMP

Filesize
538B

MD5
2db79210699a6e1750a533fdfa65946c

SHA1
6256849dc7f403fbb935596846a989fdf4f2c771

SHA256
cfebb2bbfbc6feb6c1424fb90db733f241f3e253b70da4773df638be63a29696

SHA512
6680359bc50e540948803811addba9a08217a73aec56d76496b11d9d089b15d5ff5023abe9449832b7dbce7d8aa11349ae2689bee5e45e99d1483882753e6182

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
62fd6182f53f955e2b19d0f5311c7b33

SHA1
b92918d7a1dd80db97e6759fb64ae773e66476e7

SHA256
9c12d1409b8a7c2d85bf5fb03016515e809f5e0d015c0aca3dee895e98f3d547

SHA512
90a951caa03f61f5eff80288bc2bf6c37b75452486682cc9538f0b41662c7cc8cb707f391c2a3d3840fdac3b6fb27abd13ddaa8c1e90526590e2845632c1e75f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
31d39f3ce739c5bfdc283f333625427b

SHA1
4f0ad40a734d3e7171b0e85978e5bba9ea8a6749

SHA256
479054408aea4d935625c4d8b29501d9bd372cb3ce395d616c43a0b6132033eb

SHA512
fc7808e3e0f38f6fc4c231d87e4c763abe2b390a511963221658cb1da41fa64a14b1fff0dfd86840c857223582069f53b60bfcc4d47422553f77802150aa5b93

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\r5m741b5.default-release\activity-stream.discovery_stream.json

Filesize
19KB

MD5
fe20f865fa771d0a665e0bb284d7d628

SHA1
0cf16854e7ed6b7b85894ddbca5ca8d7898aad81

SHA256
c355c108b635bbff4dfc8e04418e5f036f3f332cd05528341a330141fdf88167

SHA512
bf1a8b6ca5dd24e77ad8e1a3456afd71c8540caa68d0d11c8df3fc29f3c7f4e0994f9cda09dc89ce77116bd588d55a6624d093b81b21678af7b5ac40d8644921

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\DragonFruit.OnionFruit.Windows.exe

Filesize
198KB

MD5
12838fbf9587069172e4cbe74af100bc

SHA1
6fcc862d2b5e5083c223b049a47f48d4295e9fb6

SHA256
1aa4fa9f6465089ad97ed6e403b950ddaffdfcdbcda53dbaaaee5c32b2bf8d87

SHA512
5ee6376b4227a60fc14f597fdab44255405989bcdc4add786e07c53b9357b5470501fb2d9c703cd5b4849633e0f6e885994ebb3e8fb0aa25ba327be31794b8b3

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Bia.Countries.dll

Filesize
53KB

MD5
7b43794ae7f1804bd27183ee8950e854

SHA1
22c77c89670403ec5e8addc268fad2db101df248

SHA256
942957123bc67a725b902e9006e97066a818779f9c8df406bd50a81ec8c8050c

SHA512
8b55492846b006ef21d4d352839cf94c16bab13251a3d4a0a1c49d98872263c4728c15342a0e99be59ccb8bad84b91b5df550a56095dccd09d3af93f96c9cc1d

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.Data.Serializers.Newtonsoft.dll

Filesize
14KB

MD5
fc4dfefe522d9e8f51228081bc279faa

SHA1
8d2d137db1c2313f0ed03a886937a77995345127

SHA256
54e4ded3ea250ba6162ba49f578d9a71201a583d11e8053ce29398a59ff60e0c

SHA512
adc2f70c95d8026fc0850cc7b742a6f6aade835d579d196f0d4aca185f1e773c60cc9762b4c1a978eb1e53aa086f233b6482a9bf39d824789c47134fbabfb389

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.Data.dll

Filesize
44KB

MD5
12c22f106363714359262c1df175a0e2

SHA1
4ce99ded8f8759a78d492a290de6526b5a6497ed

SHA256
1b352598e351d72ca2b9f65041e6f48c4a97ebc6e2e86d50e96b057eef25c79b

SHA512
08b448a38706e71f75335031628acfe48dba31fa34cbf03dd661d89fe108e10fd5bbfe8f68c10a70e56a3376b0a37df02ded278711bb26af79a1197367deaa49

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe

Filesize
926KB

MD5
93ac9e94a2f6fb44020549f0b7e61121

SHA1
87259beaf1b601245dbf76c95ef86c37492a4c0a

SHA256
5d06e61db8be07ec380af985b86dbc71ecc839609df2a73036f3d21b579214e5

SHA512
4cb251e852ecfe2a9b3a9be65dea87b2b70d0a47eafb42200eef8f03266037bc795ce58a616654f09c9e7ee1b26938b5d3bca7b18f941c51f530bbdad992a80e

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\DragonFruit.OnionFruit.Windows.exe.config

Filesize
2KB

MD5
d4235b9486a5f68c46ebdf85096bf153

SHA1
49da60e8bf2a5d27c255cb1a67b61702d66b665a

SHA256
4b153d87dd79d10f79a93eaa59a0c3bfccdb501bf600a7aa029c7d02fa595cab

SHA512
2fc02b153ff8311f0b6163de73575c475b2e6c9caa3c2314c409892fed0f0ab679622436c533a95ea4794e3ceedfb3c6f88e9c16e50630ca3d18dc4263777956

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Nito.AsyncEx.Coordination.dll

Filesize
47KB

MD5
4c073f91d17b0177aa062289890ffcda

SHA1
ab61b5de4a9a08204fc6df8ce16422b27b95aa48

SHA256
72ab93cde382d42fef57852352f8b7e46d924a64a95ee8b588ace837bad4bfa5

SHA512
32aee3435e79b79c2ddedf3e6f794d33aed7934dd7776b0755dbba78d78842e9a0c67077808060dc55186cf5f8202598ca24ab4de017786ac5120a5585236957

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Nito.Collections.Deque.dll

Filesize
23KB

MD5
07c45cc3b22008c8a099a8b8afc9ce70

SHA1
e5b8a8f000f5064d308137db5ce155a9b6591215

SHA256
61d82019c43211a101949c07510144193e7fa23bad575666ef95a95e30c4bdf2

SHA512
7cc7034468c5193e6a21a1f05c9d409a54b6afed7c4e533351513292d1fb565369610d715848cf6ea2d811e8c976b13a3ce74557aa2160959f3655de7b93e5b4

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.Patterns.Aggregation.dll

Filesize
97KB

MD5
f3e1c7a6cd29a8fcac9589f76a7a5676

SHA1
1d65266ea5b7a5b10ee0ac5961c1e681fd868f12

SHA256
cd64c36539fd7c9b82e92f38b957029c00e363a46bd42ba3dbfcc2b9bd21d680

SHA512
6a84846f2bc7bedc2e7a3bc1d1430443ccb0eaf60022e13abfa7e010e38adffa56e9aa2db7fcf5409a52fa200f42cfc8f7a508f9e3ef3c31a6e4f0c180cf134b

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.Patterns.Common.dll

Filesize
402KB

MD5
a19f6b9fb4356c68bc0d0d8c92b09dd0

SHA1
faf70d474576d46e65e52464de94a8da9cd4da94

SHA256
44c9092b5958dc354db8532004f58eb81c567babec5746509a1447caa8314856

SHA512
4c0494377d2debd8785ab29fbfbd4eff670fd3844ff176c4e4d26ff361a7fb6159760035bb41b96b716c1dd34b1ea4f705610efe92b6bb366485ad4ceaea17af

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.Patterns.Model.dll

Filesize
235KB

MD5
404c448304e4a4f2fa4ba589e32e6761

SHA1
1947840048c43e68f4e96f7b6a7115e2f151ec8f

SHA256
dcc8c2cf7afc1794f31e5aabffeaaa790d4273a6a5e1de6ca94b4cc17ff2b73e

SHA512
a2d212bff94037e2952f5c883adb0c832a6e64ca6737d8ff91900b6dc0fc1d470f6e977e2e1141591fa5d50a686da23715375c04eaf090692966202c8b825ac9

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.Patterns.Threading.dll

Filesize
198KB

MD5
299047f28320baabca32e71ce469a2d5

SHA1
b468802eab5ec66880f26907716a568ef1fe1dd9

SHA256
a2d63c81d3f0a84df700a49fc147bd9be3171b8e940c1adfe6c447420c990a09

SHA512
024e3841230b8b6a90ec43f6c5a127d82da803f4569f5238fe70e0174f0cf710b4a3e3f69dd959a3d667d4072617ca7411730f71aeb1603cd11b492640ce6d0a

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.Patterns.Xaml.dll

Filesize
83KB

MD5
0795ab62effa14800a0115cb5198e92b

SHA1
614be3050f3a160cfcff9f2f221c4638445e3245

SHA256
03e44c435c841e7208f368229ee4fad5ce31408dad97e9969e6c47661b5873ab

SHA512
4959fdc35a00797e8726e143762e078ab78e4b44cfa9a712f7b1dc8445bd5e30c41c3cf611fe360cd2100d79408ba7cbe84e0777f242fc2fe5ff3342d1a09f2b

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\PostSharp.dll

Filesize
243KB

MD5
ed96a9ee841a1c5ae2914d0e53341ad3

SHA1
f6a822431fd95d40bfab6cf192a122b49eb0293a

SHA256
bb1940a496ab918c15a000f847ae1c48cf9fff5e0d59ce95258986cd9c90db37

SHA512
b600ef0645db6441f9bea7b0b7889b79363e9e8ee9e2d145d5f487fc34ac1a5e0a107e3e2b44f70392c51a53a7c02e82d0b12b45d764c13af0e2488b89b1e4fb

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\SquirrelLib.dll

Filesize
444KB

MD5
21c0352ccda999a7372c78ff86107261

SHA1
c3f5d209f5103944fd99d608ede1365e97d3a18e

SHA256
9ba6ed4b5dffe9216223806e7f47ea4a260b871416f7c419f1534e5133841af9

SHA512
6cd3a7c5acd3c2e8dac4ac978b3fac36618a09a62095e5589e40377c76ec7bf3a81e6f8f63f6e4efc380ec17d5177d1e459ad50c70b620e724fb98b7f83a058c

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\System.Memory.dll

Filesize
138KB

MD5
f09441a1ee47fb3e6571a3a448e05baf

SHA1
3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde

SHA256
bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f

SHA512
0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\System.Text.Json.dll

Filesize
627KB

MD5
63f1d0b53ce47b0ac3216281c8bcaf24

SHA1
090cb7392ed07a94d237b5aa2175689faaf49b7b

SHA256
de069c408673e62b098d6e37e64fc2308f02f3f16cb45e051c08b52fe2d104fb

SHA512
386294e2602642204ec02ff514d3064ddb7ccc6f56e955176b09b23bece87fbf29c12a532e13b77a918842b05b171fde6b4d48c7f6567928d9337a3883fef521

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\System.Threading.Tasks.Extensions.dll

Filesize
25KB

MD5
e1e9d7d46e5cd9525c5927dc98d9ecc7

SHA1
2242627282f9e07e37b274ea36fac2d3cd9c9110

SHA256
4f81ffd0dc7204db75afc35ea4291769b07c440592f28894260eea76626a23c6

SHA512
da7ab8c0100e7d074f0e680b28d241940733860dfbdc5b8c78428b76e807f27e44d1c5ec95ee80c0b5098e8c5d5da4d48bce86800164f9734a05035220c3ff11

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Telerik.Windows.Controls.Navigation.dll

Filesize
6.7MB

MD5
f650faee77fa524619b5b4f830dc9c67

SHA1
7f9b33340bad4a123feea26515b41f234cdaf022

SHA256
456a605d4b6c74d05a0e81b3fe83b413438cadb472ce2f47731b0077c9bc849a

SHA512
a7eb302321bef7d39ef5125f0d09f9b1cf65bbc5538f45e78cc87899c8585cec1ff52230c02dc86401d959694ee3e2e411451e4af4295cd4c5df3fa97fb22c3f

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app-2023.1223.0\Telerik.Windows.Controls.dll

Filesize
8.4MB

MD5
47e694cc3a04253b97403371e53ccde2

SHA1
9cf9f87105f019a2cc9e35699452c75359639b18

SHA256
dc0c79cd95bac75a55c8600bb56b143c4a154c2a907d2180c0e67063c60834c5

SHA512
2c13ab76f5b13367585035737b0bb9d66857fbcc4baad8873e958dcf97f1c51435b97f12d50d1f0bc4c7afe90dbd814b5946c5335b4ea15f46a93bda552f7587

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\app.ico

Filesize
22KB

MD5
5b323233cb9ec621b7db78655840a355

SHA1
edaa5b08ce9b287299a3eac6cbbe50e1ea1c3051

SHA256
944b6c80554ae7915d33c0a59462c0d0e0c0c5bae1bfd5c16c41781f0a9253bc

SHA512
3424e7958b5e703806b15ada86b700b0a8dce3bcf5385c3fc13360d810854cecd9187ef704ae2535c80c5f15f0e3fdf526f6ca55983eaab5a03a4a75f64da592

Download Submit
C:\Users\Admin\AppData\Local\OnionFruitConnect\packages\RELEASES

Filesize
93B

MD5
02812cfd3dd68b49477a3434a1304214

SHA1
659387fbf473f54bae2ddf1fbd47168f512c80aa

SHA256
9fc715011925afafb816121e30f89f2b3a9bf828f4a5f1e08991f490c8259b97

SHA512
edf8863fbf0edb30ba9e98816f4512d14a78bcfd37869820e75ada3072e2dbafbb6fc96fb2bdb8a51e8b32a77bb4f442e8e4433ea55b5fc8b730d6a504f03821

Download Submit
C:\Users\Admin\AppData\Local\Temp\TmpA652.tmp

Filesize
1KB

MD5
13fde298da8116d63da5dc4121354a3c

SHA1
754866938c7a8c5d4084bdf484923a38aa4e68e5

SHA256
43304b672a1e2b4148b232b0da50f8746bce14dde4039e1539a184dbc57b6513

SHA512
8860e4b872272c515d5e1eac9ea6e73113614a11ba6208e1b989276a16446fcd834caaf92304fc15b07c53731734a1d1687c53065b3fff01f0dff4eeee4dc842

Download Submit
C:\Users\Admin\AppData\Local\Temp\squ7F03.tmp.exe

Filesize
11.4MB

MD5
d77be02741a6c6979670066bf84219f5

SHA1
70c1d41e4b44e6cd336334bc1389a4a4ed038c87

SHA256
6c2d9542dc1daa6d0e5ab7a978bcd827abba54dead199563d4ae185bd9df0691

SHA512
975cf6ee58d8b4c94ea7398cbccdfcf3427d275bf06db2f8f4a84a0f9f4a28526d82dcbb078642b1b97dcc395e2da5c584e83229c623d03867a6d4b43b0d03b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\squ7F04.tmp.nupkg

Filesize
30.5MB

MD5
61f823be58363ebfe9aef2fd5b36ead6

SHA1
17d22a1100145b6df6fb322ca6fab7cce741511e

SHA256
539a4139cc11fc6583c474db75814aca7d3c82244e20e9e3f812d3583e0281b7

SHA512
28975b93efb91434335a97022009b8cbd6341d20602bc713a51da5f1222f8ad67c4b9c5bd07c8b8ce8ee9bc3a4819106e1d01653258ec231845cb5b9890794b6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
d5cd6b3e267b75ccd326bae181ba3094

SHA1
a530fc87b18cd26c2b7fddec4105b0bdfb770440

SHA256
b060bd46aa7bb3fbbab43565d2636acf9910edba25cc10453176d146ee0c5c39

SHA512
657665746ebd3c672f14379766d914842b09633c23c48889a8a6bc8556c3065596757d9e28a311a07099afcadd3fa6e45b965acbb1f085895f18d12adfc3612f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
e16ac535ae8a8b5b500245fdf5490ba7

SHA1
aabdb69f1516bc7b2256674c20bf1bb49ec2752e

SHA256
39fb1d32e943700617ae30ebfcb6bc796822156feb173701a5bfa6396675f1b0

SHA512
ef845502318411dbd3ea303ab999f54e2c48bc6391c0b6ab98983e0bc922f3ddf8a0334f8bf1e40a776c5871c809a2e05f813ccc3e34c06213c24157fccad854

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\0f2abc56-495b-4b27-8510-a963dfd065be

Filesize
25KB

MD5
d914a0621c2f9b91227e115bfe209764

SHA1
c1644668f2c57b25781158035cde106df3e7e82a

SHA256
e7344630a2f87f460ea1fe561510da6ab07b169ffa9c6483c7ccf1d7e58af1d6

SHA512
4318f9a51a58e534571b0990c0f56430a94a59d5045744a801088f2af92152f7f366f8da47084d6695c560eecd96c25544013f1725127312f0810567cffe8752

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\8ee3496b-cae5-443f-b869-6b48b8a85a3f

Filesize
982B

MD5
aa5959f0978e537c7fd61a73f0f7a91e

SHA1
6b8222f8d524a4da2a7d3cfe36fc806594ba4e1c

SHA256
4428073d4bdd6229eaae020787213a979bbb019f3d1120bf2567cda7076c5358

SHA512
e9e14e17ab0a90038b35c8718863dc8b093300361fb02cc894f21c04ce8b583e9f922205b71093ffa644ece8c49e9b321f052c9d95aaad1cac8931228d4a8cd6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\datareporting\glean\pending_pings\a986dc94-9d0f-4cb8-b73b-8375aea462dd

Filesize
671B

MD5
6e9be73822bf82ac11e1c986b88d742d

SHA1
e9230614281c21424bc3211b8b0d2e9988a98b1d

SHA256
6357f64a18abae87469a892e279c788248cc9c500c50cc67439738058bd4480f

SHA512
31ac3a672988bb2aa3d2b8192bbc9b0a21e7bc848ff580d7b9075daf658abd15167e126da80228b0a2f6e26fdd0cb30a5a7420a25de8942aa369c75f1530fd73

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\prefs.js

Filesize
10KB

MD5
0a43b2ce0a2a69ad947fb65c295ca5b6

SHA1
7e122067f705a17fe22002d8963deaf6884b1cbc

SHA256
d8a371abc6c3a3118338fd126be22b46f00cbfb59c1e3b049eb25fc88a5339c4

SHA512
ba054c5e884be6930d780bb8371de2dc958b65a4681a915de455435859c9cca6eff03d86417f11f0d82699f26970d49685291d07b7f14fac1e0a152711027729

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\prefs.js

Filesize
11KB

MD5
7ea480ea0b54b670dff55223265b4f05

SHA1
f2d85e4a23ddae1290181014683dbe9ce32e3b6a

SHA256
2bfd460a855c0cda9e4d8e1a606af57aa6e8c48c97c5195a13374a2fcd299c1a

SHA512
952ff8994384dc06000c3bdcdb9f71f26d7226eea1660b134917ffda05abafc2cc8a968f0d2aa8a3a9d916aef9c142e8c04e6a4ef1bc8ad039f6ef1d81df1fdf

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\r5m741b5.default-release\prefs.js

Filesize
11KB

MD5
ef650ca29629fd4dd48c44dd512d5fb7

SHA1
1a3c3c9c2c01259ad0b45925416d000c9fe75224

SHA256
8de7d4b7667c4c8dcb9a47af68c9e6edf093ccdf2b59d90f622d81d15d226ad1

SHA512
6fdfb9d394e56f2174e7b9e9f8a9385829d7d0bb3158d74e5f8af29939d7ba8e2ff6e72d5e801931a0673dbc2388e851f59c0caced6caedce4ee1e5b945be701

Download Submit
C:\Users\Admin\AppData\Roaming\tor\cached-certs

Filesize
18KB

MD5
1d95d519febc1555bf86bc4f41070edb

SHA1
52e10e301947a71dcdc0ec3e870500d566883471

SHA256
6f2a99890480e99a7da146d9f094b09afa0d9b8baa1682205eedc04e90c0fd6d

SHA512
fdf9cb28712011d26662225b153a09bc7926294349df621dfe5c90ae273e8cbab6ac4f6944973cdce288c8a99f78520637425d4669df783f428ea111af0b7139

Download Submit
C:\Users\Admin\AppData\Roaming\tor\cached-microdesc-consensus

Filesize
2.8MB

MD5
3f3242afc5f20921cc5be14ae89c1252

SHA1
3765e20c5261aa6b7867e0f0738cf3fc66bb0a25

SHA256
97b1d5fd6420f0c43efa33489499e9cca5f704c20dd4952942fab79dde9cc760

SHA512
519fce7697691469ea43e3ad0040f5fd93fdb8f73813c3394a80afb922b6848571d4f59ff9fdaaede372a71d81a6745ce6add12089962f3fc64ce91c73bdf89e

Download Submit
C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new

Filesize
5.0MB

MD5
0411679e315fd7ceb29adebb65a82260

SHA1
a96975e9c11c4a40d19ec39af73ce7004266e7f1

SHA256
7b063d002bbdf92e5e6011cdc8fe2282a0d5bed431a2a89688f408afc2a8ec32

SHA512
21b6a1abdb22459421f8bc6e6214500d26d4614d10404cca5ac3dd766e6653e886fa8b9f0a1ba35a24ca550b56c88b8c20aaa7ef0c96d3b68715d55174b612df

Download Submit
memory/1264-231-0x0000000005CC0000-0x0000000005CD0000-memory.dmp

Filesize
64KB

Download
memory/1264-199-0x0000000005B10000-0x0000000005B52000-memory.dmp

Filesize
264KB

Download
memory/1264-265-0x0000000074710000-0x0000000074EC1000-memory.dmp

Filesize
7.7MB

Download
memory/1264-256-0x00000000060E0000-0x0000000006154000-memory.dmp

Filesize
464KB

Download
memory/1264-248-0x0000000005ED0000-0x0000000005F70000-memory.dmp

Filesize
640KB

Download
memory/1264-183-0x000000007471E000-0x000000007471F000-memory.dmp

Filesize
4KB

Download
memory/1264-185-0x00000000009A0000-0x0000000000A8C000-memory.dmp

Filesize
944KB

Download
memory/1264-186-0x0000000005490000-0x00000000054F2000-memory.dmp

Filesize
392KB

Download
memory/1264-187-0x0000000074710000-0x0000000074EC1000-memory.dmp

Filesize
7.7MB

Download
memory/1264-191-0x0000000005550000-0x0000000005590000-memory.dmp

Filesize
256KB

Download
memory/1264-259-0x0000000006090000-0x00000000060A2000-memory.dmp

Filesize
72KB

Download
memory/1264-223-0x0000000005C80000-0x0000000005C9C000-memory.dmp

Filesize
112KB

Download
memory/1264-195-0x0000000005AA0000-0x0000000005B08000-memory.dmp

Filesize
416KB

Download
memory/1264-240-0x0000000005D10000-0x0000000005D18000-memory.dmp

Filesize
32KB

Download
memory/1264-207-0x00000000067E0000-0x0000000006E8E000-memory.dmp

Filesize
6.7MB

Download
memory/1264-227-0x0000000005CB0000-0x0000000005CC0000-memory.dmp

Filesize
64KB

Download
memory/1264-244-0x0000000005D20000-0x0000000005D2A000-memory.dmp

Filesize
40KB

Download
memory/1264-219-0x0000000005C60000-0x0000000005C7A000-memory.dmp

Filesize
104KB

Download
memory/1264-232-0x0000000005CF0000-0x0000000005D0A000-memory.dmp

Filesize
104KB

Download
memory/1264-236-0x0000000005CE0000-0x0000000005CEA000-memory.dmp

Filesize
40KB

Download
memory/1264-215-0x0000000005C20000-0x0000000005C56000-memory.dmp

Filesize
216KB

Download
memory/1264-211-0x0000000006E90000-0x0000000007708000-memory.dmp

Filesize
8.5MB

Download
memory/1264-203-0x0000000005B80000-0x0000000005B92000-memory.dmp

Filesize
72KB

Download
memory/1264-252-0x0000000005E60000-0x0000000005E86000-memory.dmp

Filesize
152KB

Download
memory/2268-5-0x0000000000C23000-0x0000000000C24000-memory.dmp

Filesize
4KB

Download
memory/2296-335-0x00007FF826540000-0x00007FF826633000-memory.dmp

Filesize
972KB

Download
memory/2296-337-0x00007FF82B6D0000-0x00007FF82B77F000-memory.dmp

Filesize
700KB

Download
memory/2296-336-0x00007FF829660000-0x00007FF829691000-memory.dmp

Filesize
196KB

Download
memory/2296-334-0x00007FF827DB0000-0x00007FF827DC8000-memory.dmp

Filesize
96KB

Download
memory/2296-333-0x00007FF823A80000-0x00007FF823D00000-memory.dmp

Filesize
2.5MB

Download
memory/3288-319-0x000000000D540000-0x000000000DA6C000-memory.dmp

Filesize
5.2MB

Download
memory/3288-288-0x0000000005C80000-0x0000000005C92000-memory.dmp

Filesize
72KB

Download
memory/3288-320-0x000000000BED0000-0x000000000BF46000-memory.dmp

Filesize
472KB

Download
memory/3288-289-0x00000000072E0000-0x0000000007346000-memory.dmp

Filesize
408KB

Download
memory/3288-317-0x000000000C890000-0x000000000C8B2000-memory.dmp

Filesize
136KB

Download
memory/3288-315-0x000000000BC70000-0x000000000BD02000-memory.dmp

Filesize
584KB

Download
memory/3288-280-0x0000000005880000-0x00000000058AA000-memory.dmp

Filesize
168KB

Download
memory/3288-322-0x0000000007220000-0x0000000007236000-memory.dmp

Filesize
88KB

Download
memory/3288-323-0x0000000008CA0000-0x0000000008CBA000-memory.dmp

Filesize
104KB

Download
memory/3288-281-0x00000000056B0000-0x00000000056B8000-memory.dmp

Filesize
32KB

Download
memory/3288-324-0x000000000E3A0000-0x000000000ECCC000-memory.dmp

Filesize
9.2MB

Download
memory/3288-314-0x000000000CA60000-0x000000000D006000-memory.dmp

Filesize
5.6MB

Download
memory/3288-325-0x000000000C6B0000-0x000000000C76A000-memory.dmp

Filesize
744KB

Download
memory/3288-282-0x00000000059B0000-0x0000000005A06000-memory.dmp

Filesize
344KB

Download
memory/3288-326-0x000000000DA70000-0x000000000DE32000-memory.dmp

Filesize
3.8MB

Download
memory/3288-328-0x0000000005D40000-0x0000000005D50000-memory.dmp

Filesize
64KB

Download
memory/3288-286-0x0000000005C30000-0x0000000005C3A000-memory.dmp

Filesize
40KB

Download
memory/3288-321-0x0000000007650000-0x0000000007682000-memory.dmp

Filesize
200KB

Download
memory/3288-301-0x0000000007BE0000-0x0000000007BEA000-memory.dmp

Filesize
40KB

Download
memory/3288-292-0x0000000007D80000-0x0000000007D8A000-memory.dmp

Filesize
40KB

Download
memory/3288-300-0x000000000BD10000-0x000000000BDC2000-memory.dmp

Filesize
712KB

Download
memory/3288-291-0x0000000007A00000-0x0000000007A08000-memory.dmp

Filesize
32KB

Download
memory/3288-299-0x000000000B750000-0x000000000B77E000-memory.dmp

Filesize
184KB

Download
memory/3288-290-0x0000000007690000-0x00000000079E7000-memory.dmp

Filesize
3.3MB

Download
memory/3288-298-0x0000000008FF0000-0x0000000008FFE000-memory.dmp

Filesize
56KB

Download
memory/3288-287-0x0000000007240000-0x00000000072DA000-memory.dmp

Filesize
616KB

Download
memory/3288-283-0x00000000058B0000-0x00000000058C0000-memory.dmp

Filesize
64KB

Download
memory/3288-297-0x000000000B640000-0x000000000B678000-memory.dmp

Filesize
224KB

Download
memory/3288-2082-0x00000000009C0000-0x00000000009C8000-memory.dmp

Filesize
32KB

Download
memory/3288-296-0x0000000008F70000-0x0000000008F78000-memory.dmp

Filesize
32KB

Download
memory/3288-295-0x00000000083B0000-0x00000000083B8000-memory.dmp

Filesize
32KB

Download
memory/3288-284-0x00000000058C0000-0x00000000058C8000-memory.dmp

Filesize
32KB

Download
memory/3288-294-0x00000000083D0000-0x0000000008452000-memory.dmp

Filesize
520KB

Download
memory/3288-285-0x0000000005990000-0x000000000599E000-memory.dmp

Filesize
56KB

Download
memory/3288-293-0x0000000007DE0000-0x0000000007DE8000-memory.dmp

Filesize
32KB

Download