hxxp://dobreprogramy[.]pl

Analysis

max time kernel
1800s
max time network
1783s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
30/09/2024, 15:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

http://dobreprogramy.pl

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2028	msedge.exe
2028	msedge.exe
4652	msedge.exe
4652	msedge.exe
372	identity_helper.exe
372	identity_helper.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe
3980	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe
4652	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4652 wrote to memory of 3736	4652	msedge.exe	82
PID 4652 wrote to memory of 3736	4652	msedge.exe	82
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 540	4652	msedge.exe	83
PID 4652 wrote to memory of 2028	4652	msedge.exe	84
PID 4652 wrote to memory of 2028	4652	msedge.exe	84
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85
PID 4652 wrote to memory of 3484	4652	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://dobreprogramy.pl
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd70fd46f8,0x7ffd70fd4708,0x7ffd70fd4718
  2⤵
  PID:3736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2280 /prefetch:2
  2⤵
  PID:540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2640 /prefetch:8
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4884 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6400 /prefetch:8
  2⤵
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6400 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6396 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:4904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,14797524113140828521,4227370050816123240,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1312 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3980

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4356

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x4fc
1⤵
PID:3056

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
eeaa8087eba2f63f31e599f6a7b46ef4

SHA1
f639519deee0766a39cfe258d2ac48e3a9d5ac03

SHA256
50fe80c9435f601c30517d10f6a8a0ca6ff8ca2add7584df377371b5a5dbe2d9

SHA512
eaabfad92c84f422267615c55a863af12823c5e791bdcb30cabe17f72025e07df7383cf6cf0f08e28aa18a31c2aac5985cf5281a403e22fbcc1fb5e61c49fc3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b9569e123772ae290f9bac07e0d31748

SHA1
5806ed9b301d4178a959b26d7b7ccf2c0abc6741

SHA256
20ab88e23fb88186b82047cd0d6dc3cfa23422e4fd2b8f3c8437546a2a842c2b

SHA512
cfad8ce716ac815b37e8cc0e30141bfb3ca7f0d4ef101289bddcf6ed3c579bc34d369f2ec2f2dab98707843015633988eb97f1e911728031dd897750b8587795

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
977d11794dc05edf2bbd83fc6dc2243d

SHA1
2020dffc837e2efa32a5af7a6d1d64f559853954

SHA256
1d4b1c53c6360f70dc281ceabc683258ea27b4fb276817b3d53fb2cd173e94d7

SHA512
4f8b832b4095473480e47db803fc740da27360997da883970251311ee9573bc5ed60de648b6f80edeed22912a96bd239b2fdd523ab5b2943353c9a3a6c19c8d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.dobreprogramy.pl_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
832B

MD5
6afc56f88465930661a9792c447c87a1

SHA1
9255be562469f67dc2ec32d1ef5b72360e5b6b51

SHA256
2eeec8ea01edaea087d1cadd5505cbea0ae0e2a7397a3c70e5f13ce311128f86

SHA512
e783b0bb8bb84d1fa6042c76166b84bbb44798724616cda46f82d2a4ebb6b8f01672d0e16de926b08ff5fee586b9cadbfee56c3c53ee1b2590dbfc6925fbfce4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a7a9925bf04603da06df40a07cd00582

SHA1
ba9690dbbb68b03349bf5c9f9138556eba875208

SHA256
cf53307153251a2c3cabd6409f7e316842b5fdb3f3393623b9d71db04a7d78c2

SHA512
6dec021aebe508d014076e604ecd8dea21a08ec0d6d96a266a51b4c12d181af758ffe56b442a02c1ea9e03e07088c19115df614096666ef6f785b100a43af748

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b07850c9192d6bcedffd2fbcb617caf8

SHA1
7c95d703ede751c8d68d60f52e81ec79417cda5e

SHA256
d19296be654f53371581b72e8d06511f6047d06f2bf481077795c24cbb3dc5f2

SHA512
97e953c844f1685a16882f2f4ff9b42782ecb0ce319d2e70439cae43a6fde6c739bea4a3c56e2d6464de21a8ea6f71283bbef8f2da381751760a9d4081f84b90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fe88ab6004dfd221c903dadea38c7148c89dac45\d1416335-e792-43ab-b8a7-b8048360cfde\index-dir\the-real-index

Filesize
96B

MD5
ea18f02139c1766d6ab06f9f73311a1b

SHA1
f1242f23b554efdba0561b9ff206953de527c01d

SHA256
d3b23442ac6a8d23402e3a3d9cec66fd5403c4ef2003426498866deb078499b4

SHA512
9264879288bca7872a4faf5453165511bd9e48333d88b38351b8a65aa7e4b1f05611b4d0f8729a1bb5023a8311597dce4558025efe8345a7ad591515789f59be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fe88ab6004dfd221c903dadea38c7148c89dac45\d1416335-e792-43ab-b8a7-b8048360cfde\index-dir\the-real-index~RFe57e83d.TMP

Filesize
48B

MD5
0ddd6d9addf39dc12dbedd938bd8213e

SHA1
5fe80361ce2f7c0b3468ed7562ce2d603ed4b54d

SHA256
8b3141988cee138fcc3df3794ffc454f0de39c768e7725695719b608d81752b8

SHA512
1bf49b5c3742984aad3452a6043d54c2c560ab55b7c953cf2641d007ac73258a3aa4c2594821af44af7686e201b41783a98e0b53d87397ee7b81408a015c2a64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fe88ab6004dfd221c903dadea38c7148c89dac45\index.txt

Filesize
112B

MD5
0afeb6338fc8dd37f2ce9787fda036c1

SHA1
50ebbd9f34c70e224edc548b7db2d93702d1c568

SHA256
6a3727dedc9e94d19b768eca0371434a7e429c041961bd1288356ff2b9bc81b1

SHA512
153070c8de11d6b25c45f930ab97c99d2a8dba930250d6cec6ec282a12d14e54701b9ab8fba7e2b7ba7f157882ae667d6e825c70b794b35e859b17c1ccfb993d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fe88ab6004dfd221c903dadea38c7148c89dac45\index.txt

Filesize
173B

MD5
ec3f847c3371c5e03edd4e17430fb4f2

SHA1
ad2679775a967d789be28a99059b63c6982b8cc6

SHA256
18a2d8ea49e9e5f55a4516752114e8407b13acdfc88b2e9ffb540ab912d78da2

SHA512
a279b3f313831de41b60471da87eeffbedbbefb6eda659d03ae9265271936c16f379b77fab8aa2c133a14adcfe2569a1e5af18a05ce124ffd5bee44f959d98be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\fe88ab6004dfd221c903dadea38c7148c89dac45\index.txt

Filesize
168B

MD5
02b68c96fe23969c5f587d08529e1985

SHA1
fc36caef22c0d64e8559e1c000bb65e6889eda92

SHA256
204620da844daf6cd80fd37a106565ac6072e21275ec997f9b1fc4ddb9f70207

SHA512
ee04e47b4c1d7b12a540204a2042c6c3174a5919c0ed84de5f2c81cdd16175168df0cf16a397fe24fc82b5c80a80d22d63601d64bc21c847188cf55fa6ec5af7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0

Filesize
7KB

MD5
62bd61bb59798fb695771c73e2539a1c

SHA1
e16b77040562e8576abed2385937ea104f64e020

SHA256
1e6d87ae4c73ca52e2caea23998174cb8a39f5caa1f98137c310e1ff9e280d55

SHA512
452477955d84ae18b09e32d1276091e48f3f47f457bb3f80051e43c26e8fdc448cec1fe2990f1cc01ee089e7fca345a8da9d19473b3987484694311ba59ea939

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_1

Filesize
20KB

MD5
d11b655af9e125a906cbe02739065da8

SHA1
f27080963023d8e60d54eeb2fa5f1a1c55b7d8a1

SHA256
77ac4e9e00c01d594a1894ecabefa2713adf8d674da1bf67c8a99d7d638e4e04

SHA512
31b20990a7ed36c121e18610fb7dabee92c2f172b47432d9d80664938fc5934638baa41745e77833b8c3adcc20144c0f9659d40e61e77d5bbbc4bde0802a3bbc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\297ecea5cebb5dfe_0

Filesize
4KB

MD5
87d738a1d7684e8c70257b45e88e2776

SHA1
254d20d55712f387328fb9f0e8320dd406069f0c

SHA256
78fb6b7389858e83afa6d6be4997db91e3fb9b32a2b371e9b37bb637cd5a85e2

SHA512
df300abac1c17acc3126145e55f959d51a63bf17f3e04276aa7932120b2e21614554dbb0412ef8f9ca80e01481fcb553150e716e8fe9727e40a9a6b6dc829270

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\297ecea5cebb5dfe_1

Filesize
10KB

MD5
d38312672753785e78f864f1e8d0c73c

SHA1
bec9647586b60074eb221d4ff94f6155e51729b4

SHA256
788a96a71196acd80c7b41db87d818f3888915281ad36a59cf8971c9654903ce

SHA512
166c2dc21437fad6056ba04527f81a50b71ed8ed6b1543b16364225a7cc2541e76d1ebdc8c36f8bf7ab331a60cc1cf7c3eb951241c6af022bdcb1a91c82c2432

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
6KB

MD5
2b2b23507290d0263ef9cc7ae1d5abb8

SHA1
f283aedc2819494dced0ce8fa19bde14a63ae1ec

SHA256
2d11743e6ef6c2d6e43d54424ee3cc84d5770725892aede8f8ea25e1d4412c40

SHA512
fe06a27a385637539f3a9166d802c4486a92507b93428ebf62e17722c63de17e30601b06894d9dd8b1939c286b16131ae418d5f1e13901c159f3288381c20c41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
5KB

MD5
431401abd52f3799911a49604172f9b7

SHA1
145f3cc529b3fe4d651e8bbeb8c8afe26e919c98

SHA256
e52cd6c919365dd8bc7bab2fe518980e5db8b9c5fb1b37cf681bd8583691c034

SHA512
30a73a08f17f43519dda993e410488adf2ab4de81b735ba9e50ad4d6193562b14e4a2de31f4519e3d0656ac3b945d7be950b2d4c2bf002417e48622631d14a34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
2KB

MD5
d19b69849e1faf6082330b6d221ce5d8

SHA1
e03f1b3e452884869d98c4b5622ec3501ec82bab

SHA256
76a740a9a59da7fbb4431767aa65e1d1f627eba830adff39a11dec207ba9bc01

SHA512
e0b7ea72412b796542fe4747db231c7ba0d6511307bf99604c6d3f6c6961e644b28bf00fcee394a4c14b012859b2b18607062e73ba4b47731c98cd7f86450338

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
3KB

MD5
9a78b137be92a7e2fce9913082fd367b

SHA1
5eaee5165da1e75223e0472186b40918bd0d1df5

SHA256
287ae7116546ffc7a7db8789b44fd3e7c0d6fc2c8a90048b48198916b2844f77

SHA512
fb76805046afde94913329d5d2ac74718d6525ebbb531194ce07d58d108c765e47f2e4b7f621f133a12091d1df672f7e721026a1625a20d5506373552a943786

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

Filesize
7KB

MD5
59ce96fb86fe5545ca2c45ce9f30ec79

SHA1
b3e4a5cc699fdab113bad47cc7c17b76af49a06f

SHA256
907d544e66067e3258996a001612451c34aa7d2dd604219b044c97483f62e0c1

SHA512
bdd028714f8a92e4d9f8c466d7aa205f5d4059f16949f8ff512bcf8c38ad9e92be6b35c44c4ce99dbb6fbd8ed9df0a32eb8b6026a257d87862042c1e1a446588

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\67a473248953641b_1

Filesize
21KB

MD5
9cdcdd1b06b9ef413571e389f29e101f

SHA1
dff09eeefdf0b683ed8533a845751acdb7948f9c

SHA256
4e3686b4efd0c76e3660b4b8d48a22c74ad1b24edfdf91501dcb73ac0793ae96

SHA512
be544dea2310f0e62d46a12f59fc94f275465ff609a18a52e2115c06825cddeb87d5aad12535441798d1cb005dd410dc477204b32255b57e23ff1c90ed76d565

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

Filesize
4KB

MD5
c234479886f0177befb732d5afaed16c

SHA1
561987fe2d0b71de75ef08b5db16e4d4bc729f18

SHA256
97c8ee44e16af3acfa9fdfc10145dbc53d4eeb2126828e6d8fac7398abd24899

SHA512
3c5b03471474fd60bc2f819b42024a9330da51111d021082082512b30d44de5d30ae5591d68d90db9690c59ff3c22c1c452906c3f90bfefbc0049f23d5d03a17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_1

Filesize
10KB

MD5
7490679c6d633fec3bc69c88bd88b02b

SHA1
d0947853fe32ed900cc3fbb388dfd421b3b10b91

SHA256
03010c79ce5ff929966af250bfe373a8a341fd804ba7024e973af27ec9581956

SHA512
7218f8c27610ce3aea9aaf8da6f1bd4c614b2841501d31880db969fb24975957fc8b2e8c4a934cef8f8d5b1e8023e73f76c0e78221d2e52ce219462f8e658bd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
1KB

MD5
b665648aca1ae0ee06d3c0dde895221d

SHA1
2ae9232799337fe757bfd6dac227623b8333c8e4

SHA256
8b1df6b3f464feaf885c62d47d8cbba403c014b8f5e28d2fe0b7c2bedb12fc4a

SHA512
e4b0dbaf2f51fa23fc0eb031b67645ac0044a5752040b6cf6f62ac994c44803f2e17d37a181b3eef9e1fed34d8dd9e81835089ea7734b60414e7269d5aedbd11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

Filesize
2KB

MD5
3677fae987879081fe8b928035cd11c5

SHA1
bf0aef6c86d6012343c2861233a4884a881f4112

SHA256
13893d9f58be61b457d6c914581852cf0875acd93b54d6d3ef2db638953b5194

SHA512
c8167eb9823808c10b49df4af946fba1d1e8da2bf0b11491620899b66ab61b0269a90a28221ea62ed0febc165d91f9c50b98abaf2e371b4f29c8c99400b0e756

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

Filesize
4KB

MD5
8f5f11aa715fea19e355ccb058096963

SHA1
7849965174ee8193cbf861c635c8bbcb4b961ecd

SHA256
67ef96f574c79f506f1c1cca85876a38030596b281907d3fa10b166fa8807ccc

SHA512
3462fc4eaff4f29c059da923c4207d57acd498b5b81705bb848d24bbe9b90038682933cc09d9ae2564d041fbb44d0018187156ea72009a48ae30a565a9991329

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_0

Filesize
6KB

MD5
8aee568c8b9c533cd7b7b464b8d3a1c4

SHA1
94a0e430932118f91a3531acacc557bab1b59783

SHA256
2c336fc5c92202563e8f33139a03b1fd545ebe9541beaa477a109164c5ac61b5

SHA512
5457b6f4b251edba4d67ec6c2c59ba3b589170189b6377e9d240359eb107385a59156059b8be8554e367e52fa1bcee78e55d810270e9f9afe5f46f9dd74e190f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_1

Filesize
21KB

MD5
5a110de6a16a1b408e66f45bb1f47ab8

SHA1
af103a40ccbf1e0be8f1e12364271348a8139f37

SHA256
a73053181ea2019dae391ead9ca7c7fa1701cf58edd0439198b1d4211668a9e2

SHA512
92895345ce7ce632b34b3563141cec6448271428bc72d9d472e71ffd845cd34c38707a5152cbf14885b7fa2cb595631e009c6d732d0c3fc595d8d95ef6c88523

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
264B

MD5
f9be5ed345ae5a17afc87954bf090c2e

SHA1
e0c50fd5938e42e23c2bc3b460243c5ee08a5f6b

SHA256
6ba4becb64e8d1e5296339b3e2592e38da872241aa918e4cad7645804dad3847

SHA512
984b5a78a54415f323253bf1c38916225008c6a7e51e42db7d57c50a88a09403f4664ea0ba1c89011293c303a387991ae5cbd6185ea5c2ce346537568c2aebc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e60a.TMP

Filesize
48B

MD5
2041c109ccb258f845626ad21b188793

SHA1
48d63252fcf542ae3dbf3773b974f7134ec59471

SHA256
0091e8fd7d539597964e87d2a219041bb8f95ce50c550fed0956d1946c4cc5ee

SHA512
b94a1164d19cab55505c9401a15c4ce5a91f506375c9d43b81590152861ac0654db9fa661603824fd7796718a37a210803fc1f24b4ad1c37287123980ca007d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a668e536fa854d22955822c7a6e3b0f0

SHA1
4c72b418804c9eb2362e888ec692b7fe422eefa9

SHA256
0f7a628d8eaeec429005818bd51a874528be34039bd2083d29878313ad1cfe34

SHA512
6f18168c7f5f954f180435d1e90639661546d263cad854186470d851a31e57a9522fce0dff8b8825788779b74b30392c5a41647ed2494951732c076ed9d70ab0

Download Submit