64dfd7686cc8baf549649a947b2999083ca90ba56c51f769021ce85b67433d40

Analysis

max time kernel
260s
max time network
299s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
01-10-2024 09:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OEBPS/Prov9789132163562Pojkenirandigpyjamas-1.html
Size

1KB
MD5

254c35b24d3a266e6b9f7ff7fe084a86
SHA1

15b541e90d619e7108cc8e1f84cfc091a07736c6
SHA256

3a54c7d553c23ea71d50515358d52f2cad326b99412eddb63406ad2df2da5af5
SHA512

52cb8042678f6a9d25e7ee860d17cd6f3693a10247d5d2291e23294b2ac3846d916042cc560108bea5c7baffd529bd77989c81f82255c1c42c3af3b3e00a7188

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
3212	msedge.exe
3212	msedge.exe
4704	msedge.exe
4704	msedge.exe
4984	identity_helper.exe
4984	identity_helper.exe
3728	msedge.exe
3728	msedge.exe
436	msedge.exe
436	msedge.exe
436	msedge.exe
436	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe
4704	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4704 wrote to memory of 5836	4704	msedge.exe	78
PID 4704 wrote to memory of 5836	4704	msedge.exe	78
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 5072	4704	msedge.exe	79
PID 4704 wrote to memory of 3212	4704	msedge.exe	80
PID 4704 wrote to memory of 3212	4704	msedge.exe	80
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81
PID 4704 wrote to memory of 1700	4704	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\OEBPS\Prov9789132163562Pojkenirandigpyjamas-1.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd702e3cb8,0x7ffd702e3cc8,0x7ffd702e3cd8
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:5072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1712 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:6128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
  2⤵
  PID:1004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1828,11488594728411949797,15107081655205001505,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5384 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3624

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3e681bda746d695b173a54033103efa8

SHA1
ae07be487e65914bb068174b99660fb8deb11a1d

SHA256
fee5f7377e5ca213c1d8d7827b788723d0dd2538e7ce3f35581fc613fde834c2

SHA512
0f4381c769d4ae18ff3ac93fd97e8d879043b8ec825611db27f08bd44c08babc1710672c3f93435a61e40db1ccbf5b74c6363aaaf5f4a7fc95a6a7786d1aced8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
9f081a02d8bbd5d800828ed8c769f5d9

SHA1
978d807096b7e7a4962a001b7bba6b2e77ce419a

SHA256
a7645e1b16115e9afec86efa139d35d5fecc6c5c7c59174c9901b4213b1fae0e

SHA512
7f3045f276f5bd8d3c65a23592419c3b98f1311c214c8e54a4dfe09122a08afb08ab7967b49bd413bc748ce6363658640bc87958d5e0a78974680a8f9beadf44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3f6bad79-efbd-4be0-bd02-8c0af769fbba.tmp

Filesize
1KB

MD5
d0c69842e8e69eb80b5372acdb273726

SHA1
4d7ad9d6561faedc6733b45f0f0d7384b1a06ee7

SHA256
73e9e67b4319a746816fd5ec338dec20cc3462405d89ca4fad66c11a41b17406

SHA512
02e9d6b90b9fd0a0c0726d89302f79978cd4fffef73570992195cffba4ae35d65c4904f8e183e5aa7d5b402f00a650b311ec8fa5930a96a5f37435e6880aab39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
70KB

MD5
4308671e9d218f479c8810d2c04ea6c6

SHA1
dd3686818bc62f93c6ab0190ed611031f97fdfcf

SHA256
5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a

SHA512
5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
27KB

MD5
4aa91eccee3d15287b8f2a01e4254255

SHA1
d89f8203934a66b5741256aee086c04f966cc6d7

SHA256
79c601189597c9c5691b763f0ec6fdc9ec8339eea80e49713f76e9fe9199a7d7

SHA512
46424f50d444aebf1dc3a93607b3a374d3e7e988137e291cd8ec28211d05a687d0b6214b45d6dbfd27608728df6b34138504e3343e6bbfd6e1c0af98199179e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

Filesize
42KB

MD5
9c8711499627177440d1bb4e49946533

SHA1
7f3c664780a67a495d4865e3d56aac3c113ee778

SHA256
d6db44a1174d1106a574b61ff74135c0303b968aade398acd950cf46ff77de9e

SHA512
76e8343c6b5b6eb6b2ab6fb458c182af3141176df81fadabc6fb02f65d133d8afef5eba011fcf66709b24b79b6052738077c0969fa063784a8fb83d7c5c50458

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
46KB

MD5
727adbffeb6b37513febdf0b57010d78

SHA1
c564a168db1cd9e3ab3fed2204accd42ec4c6bfe

SHA256
a122df7ba1067b60020cb6522a65e072abdef724fef20fb86cccebf0e905369a

SHA512
4ebb8e1909262330bc6fe99e49fde8a21d82be4be455565b03dee8bc49b7e83d17458cda0ac47ad86a42eaecf6cc396d3a201c2fe99c26dec9314f607f4dc7f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
e8467d9ae6c3fbc7d0bddde1b5ceeace

SHA1
d5974c73b391b431fb6ade8dd784bace4875407d

SHA256
a7cddf65bb552fcf4bc463619a4035b2f63aadd31030bc815bda6cda501a319b

SHA512
d87e4efc597585c6a19073edfec316ca90c1bb30ec3bcfce54c5f0d16e2018248304b528e48f36605c9bf17b47a5c2694fb13c78aa5f29e5bdaeaf2a42f47d3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
8801f44b3890989d40e7ce0ec2f9781d

SHA1
a33302aa771cba4be06671d9d5f42769d8e7ffc8

SHA256
ba69bbe27ced7b635c9a20cf7972f3e57240261d57147e78adcbd99831a9891b

SHA512
79a525a1b3043ef521fc42d19f2243f69d811044743177242d845a34cbd5496cb7da86e986f38ef7ba30e820c807f27d0b4505e38386c999a9d41d19662de5cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
ba1301c784fbef95db18bcb48612a679

SHA1
ca352f543647321767da8a3b4829d3ae9b16fd87

SHA256
1ddb8a6660cc13222774162823ea0099a54253f1616a2a50ce11c3a6c464ae85

SHA512
26da1c79c548d7066d3a6a1657e5544cf8bd3a3dfb5223afa4a78fab34ff8b7f2e2b25ecb581dae33c4e029ac7645ca18bdf7938224f6931de8c5bd7cd7d00f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
cdbd22f0c2521abbadb41f4369d3bbba

SHA1
f0613d5fed9ee1c2095c01adb81852feeab8158b

SHA256
2aa9358f60363f567a8999c326e3e635dc0cb0feacbc211d6835c9b07ab1ad24

SHA512
8cb76a09f755fbaeaaa7e371f461cca6a111c5ec58eb2e65b92c727527ea64167bd42a78a5fad44019033bdbf90333e4c90d23d205c239c6c47cecda3b22cb4c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
9c2e3261d1a75998d303d7cd2083378e

SHA1
ae73172ec7d71cb5882a8c5c63c12240f691d41a

SHA256
26199bb553ac7d3e50768136cd0d1b3681d308d7fb9d00829833694a0151177b

SHA512
f4c963d70bca224c9fb62d87b6df8404da01bd815596ef7a01f4d14c507144a1892cef02740abd16586ef8f9e90e9c6be4f52b34f866bacf3dd950f504fc92e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
fde5683b396e51f7fab89e6c0984236c

SHA1
8f11ff2c3e2028c1190d151657cb251e53f9c691

SHA256
c2bb0518ce991f232e69042c7bae302ebc2e30ccdeed299fdfd903ba475be47e

SHA512
720983fe549f7ec1f16b9356f1edd07163a724fabdb81cbecd13ad6bb69e752ff76da0899916e06afe56fa7537e1528aa6169fc28eea3b53afe474ba57357be1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ee0c7ee1c7712e74e7803198b2c704e4

SHA1
3ded679b8582cb781d6bf3c9198dcb71f231df86

SHA256
a6262ea82667fd6876a11c6b492ab2506c76d5194357f744c3099616ba8682d3

SHA512
fd124dee435aafcf440ac125be0d56ab60e0362f1ff7fec43d5dcb34e2081132a39b1c07c9a141f5c9916ff7b7e86d56d2bd74758692c1c0925968381dd71b29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f567688f2fbfc09e4605e6d8a5f1b6d0

SHA1
82cd5d1eccdb9edf45dd1978ec07b1c66646fbf3

SHA256
98dd6ea2bfa6dc22c5fb7b0a545304ce72f57c77facd45d10fda54d63892f6f7

SHA512
e48e8cbb8150179a454143775dba797803a7263cdef98116e3eac8855bcc29297f4adaf3a35d95a53e39b3502a472cc5278ab6efe973f8ccc12037f3c6d5a85c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d81f8a212708a06db1d885ec2be10caa

SHA1
c1d2617f38c321c611df11cfe48a0f7a53838ab2

SHA256
170f1df80bcf990c49d7578a28cd3b51a11f3667e277c9167858d41ab7b9c0da

SHA512
0c8065451545dd550a8fd29b0510b9285daa3c917f88fa545e3d56a30a9f55466fdcd5ac189bb2d9c7f1a536f87fa142c10b2ec7248a814057320aeaf88939a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2e9a5c63ef8058836eb5eccb79fc88e7

SHA1
778bc38aeb0f068cc2b572d050061b8f9201c3bd

SHA256
cdd695daaae0b5f78e0837d1154a6709a89e2d4d05bf0f367f230d7b1ed30cab

SHA512
9857be530eafcbd3c3d2f4d3998c3306679d022cc8b7544ac8f8ffb4ab7afb56b5a7381e7a0b1382c9b26ca89b7ac48d5d519230a15029a1fdd8cf439ea9d993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
e974586055de19a8f1917d6509af6397

SHA1
73b7e2fda6626cbb4bcf37bd2ecc6ff283e884d4

SHA256
4f9803148e6f14761a70979a89c660edaa485d96e82eaf02f7365d0543c8e023

SHA512
1be364a30b833a090b509ee645e3a1de085d93dfb6a1fcc0a7b99fb040d1cc57a9789e2d2cefe97d8ff47dc849ce89ac19982ad5992df4f0b486f1f824cc506d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8e097bd7f6b08cac129a63a03c7c064d

SHA1
b1ddeb73770c230af6348e05dd27a02ea8928e51

SHA256
8853bd1f072d00bc8801a3b8d59ce0d4db277b6ce136c90852491a7e737b9986

SHA512
7e02aaf1daa62d131cb12dbf132893c474349386b777079a95938be08db078ae861e1ad93dcbac2c9458a61204ac4d74a2de70b9604e86de1705d8a93e8e6cc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
598ac1336834a1cadd10d05db395bb91

SHA1
44f042bb61c1a19d2c2a31d2a11bdade66bf6bb4

SHA256
d8a65c5eb9a572b619e8471938c7394039a437970d70adc48f37f4ca3489ed2c

SHA512
014d73a5b012bb1b64d98d3c5381c2fd3d876ac3acf5c9fcaaa498531ae9903ccb2b1d60c2c01312ba3579b416b775cbee7b77e5de3523f698412a0db6d2043f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ae6bf2237bab623b2a2ee31516021961cb9a6dae\77d4262c-9c8b-427f-833b-7885a8e67ebc\index-dir\the-real-index

Filesize
1KB

MD5
48dd10d579ca7bad531e91ab537c0d7f

SHA1
992b89e484d0a14b17e7c758d4b8904f79cd2cd6

SHA256
2baa7964c25999293b1c47bbe2c315a553d035a3003f75d9b2891eaac0f4a782

SHA512
27cd9ae4c34ed36327b92756e0339b09dc6188bd9cd04a12d0a2fba21454733793186621af6bfd19abaeaded02317dc68907f6296529eb48a8177e50648a1271

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ae6bf2237bab623b2a2ee31516021961cb9a6dae\77d4262c-9c8b-427f-833b-7885a8e67ebc\index-dir\the-real-index~RFe58b5be.TMP

Filesize
48B

MD5
a72fa092deb547c45c072990be489276

SHA1
fc05ad6164445487cfb2bfab3a379dbb5734dc31

SHA256
97ae2e2fa302865234ee0c79b3b0a5cfa2f6c6f59ad29d964a33edf2b5caa01e

SHA512
00f8526dc1d653bade92f185b8c2571a66f455322e134534facc13d5f8959c7ede5aaf7726c8c570f2bf655e943f5ea04148a39ccfbf69cf1a450306e24a3057

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ae6bf2237bab623b2a2ee31516021961cb9a6dae\index.txt

Filesize
122B

MD5
3c59fa13409290feab35f03387c98a57

SHA1
96dc00569a9ddc8bcb898e2d2da34ff37b0fd743

SHA256
69388bf8c874361061bd0fb252ca355ebd71cd2ae4881c229889ae966ceaa405

SHA512
4fffea9164d2bb59fa5b5e6ba22d50bae293c704c56cba76554ecfe9f16e47354860db22262a01225d6c479008ec5ab943f55f4ce11f2c8ec0c1518858865d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\ae6bf2237bab623b2a2ee31516021961cb9a6dae\index.txt

Filesize
118B

MD5
dd057c7cdcec6ebffc8340bafa0e6df9

SHA1
37a76603a59ada50d22c17067c30724de4aa5117

SHA256
9e820475a2d1ab47739a61605850ac815b622d89aa9c52cf2fc6d95d62dd6e82

SHA512
83664985042ae22d45f5cc9f5cb7feed764f9097aecf5379a33286fc6aeaf9ce9c863bc4cdec1c3ccc4b1d27f93900e58260e6ee177dbb693107790077f7a0ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9d7f4c1c3b4f81f3222119de1cbd2296

SHA1
1472afebd79569b2504af2134671828f0b6ca9d1

SHA256
d7cb0417cd62d3b61a0977265d8629819ad0f387d07a4b2226436ee881fb758a

SHA512
30eca71bd3cda295817bb3ab8f6cacc6fe51f7bf105a89075becb08bf423334d34faea6322db5dad84c603efafbc0eb4e3bb56a74e01ecd0c7d29641ff992bf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58a9d7.TMP

Filesize
48B

MD5
db3be677b77b0cf8af0f6e244ccad32b

SHA1
64b30c1c49affafccb1790d7003b29ab573d5126

SHA256
849ae03046188ce43948d75eeb5f6c56c0447d30be123f5778d6aa0925a5464f

SHA512
44b2f9d5bdeb7df64cfe29cbd6667f8dae01ab09afb50975da5e34883b6b0d27c0fc40265e385e1c53e95dcac07c275bd0c3fb41d9e54110cbf20b004ce8d326

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e603deab79159632b4ede4c3082a9359

SHA1
5d979b801b594d7ca9534293050bc424195a8726

SHA256
9cc993558e7f8913329c6a118c1679eeb96a899e956942436bce799c64944c92

SHA512
25ada873d4121aa2dd4ef19eadec189672756574de1abbe4868c3eba9c07e55c99877051a477b58c6317c3724797b1d7406b6db64ea21f0ed108021dab2c4a2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
58f6e138f413d6d0354dfce1111890cd

SHA1
be4812454b72d01ed15ef8491998be4a0587290e

SHA256
10604a94eb48e104befa26a1a7f75354a6e3fbbc7fddcb163af48d9f72e0e763

SHA512
7b70e2115e06406a01d596fbc44b10a7f8fde1f20c3b48613e0f61b2aca1e423dfe721172dac1b9a11117a92d83f9266006ed9313ba562dfe93670857caf97bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5e16b7af49c80600e7d3da612a33227a

SHA1
7754a05a449ea2035cb6a503f1d8868672fe5330

SHA256
4de91f69b62072c349a3ee4e1282d96f3a474d81235b978366d7263d79766208

SHA512
63683d9aca1de2b6ae19d527573fa8e2280fcf8a47321102105c84add22c2e44f3d1b748b6db540877f0e28dbe412710a1f6a2c7f947862dd562766921e02f91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585109.TMP

Filesize
538B

MD5
929209f2cc83d1872ce54816ec2ed515

SHA1
202d35427c5af5636a73d45c03ac4d0cdb59156a

SHA256
f6e2c973c37e61f485a1759475a4c4a6daaba321cf0f02ce1334417c5ea10515

SHA512
3de54bf19fff4eb0789231fb34ffe4f86b906c12d9c4c29a30c9b491b5771af9a1c92deeb90810fa70611b60ebc5f59f485c01d410b91163bb14b62d963c13c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a5e5a59630f47ec84b82cd894b6f3855

SHA1
4759c095f95f7400f5d59ad7bd90828fa1520c36

SHA256
88135d1effd3ad07fb6b021144a78dde20531055f8283dad8929faff9c2c87fc

SHA512
86bf3370c3936ae00d23cf57eaff3f54f1dca6f54b49c5491f7bcd4e9e9ed98f31001b6d395c0c747a093a72f05095f295f90a4f98b29e8cd738a4f2a47e4b9a

Download Submit