hxxp://google[.]com

Analysis

max time kernel
1680s
max time network
1793s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
02-10-2024 17:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2440	msedge.exe
2440	msedge.exe
2448	msedge.exe
2448	msedge.exe
1600	identity_helper.exe
1600	identity_helper.exe
2172	msedge.exe
2172	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe
3776	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 50 IoCs

pid	Process
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe
2448	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2448 wrote to memory of 1512	2448	msedge.exe	79
PID 2448 wrote to memory of 1512	2448	msedge.exe	79
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 4980	2448	msedge.exe	80
PID 2448 wrote to memory of 2440	2448	msedge.exe	81
PID 2448 wrote to memory of 2440	2448	msedge.exe	81
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82
PID 2448 wrote to memory of 3516	2448	msedge.exe	82

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffbec733cb8,0x7ffbec733cc8,0x7ffbec733cd8
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:4768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1740 /prefetch:8
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:2908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
  2⤵
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
  2⤵
  PID:1428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1320 /prefetch:1
  2⤵
  PID:2376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:3796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7600 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
  2⤵
  PID:332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8084 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8660 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
  2⤵
  PID:680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1
  2⤵
  PID:108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7376 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8328 /prefetch:1
  2⤵
  PID:5528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8444 /prefetch:1
  2⤵
  PID:5672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8316 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1676 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
  2⤵
  PID:456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9328 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9104 /prefetch:1
  2⤵
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9232 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9268 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9360 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:5168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
  2⤵
  PID:5324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,7078908113017659391,13215195901400385318,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1
  2⤵
  PID:5332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2780

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4844

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004DC
1⤵
PID:2204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1780

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3768

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
821390a1e1ff4ad6960df94873813b80

SHA1
b9d015d332ff98e4f668800a24d64974a4ca3415

SHA256
33a84fc46efad6857f103ae272af5bf58be964fa9f681b010ffe8e1acbb05bf9

SHA512
f4ba4631fdf5315a96f7097edfec1a81a8b0cd09ce40b5dfed95b2461f4256e1185e117ecc4ad18cbc873517f778e67d14cd345b46e83f990d8309961c9a1b6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
db1dacae9540e883ae83489b18cfc326

SHA1
ec3b68e635d8ce3bdafe258bca5187536d43065b

SHA256
3427a8a3b4868bd25a231ee8fe0ebada0b3474f2d8dc0fdd01a8931a8700a37f

SHA512
2e40df3bd1a045c69173f1a169b7080163de8f62a44d41d46c28f1643943657c532caa72f65b44a2175f976fdfd3d8328d989e011730aa851aecbcf02dde4a95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
04aa3f476e468ef3c0866e8dedd8f6e4

SHA1
1e9fa8fd586c03447a4c5b4cee261900e9f464ae

SHA256
87b74207d65f6745b38a19dce13336ee839fb4d7929fce446c3d1177aa80c42a

SHA512
7d860bbe9c847ea0b60f210860d865f1e936aa2210a6f9aa87e9fd72f992a022ecb9a1827212eb9b97dd7798540770f55c67362714d90d0bfd080ad1e5e7aaa8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6f38f12a-8598-4356-b5b8-cd932fc5e588.tmp

Filesize
706B

MD5
e095fd857e7f1c1bff0fa1b592650cf5

SHA1
84722d3c7c10a79e6565c6db7dd23a997862c2f8

SHA256
4d557b8d233484bb01e5257131d1c0206ca979a1df4e22b224999993e3475c8a

SHA512
8f80c87bdf240597809751417ab8a1bb9fbeb89bfb0b00e7240e0c1f8004e63041c02ac36518ee9d76ba8ec5bc7e5030bb5625472d0357f9835953be83212397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\906fe083-74e6-41f9-a411-8e4296300d5b.tmp

Filesize
7KB

MD5
18eb9ffadb159b4df9b926712cf48caa

SHA1
8fa3884b74c066ac2e790e5e0b74a93ca728586c

SHA256
b814ff2de31825585e7c18b1c633340cdc49ecd74950dfbbb5a35afa5b0a96e0

SHA512
e53b19ae9f664553fc683a12da9da9e1e42f76bcd791675138f0617d0355998691d47ede683f735fb6faa1b0c08f329542e4a1733872132fa0d468270778179e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
70KB

MD5
4308671e9d218f479c8810d2c04ea6c6

SHA1
dd3686818bc62f93c6ab0190ed611031f97fdfcf

SHA256
5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a

SHA512
5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
27KB

MD5
4aa91eccee3d15287b8f2a01e4254255

SHA1
d89f8203934a66b5741256aee086c04f966cc6d7

SHA256
79c601189597c9c5691b763f0ec6fdc9ec8339eea80e49713f76e9fe9199a7d7

SHA512
46424f50d444aebf1dc3a93607b3a374d3e7e988137e291cd8ec28211d05a687d0b6214b45d6dbfd27608728df6b34138504e3343e6bbfd6e1c0af98199179e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
63KB

MD5
a5cc79fbd666432c461daec09604f082

SHA1
9a3df93d85aca657c5c8b60f9b4063128319647e

SHA256
9a7f91177674363a59d898f41192d993f0dab2ce2c93a180b6d1042ea4b9e279

SHA512
f93ebbb16738cae18477a0bd833098abee3a77880b8623ae2a462ee8e209487045121700e013dd0da1c7c3f5c9f24a56f02a5cba837df4ac1f33c9f6e3522c62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

Filesize
1024KB

MD5
6ba429084ebe5daa4baca2a655c47e61

SHA1
8ca44b4795947af5ac2dfec3d53d97c3535f7cc3

SHA256
d1e489df08e52c35a3318934b30abc6abcceebf02feec24be84154aa86fd8752

SHA512
cd417b28b729419c07aad76b5afac328dfedac663d14cf9e0aec77572acec4fc315f4efe2ac9be5d25dcabebe14a4fd6754ce3816fee3a131ed7ac2ca6e07cf4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f

Filesize
1024KB

MD5
4ebb574285295e36e2f2cec480e0859a

SHA1
0d9e4b2c318410f57362412bc7260861cc3aa5a5

SHA256
93bf0f35b65a0e3e2c7f51a1cdc32b886c74aee3c7dbf2b97983835abbc776da

SHA512
a7d52485a063ac519a3ba6f068ef76adc4c4b191ba39ad2c788c53272358643b87bf145d0613eb50c5277f186467962a800cd7033cb793c1be4619eb44c1f384

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

Filesize
20KB

MD5
d1811b567e915d3da37564caa7aff971

SHA1
9cee91abb4e67bcf6b5df28b38a3f784ba190d91

SHA256
7654ba161ffc92ff2a33cc5dd321fe5151f5cde4995c517f51fc8325a28af70e

SHA512
94d6d8878a016b6260896873548f707ea7d6533785e847cccb78b779aa3f520d9a5e670752884654f4be815bd29ff3bf2fc37291d5cbaa7a9421c77edb2aa452

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

Filesize
45KB

MD5
c7ffd0e600c0c45188d6e73f09263617

SHA1
0733a66445392b90cd8413c00f7d8d45297e454f

SHA256
a3a31216cbf33fca3103e0a485e9c958f9330d4c2ae9704fd3378472be84c671

SHA512
72ee3373cac8da6306836e051d41563462d0277a0fe7a8150e40415056ac07c1af39a0dbd3a87b69284bcf851308ec2900339d882d311e7447a4c739dddc84f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

Filesize
46KB

MD5
b33a9dcaa9abb7bfc366c09cc3e49323

SHA1
c570712b4bcf616962c06125484f6c9d66ab204b

SHA256
8f09b49d4c783017dd4b6a22748c49c5528cb0cc855a17c2d76f430c4ceeb4d5

SHA512
4e9b8a5920bd04165fc206751bda1326601c2a63ab805d14c7530b018a8c09c334e8e10dcef392365d9bec890a695cca1d2d243df165e00ba848611a15a63aa4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078

Filesize
49KB

MD5
295eed0b58b4165e8440b87cac50985f

SHA1
20611a3756255eaf96482346507d7d25d3ba3b6d

SHA256
9ec04231ce850e859c7d3a433b5b878979ad2c925f170c10826a55ea4dca9fe3

SHA512
6c3017c7aee55f83a6ce6dc34d2ea783f2d70835d8383d553a455fc0f0ec562549b548d4c6557fe184bb1ee56fa5ddf7e5b21580e55a276f89376fd57d1b28a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079

Filesize
31KB

MD5
0b03a932ad3935d4a825eb9c2d9e13a9

SHA1
3a748b1dd5aed66a69c4278e2282510148c772e3

SHA256
40a9bc5542b44d3db3b0fa72fab416aec7698678b4ed6b2ac90dcbae4b3575ee

SHA512
3dd99005ab8887018b5587121f0b4068e552dd9b24a1ae755e03413684b9fd9f921ff5c921cca21eca5d1bc3c81ec42f5f13647e54e4724c26cf12be2b05dc3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

Filesize
51KB

MD5
74c51c74d22c48eb0c2761ef1544902c

SHA1
cbfb235945ee5adeebade27075955c865070efef

SHA256
cdb7becc9dc5d019225b4ed73727cb76f826787d2c8b8686bd14d7323d94e7b9

SHA512
cbba216b8ed992e9bef5900100656e884c714f415ec2a3e4c62d6039c2b245168fc82bf8d9b182e7a7f3150645b7bbe8d400d9ca68ac3e453ef3b6845e4b9ff6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084

Filesize
148KB

MD5
73ab6c9b0608f8dae6619d39524665ac

SHA1
ed7fad2ace01757ca13616a4bd14176960c9e85b

SHA256
b937bf7deda9a9fb136c71b7292f7552eeefa53fa773dbc414ae291b9f0fe9c5

SHA512
980847394774930dfef4607a452aa5c69252dc3d7dae38f04f723f4e0fc6e297a1a9231542e140e9e7049d3e8a148f8907f2a8ce36d6fc698f9754e981ba1222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087

Filesize
136KB

MD5
37ba8443b6731b18b13cfdbd712752f1

SHA1
61c868a9e1d235abb5865d23e752d58b5a14df46

SHA256
b98706b36edfb954d14f04dfe7fe1d828b0bdeeb0908f645345b341808a52e4c

SHA512
de2909186261dd029a4b095761bbfd39e7ff560a5c866deb5be9ec92a9d7fbc4387a65852fe6801d64c95d763a6cc3a26c88702a7980fc39dbf2886e464a203c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088

Filesize
110KB

MD5
4ea59ed719e4ab9a0122c8ead482af8c

SHA1
d03b928d1e50497f40170a89a105f89a53433397

SHA256
faeccaac526a8ec55dfce028eca801ff8d8d2a4d447d230a9744a53c7f7c2096

SHA512
84e0d3bd27673f905f4d7418732684995b55fa710af58893743cd662601e22f5d734877a796614e408b0d2c69995e3eb25012fcb56f3fcbbc284157252657402

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

Filesize
99KB

MD5
bfd7d8bf2f06a6e4081778b888e3cdda

SHA1
9a1e5b013de8802d6d541be3470773c84496d52e

SHA256
f78cff5d194718a4958915a94369ac2c40f8fd7e87df0b7eb49812f1aed8ae19

SHA512
f15ce2a61efa55fd2f718fe8bcc193ff91eca644e4b3468538c19922452fec9a81203f07765811ccc1869422167e4a723ecf5535d95e4079f7752ee9e9f3996d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090

Filesize
20KB

MD5
27a28a17041207e45e9c0c4e32944d75

SHA1
85e68e6f78201775603ff8eb89d406b8ee87f482

SHA256
f14154c32ebea98298065d61749f8ddd7c5acb94e3f85c79c2f16fd0dc12823f

SHA512
a6c21cba9096b299385e7486624474d9777ed116094203125e1deeceb4222b8b12d566165d3f3dc317b1789fa2f00f1083c9f919b679e145039b66cca964c345

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7cb11ef784be021a2e5fa794f587c0e9

SHA1
0b3fb397417338f34ff1ee6e97e3014f0e205da9

SHA256
5682703c948bdc0c9b08a9388441dec8561772239471ec90cc735901eaadc16f

SHA512
9fc167d078aa3fc239be249f33a952c1999beb3bee74ffc7623b5e31deaddf7b86837b3d37bff47338d886c1da36e67a0f59af4d7ba5311057a34dc1e2805d1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
cb8d2c1786b85fceb1fc19132da09dd2

SHA1
9eeeeba1ca5d773d5ac77c97a91623ef68dc3ff0

SHA256
1f550e119a77bee708c04999ce0ae5dff6d5bca993d924a5b854e1b26b6c405b

SHA512
21b20aeabab90f9672f1da653573593fa4cdf90e1e16f93c26a46f5baae4326a7cb15d76d615647b25d8666804dee4c0f84d46abfc14d3fccbbbe58be66776e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
10d7705fd4771ad7006c99917a31595f

SHA1
a1aef896b5c09cf7775a89cdedb12f544a2d4238

SHA256
b4342f38c56c8fd917f59f935b5d295676554bb88bde38fbc82acb2528d6af3b

SHA512
961d2f99203ecdcd26e9409c7fd5f6222ef743390f5eebe00e6dcea41022d9ec197f3322d6379c51572171d3ad2466f0dfe4d269cabc99022511fe72fadce725

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
dc668e09e4a19a5aa8ae8a0299135886

SHA1
82377802fc869d3ed7efcc84616901e4f5fa6178

SHA256
e03b34c4d8f2aa88b05e06ff21f2118d75393c56b8a779b6c7db6af3d287357a

SHA512
5fd8a2157fa3b20e214cfe24be6862e73c4204ab7bd98b2217fdad9c264742e4887c15510eaba9b920af9a022c2b83ca89483da8f0eca987dea6d76beb86561e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
24554a6aa74d9e1608baecb2837a8267

SHA1
b3927c982b91ab43e6b37acd646c50f1a5abf9ac

SHA256
79bdd72fb90426e519525f0f462a02d50d861bc947c8bd77fa692c251ebc3104

SHA512
b952968a1cbbb180946cc1788480968aed85435ab5e1662fa3e3449691daf29884d2bf650ef1dfd71d3197f52b615b2e5e1c7d7a8b1e8d7ab3f40101f7a440d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
8857b3dcb15106d4ee19ed3a3a54e5b4

SHA1
726f3c5580f226c570a32c4e2966bb7abc48a525

SHA256
315f8e4b26061f4b1c00d706067dbe00df025991eaee105064ff1a63d5e4a86a

SHA512
6c9c428a79dc922e2630f38653d1721ad21fa94fa9834196667864e045b71e1117d230703b04a793f5e01ed2966e68cac4c1a00b7f570a705097908ed7249f8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
e13e1ed85fe19ceeb387e6551dd96fe2

SHA1
b0f294ec5bb2a9fd69a2686100ded986017d67c9

SHA256
0074026de2f95bb5cd04c570143c24f07f3ad60b5f422b455cca1d87d0c46581

SHA512
436c44e1d77292bb9b36b13ad22e520bf85929b6f1ce01de9fa90003f21dcfa774eb3bc6fef29f4e40caa39f451711aedbbb66a7587b272189c0f9cbb62d87ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
23ed28069849c9b0bb2a6858840c28e3

SHA1
a580da06c801d482a054eb48bbd614c2bfabce73

SHA256
e0f40a420b1682eb01cc4ddb72b24b57fdaab2ba0050777bf717c1b9b05cb9bc

SHA512
9d77e5fd81574a783f10e950e8347735d9e49d90a82a649392e4ab53540b1addd764f579d9655a420984e8bb7dd5cb95a1c8845d9d72c85da7507c23cadf7177

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8d6986670df7e32cf3c3e8365a621789

SHA1
02e3f685c9bba5cc419d748ee715d3e931a0698e

SHA256
016d80a28ac2c288e6fa2614d8256cca70bcc88c3edd0a277d8afe75fb87e1db

SHA512
fce40969075d761656c9d01a80fe78b494191b2d2528aa6697cb5a9618d2b4ebc816ea475fa4293ea70340e8b7beeca55ffea7036e7b93953e8420f5dccf883d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2950f8ca676ba7bfd767623f98b8ecc3

SHA1
46801dc1ceef6602eaaa074c6a0cf9b2f72b0cd6

SHA256
5cdf129234f101bb5f2e2c08492f4eae102cca8e51e629db784366c30f6b9975

SHA512
4f16871ec20bc969f8aca8e776bca9f9cc9c4f8223bbb87cead376c00fe5ca26fdc69292425c71c8bc7639d0a11f6f6d2a1820f937b202b4b931d2a9ff51893c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
61220d881b96ef3f48d545d154fa52a7

SHA1
30fc9af14ec17ef9e927d5f46973b71c01aa0967

SHA256
5eef5477481114780600907972c2c297f98b77fe5116ca41e17772a3856f4698

SHA512
70a07ee5bb0c0bfac9216bda4a0d18aa9c161af9c7f9f474a79e5fdf2dd81bb0ab25179dcda7a87c173de260e5d5cd974846e20d4a2dd5059ea977ade9f400e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
c101c39015b61bedf18e057339455167

SHA1
c679f4c1bd8f58612a58665d2cdca8b3f476db8b

SHA256
7e96f162d11c18f10ba200edb8893991b98fb3ebcfaa31eb74c788b3e6df2adf

SHA512
86a21cb8dc62319978625b0590757d38556335a4877e5c37642e5e9224b63bf5a2c280614107a25043d1f7a55050938dc8193d8fc0be07d6a8abf97d9208993e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
1d54df58d9c4f179047a646b39780b5f

SHA1
0bf13ee441d8990d2416ba531e2fe953aad867dc

SHA256
e15c46f0621ae1afe3b5943b36a21885a046310c595c3953895d4de46178fc1f

SHA512
cf7be453c2bbb05b7d533e62e460b0dd4c242e73c9856a2c1b814bb5d6e157c2ae346541d6e7e8c980890969a2a42e58fb2e76f5d558f277a0f06116015d916a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0b96668a7e5a72251d3b56fc2b4b2a07

SHA1
44df9057d5df095867c55795c40505ad01eaf707

SHA256
93ee9aa2231dff45b78bcf96f27c4687d5fc30a4edc761ecefcb65624cca7e06

SHA512
a3d176c32cdbb3e384594b6721902161a1563252279218799a57b09cdf5c37819dbc0a3c804f5aba434b6dcb6b181e0f8c960d27856dd844345cd13872413ea0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
12487796a797f63d720f7bdc89bf38ec

SHA1
7b9ae89e00ce7424529ae125b5f26140a3c3cf8d

SHA256
75de7026a782ec4e65122ed41738747071118d0313dcbcd791415f587b3bf069

SHA512
54d0d54988a1dbdb6d20ee7794134f752fc1d0fcaa62c474fcb72ac251ee700dddfdb88e526d0edd95414e08ae5a2e267204f3ce530ab78210d0a129f4449150

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
52293b815e48496cff7f692d108357b0

SHA1
197c8994ba324d9ce525c348adef1829004e33ea

SHA256
24bd0657d7fb482e1a223cff34fbce2af897914843fea425fd59281d21503dca

SHA512
072b35086428d0a2cd1c532153fe31956e83f0143c9d58b85b3fb40ff0fc208cb8af5f068f1e145d712ca8261d9c723e85a1b50a34783d26cffc0c6d690963e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a40f9e6eb88326ef3728af3c3524efc8

SHA1
309caf0f2459a40db232373e7ef20e3591b38976

SHA256
5cb407cf0e42696303dc8525070b3c86635b3311c3e002f9016190341b8516d8

SHA512
9a5b5820f9045c4205d93d3b83a6cbd75ba3b826c5bf64a35069c926347650952d474464d47c20171519b2eddf26b40b8d21aeb6fc47ba854cced383471bf3f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
617b80352c0cf9323a3df3ff1adbbb57

SHA1
a9cb8092fe239bd5b527bec25d373b66510c66cf

SHA256
d66725e620d71d6c04e68a1fb625c432e72979dfa9a6908ea665deab58325168

SHA512
3d5dfde0c15d4d6688a6f7e4009407793a554cecc43d71df545ddd9b8d274c3f9b563a3352e0ae644285362482666006ddfc526d20d2483d89b0413a47ef84aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
25KB

MD5
a34680f8b1266e2832acacdd5974cb48

SHA1
8ed0a05cd9bb03b4990ba77cc79662cacb1e9700

SHA256
cebd372ccf5372c18ce3b746cd8dff2d0e01ec59542d1b3079887f9a8d1d1c21

SHA512
6e4739b7489525c9979dd92f7c480d9574b4215aa92f65edee6e5db9aaf555d9c0ba578d6b6ad92c839648060157967e97a16fdb9d66ce173db6f7c82dd8562d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
729b0b411206cada82ba56820f6e6b86

SHA1
d2850debca471345ff5c09e6dd3d5a7384ad7c80

SHA256
5aca01b3511940b58be226b4d27f396484d711a5be80abe9a7ed07c601afb619

SHA512
bb2435377a79cb329b46b6030e123de026877ceac51d63b312bb28d16614e49c4093593f61714a567dfd7e09f315a22d4479d083225857ea48a0dca4b8f87acd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
75bd5a7f503bcc7be19d3c56a433cf80

SHA1
14741ef32155c6e692bb72c9682248e4a42f66fd

SHA256
bcdb6bcc9c14a002c075b2c3a02dd10487b8f9926286636259cb1f8ab47936c7

SHA512
5614f494fd1efdda62ce298d4c25488e016a5e8307405207565578894595f7c523304b008cdc2666b621ebb657efa3e7e6a5718768c569d2919799e39dce6f3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
a49b6dc3d32207aa00c74e417439940b

SHA1
f0d84ab79c60af8c3abb6fe36573df8588f603e9

SHA256
06b4aceb6e34ee6ce5a59c28401163120152f8b3ee01cf12d16bb35fb15508fc

SHA512
469cf0200eecc47202bdcb7ef033fe02fa45c974f153e78219ae11f7f9ff00fea18181e76ddc2c124e3e6eefa3bbeb2b598cb8dff9815c49728effe9a1657206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
f1fe5350ad8d947eaa3c2ed9c889f372

SHA1
d0d88adc8d587591a91f6192da53b1a64a3d44c6

SHA256
160c30e423779fb1f256cf189fd46b4b21f695be62a5a8e7488f0ac80fdbc6a0

SHA512
8cf2b9636247e99abf1a5a643240f8682a3b8d2396dffb68bdcac05cbcbd0b2d51331dca727f94c513535a2ab54ddb7758806b3585174d61806655594b58d6f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
005cd087748aae77775fd37790065bae

SHA1
35edebc50397da64aaaf884cf862b1ab7ec7dc00

SHA256
4dc0696345825ed30f55769c7141b038ab77bed477db13f19ce6fda5b7c6357f

SHA512
43603125b109a1d98d498e7a7eccf1cb495139314c65522785eab1d62e273489cf329903cdc5f00d4b097b9e9c0c181b6640649c9d0fc2378ce5f2ecba5ccb4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
d98b9df154ac2aecff04f2dee6ca1ed9

SHA1
794ecb200816ea261cf58a15a037ac26d2e5901c

SHA256
f8d770c9d3bcf57a86032ac8b766fc847571b81ccca7cef2e27b06aab93da36d

SHA512
8ae5229f19f27e5769fc33db039b9f16416a8333e9e8179ca393dab24882b07d9ed4e3d066e319b75e73fcf015ae115d8ec174893136086020c3188bf9906b49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7ae92438952f3bbe11faf2143a62cb85

SHA1
49f64020904807890287c730d16cdb113ae5a0db

SHA256
d28f19a1879dad9f9b7935ad0368938ffaee54be9fdf914b458e579c48d50ae2

SHA512
f3c74b76e17cefcc4d508427990e628759910805cd2f7c4be4caeab354b0289a7163569b77a57d943999e760f8e6e3c2ad5b3cb7c82fd56561c72a9f431361a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
00593ce83ade501ec58e43d1516dec98

SHA1
c477cd0ff2b97549af2013b4c4c38bbab0347998

SHA256
00ec61f4de1da63ed8a6447d5edd7be1054abf391ea1192ceede794b28e84ffb

SHA512
759834a673c44e1708c9863858b82849e7263e4e8b1d853c12366ae4fdb6d11588f16146ca4762f9bc537604e5b3d0cf23010cb7efcd693a65a016e077466bbe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
5KB

MD5
668b3cbb766f7a3b1fdf5b9b108a4fff

SHA1
b332d6b4836ebf3333b2db1b6bccd1fa0905b8e8

SHA256
62a80bac0b18e5c9332b2f6aac14ec2590439e05fcc07b060a0221f19ca9702d

SHA512
c62d939947961de52b7a1ba1ddf5d2b8a022962bbb20bd1b4055ff434956731430f7d3faa8abfea1784fa8fe81200519a40e55d5114b63e16e9c4f883fc8f0ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e106ff1ce914daa26dbd7a9074213b78

SHA1
ea05972caeafff25ab0cc161bf99bbe3f9a8e662

SHA256
f70961fea0c4956328f4a6fdc8037ec6f81ea3c3cbf0244c311b80724efcf838

SHA512
499ac421a73b4fa0b5dd086867248b9a486fcaa92e68e3711c1453e1eefed0af3841505f2aee316ee080f8f7603578be54e8ae58f24e4ccea0ce6fcba8944a11

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f4c0.TMP

Filesize
706B

MD5
caae2a4fde57f9373e18241fde2818c7

SHA1
8d8bd75b73af40bf3b56b0866a7fd72641fe480d

SHA256
8c99f94b0383cc3b182c75b92d0a583ceca4e5cf4f5419d9277cf1e4a8251362

SHA512
f9c8f83111fefc5ba39d09b30d4119fffe976f1f66433edd67686945291d13c27ed94d4f4c32349f7735b980c1d34fb192f2a3e53f9ab1a656700ba9ea43eac1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4317ce7a5ec918611c98ef305df55cb8

SHA1
2af03306a80cf195147f503f7bc81af883d0bbbd

SHA256
f7fd9b7545e2dc1dd7801fd168e4bc2138da56b125f85edc7ab4ad2b808b5cf5

SHA512
b5d3f75adc3332374fea6ec9f8064cb3e9c166831fe6623fd26739128e686d6d8996ed573fa82b8a8d7d5d711d43c775b508ff5cda9a4f6b370e61d9518064da

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
12KB

MD5
e6218696f969d6a46dacf860bf63cba6

SHA1
a431794938afa70b504940b02bb3e4754cc104e2

SHA256
5e62f99dcfc1f6f3440e6f4d3bcec6d9f047821749aca751d16c8e660c1e0d62

SHA512
cedcce1275f122d1659ad5bbc9e99a72c5c6e8e738a4216e2f943e50b10a7dbfbe9c89a85e740e77a93c0757827bd20bff8780720b754b00f97c056ee267e2d1

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
15KB

MD5
6b099c7a7e00f9124cc78b0f6229ff4d

SHA1
ed2f37ea07951daa59c2dd96215504d562352e1c

SHA256
c460e19e9840f5c738b5e2594232f37a9e2392cd7b04107756199de2024eccb0

SHA512
f092d0ffa70c4ebb0f99a32ba73ed62e8ffdaa9e1e32c1d6700cb801d27c39dfb567bdc6a1f6f72699a5580111f10e814da1e4a215a608ee109b727e75e30cdb

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
15KB

MD5
e6c1c72a3cf5ab181d01e09dc9d45781

SHA1
e9e7f556cecadfa950ea71f928eecefacee60b77

SHA256
eca6bfbd71dd1df4feac8164056aa828f695f704ab2717bc309c241e44585774

SHA512
ecc1cbc91cd879482f5fb56ff34a5fef35c6d8cedc9959186468c91002d55cf70a4d7f2ae7e035dbfb5bcd329d33027e3bfe5e98463b468aacbdbb069ab401b5

Download Submit