7c270da2506ba3354531e0934096315422ee719ad9ea16cb1ee86a7004a9ce27

Resubmissions

02-10-2024 20:42

241002-zhgrrsvhql 10

02-10-2024 20:38

241002-zepm7syfng 10

02-10-2024 20:33

241002-zbv1tayeld 10

02-10-2024 20:28

241002-y9hbyaveml 10

Analysis

max time kernel
53s
max time network
51s
platform
windows11-21h2_x64
resource
win11-20240802-fr
resource tags

arch:x64arch:x86image:win11-20240802-frlocale:fr-fros:windows11-21h2-x64systemwindows
submitted
02-10-2024 20:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

XWorm-5.6-main/Xworm V5.6.exe
Size

14.9MB
MD5

56ccb739926a725e78a7acf9af52c4bb
SHA1

5b01b90137871c3c8f0d04f510c4d56b23932cbc
SHA256

90f58865f265722ab007abb25074b3fc4916e927402552c6be17ef9afac96405
SHA512

2fee662bc4a1a36ce7328b23f991fa4a383b628839e403d6eb6a9533084b17699a6c939509867a86e803aafef2f9def98fa9305b576dad754aa7f599920c19a1
SSDEEP

196608:P4/BAe1d4ihvy85JhhYc3BSL1kehn4inje:PuyIhhkRka4i

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	Xworm V5.6.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion	Xworm V5.6.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	Xworm V5.6.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 34 IoCs

pid	Process
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3496	Xworm V5.6.exe
3368	msedge.exe
3368	msedge.exe
1000	msedge.exe
1000	msedge.exe
1184	msedge.exe
1184	msedge.exe
2992	msedge.exe
2992	msedge.exe
4744	msedge.exe
4744	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3496	Xworm V5.6.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2756	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2756	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 53 IoCs

pid	Process
3496	Xworm V5.6.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe

Suspicious use of SendNotifyMessage 25 IoCs

pid	Process
3496	Xworm V5.6.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
1000	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe
2992	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3496 wrote to memory of 1000	3496	Xworm V5.6.exe	83
PID 3496 wrote to memory of 1000	3496	Xworm V5.6.exe	83
PID 1000 wrote to memory of 560	1000	msedge.exe	84
PID 1000 wrote to memory of 560	1000	msedge.exe	84
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 4004	1000	msedge.exe	85
PID 1000 wrote to memory of 3368	1000	msedge.exe	86
PID 1000 wrote to memory of 3368	1000	msedge.exe	86
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87
PID 1000 wrote to memory of 1984	1000	msedge.exe	87

C:\Users\Admin\AppData\Local\Temp\XWorm-5.6-main\Xworm V5.6.exe
"C:\Users\Admin\AppData\Local\Temp\XWorm-5.6-main\Xworm V5.6.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://t.me/XCoderGroup
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:1000
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9987a3cb8,0x7ff9987a3cc8,0x7ff9987a3cd8
    3⤵
    PID:560
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
    3⤵
    PID:4004
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3368
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
    3⤵
    PID:1984
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
    3⤵
    PID:4496
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
    3⤵
    PID:4188
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,7270216440927553262,6895468673326541739,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
    3⤵
    PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://evilcoder.mysellix.io/
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:2992
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9987a3cb8,0x7ff9987a3cc8,0x7ff9987a3cd8
    3⤵
    PID:124
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2
    3⤵
    PID:4584
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1184
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
    3⤵
    PID:944
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
    3⤵
    PID:4616
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
    3⤵
    PID:3048
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1
    3⤵
    PID:2296
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1880,13093824160555768925,2040071675601104034,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4744

C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
1⤵
PID:2344

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004C8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2756

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1800

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4616

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2960

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
228fefc98d7fb5b4e27c6abab1de7207

SHA1
ada493791316e154a906ec2c83c412adf3a7061a

SHA256
448d09169319374935a249b1fc76bcf2430b4e1436611f3c2f3331b6eafe55a2

SHA512
fa74f1cc5da8db978a7a5b8c9ebff3cd433660db7e91ce03c44a1d543dd667a51659ba79270d3d783d52b9e45d76d0f9467458df1482ded72ea79c873b2a5e56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
cb0f4ae5d65be851d313f3ecb0980bcb

SHA1
248c99427b54d8fa86707c39d92540276b9ed2de

SHA256
0f70fc24e9118bea6ffc5c36e63610096bd4ba658feb8e93e8cd3a3dfc16ff76

SHA512
7195c890ef94269c545f1122b6dc9ee6fa2b3951c45fe0bace9c3c0710ee23974290c3cafe07faec586e0012e991b66f0b0aa84680032c425d8885ad1b16e17d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
026e0c65239e15ba609a874aeac2dc33

SHA1
a75e1622bc647ab73ab3bb2809872c2730dcf2df

SHA256
593f20dfb73d2b81a17bfcc1f246848080dfc96898a1a62c5ddca62105ed1292

SHA512
9fb7644c87bdd3430700f42137154069badbf2b7a67e5ac6c364382bca8cba95136d460f49279b346703d4b4fd81087e884822a01a2a38901568a3c3e3387569

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
906691b67dcb40bb08ddd97201dac9e2

SHA1
b5f3099941238008f452c87a0c3f2ce14d8ca8f7

SHA256
bec8c789433e6e02f7d130c8862bdcc0dd98f55edbbee88c56f5dd55dcfb3fdb

SHA512
95d8efe7e43eff9d3f23050da5ad3060c8e828b365c3df1b392a2f2300c054eebb8285e33d456c8dd98a3992a92b933f2e4b4f7147ef74dabcf55b575ef2f04e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
a43993b161ca47a6adda5aea14c9af7c

SHA1
bc68e5f527077251280e7e5f8fb06ea93f5816c0

SHA256
3cd214c103282b179a8942e1f96a16bdbe90bc7021514ddb07246ddbc31122ff

SHA512
3427d4ae6c65543a64da198c4fa4a5d34ef1f60c4826c016556464ab21e8bcade877a785ad1f3254f22be6c3e757af1be57930c65c379cb42762c83e4b4e9852

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

Filesize
1.0MB

MD5
3fa641867977126c2c7b5c5e1d23969b

SHA1
9a6850bb77dcd408ac422b6672f6c670970d3809

SHA256
d15ff53e525e463f13aafb9cd302d3ba7ad42390e6432b526092abd0769a2aa5

SHA512
778c288a44e3d39a3176c07f9882ebeed39a0d9a7c3140977c3204d98a3396854870545eb6e1b7432435753306d13fac84b1bd2e535e6452d0dc5ae26dfcf2f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

Filesize
4.0MB

MD5
30e7667e447de21063b9a2c1c8162d6e

SHA1
4718c88f4dd0f6726b3e673dadf80f4e1a312a24

SHA256
cc5cfd1aa60341a7b2e009ce5967e2445749af17f1f260d73c5f3451636166b9

SHA512
45e4ea5ed1dee8dba3eb1450eed98f0339c3a4f2fb014f006def82606586d94e01fa26c6c470b36ebba6c227a8594c0ce58945154e73f415cef29bc9970bf3fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
120B

MD5
3317153158912332fe4586fda9e2b8f0

SHA1
1c7964c4968ae5c2959555dd9973c370222e5cab

SHA256
dc3d71b0b37d78346bd9f40b2d5f7e7cc789388db591dce5c0f4a1c86e747063

SHA512
85f68d4b4bc22c9dfc9b14a118b2ee39203916a82adcd4a8a46f528e4ebcbcd9c5ec2952fd84ea1239c9620083eb6d02dfee43c4cefd033195ee1af117ef16ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
b05583a5857a7518fe38ad7177b0b6f5

SHA1
09af89ba0974b861a41ef8d31bb3445db22a2a03

SHA256
bd660f9c6e9a369f484cd7e5aada6c9d18d26be5dec7458107d6335aafb88b74

SHA512
ecf9a8110742ac580055496ef4ed8f6b6bccc18b600a4262ca83338584258d80ce031eca64cb3907563323bcb859ca875386e9878caec443b8e4286453b0f090

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

Filesize
20KB

MD5
9e70cfa8c5f26aa0cc4a9836fb55a517

SHA1
904fd01e1cccbdaefca10a81461edb2f5a181d32

SHA256
09aad518cc145fbbc509952384bf8c6410eb18c3aad13184d8cb9a4595d6e25d

SHA512
6eec95151e6d9a3cb451bf6a29e50181066e1937e744ef574ce7bfe748f887dc1c4510053680616ec4db3a0b925342b65d7f93600f1ad590287d5d68dcd0b462

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies-journal

Filesize
8KB

MD5
01ec753b0f52c6a15b5b49ab4e635ac4

SHA1
0cdb96fbe49aaf7142626ed3f23bf97d90c6edd4

SHA256
27b593b5aaa95a6c370dc6889ca1d717d19adb21f03e0a659995461464c75ddc

SHA512
50c5ca3c851e6db2b842f087e02b1f9700c6b1b4f41f283d6088ffba45533543a3a64917c09e309538185071ee29a4dff09e0b8db9fa5023640f820858f88d89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
4e02a709f2127f547cb769827f66b402

SHA1
bb4a4c95c53b5f54a4938ae95f6ed337887a38a0

SHA256
cad447bf4d01ddd8e15ab308136a0ab20d71f1f075f46fbb1abc092df470c27a

SHA512
0dee8974c42acfcf8c39f4496539a2d6a53285a95de1b0f2100317909548d9c4f31e91c7185b4ffa3a15cdf8c7228a6dddfc795740641c7ea2e2a3c7bb581826

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
464B

MD5
4b877fd4562339469d50ab88b7a341b6

SHA1
9f9cf27663258037c87d6cd587476c64bff8b4b2

SHA256
8d20c63f35708c331194df4249a3c282c207fe0af28f5c415f9fe163a6d15129

SHA512
48e72436a289624986d0199001f8b3d0031ad81bd292d4483fe5f61c94ff58fcb3ab24510cab61f1da085f0154a4971d40ffb006f1b443b93df77f5cd8b526ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

Filesize
28KB

MD5
2e59bd9baadb0120bc08e6c32df0b1c6

SHA1
7b327a346ca56efd584955d1a1c62312e286042f

SHA256
70393e94bfcfe30340f311071846e8d3b3e13eb4c2ee39ac6be05f67f7a9905d

SHA512
eb68a1f97770ab3532191de43db03460e16991e9ca0bb7f881e3f90e145117ca379532082ef682fa2fcded69a237e1500f063fe922a348edf67ce11ab46f01b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
44bf916c5689813ef44345602c031b89

SHA1
edf9cc0d599e8684aa879e8205c0932c8f2741e4

SHA256
6686cf175d3d0d84a1562b54ab28c3965c06118a6ede5b50479abb4ad78a70b9

SHA512
e2b353c1ae08f9d6c019a20d85f47b394c4e7b240b028d7fed11038ac97ed33f7d275efdb296199970efbf2c9e7263407774b18efbb038e60356e1c757bff111

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
608B

MD5
3c38efbf9bb95f89464a84ab8d3757b5

SHA1
2dc4d9ef21294a7dfd1ef9ba15326be05fb73686

SHA256
605a431733ffcd7c2f4e81c73f7b9749eb63617d0f8c735c465fc76f42ab7fc4

SHA512
b29467d4377747fa95318c77fad8c746f9d94c54e197e97b5a58ec5847d5849a4557ff601db98c854a8a83007f0507e6d799ca21e8799f4015f202de66193615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
442B

MD5
968f29dbe489a73b87164de40c2572ac

SHA1
a2af745567da2aee3777cd895c628dd43964b492

SHA256
36700551825f91c53c11e0f033d259742f1ff29c67535093cee5d4b5e9665651

SHA512
32054800050f36c87156e03ae0896d3b45ea1fe41e5dc366ed62c3a57233da14e8bb6391e096ae4e0cae9805a12297c0a82bbef111b5333bff7dedfc2327e70a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
43079ff010ebd5c5397b6734c3d34a04

SHA1
be8c35089d44c7dc49d3e6154f5660f02d385b5b

SHA256
d88b8fe03188a80993d7bcf7cb725b2e69567c030fc3e943fef03528e95d899d

SHA512
87c2f87ffa8e2df8c1dad44bf42e5c34fc086c9cabb62fe9897b198fec521c614df9a66310d5d9fd9372519a694808c93c93b23cb6e19021c63806b760acd627

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
99ab4557bae657bc850578bfacd9b92e

SHA1
c56f8fa8af169ebc7bc914ca5810df62177d1182

SHA256
7d60bd040cb7de64ddd19f83d90f9c9475a51bd568f2288b27dbf404c3b2758c

SHA512
cd3b3dbbe5c4f8bfb73db313fb5cdc6a12fb949573212e579a4c5f232cdfde8457f6e28f837e7bc4c240b8daf45ac95ff4489d25fb260ac89f3afdfdbff27ab0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4409bff94f4618cdcc3a4bc0c2fb1627

SHA1
ba1404780f1ef49518ea895e7d4769916499160b

SHA256
23fdc724cdaddacfabd66b337ee11745963749349ee33813057a78118350923c

SHA512
51024467b0171e212301ff88d663c72e198d63e165e86a97c2727ee3b61b8362f1ccfc1ffde0fe546639916fe3629b9d2a4d7d3c690e513ab8c88e4c118d3781

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
577f718d373a725a2963f7e7ee0b6135

SHA1
b702862da16198ab9734de6a087dc8d03b660730

SHA256
44cb67231b67f41e14d93afd4df3f8508d17190a139f9a3130888971c41dc52e

SHA512
be53ee6fd754542afe92c059ba00567e50fd2329efafcaf352f4cc066f9603b982b5c84136ac477992cd8f61d3f1f6502f62679b720cf4b1fb897789ef6a00d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
137B

MD5
a62d3a19ae8455b16223d3ead5300936

SHA1
c0c3083c7f5f7a6b41f440244a8226f96b300343

SHA256
c72428d5b415719c73b6a102e60aaa6ad94bdc9273ca9950e637a91b3106514e

SHA512
f3fc16fc45c8559c34ceba61739edd3facbbf25d114fecc57f61ec31072b233245fabae042cf6276e61c76e938e0826a0a17ae95710cfb21c2da13e18edbf99f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
35fd828da21ddc5b1ae56e4963a70faa

SHA1
f7f160a66ff222c373bb02ca8df401576b944965

SHA256
f4b7659c5424a8fc589e30133f145b9abd2b5878999395912a40f0def1f06ed8

SHA512
2291f4e7ad09b4ca00c303c41678115bf3c7493ae6a452dc370502ebce2611ccc2886841943dec0f76c1138449b50ba37352c7a35c509c99fa17e1dad8ca8896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13372375154702683

Filesize
1003B

MD5
f76f3b3295ced1e78d36b7146fbbec7b

SHA1
93a042ee47447f0e35eb06e3eba2e1e487cbaac4

SHA256
d7b5b58496075b8d3e308111c2b6c24593d3d4aefa923a683e579fa17970d510

SHA512
f6cb4e56b61987cc3cffc50d21bd2553984d4bc197af36afa5c5a97564b9d3b5e36bf7ca299140c0da87d7feb8945bd4d66f0e007a4df96a1d39510bd3c237fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13372375154964683

Filesize
1KB

MD5
5d7d83e4f09dfd96945c8c5e87f57dbf

SHA1
ae78598d8b5aed34bacaab6857d305c223500e63

SHA256
9056bc9ba9a6e2359657d2de3ac5b840bd1534d938e1040fe05e1c1e3d58e95d

SHA512
8f57a1eeb8f0d443ee2f43431f74db19d8a265d644b1958a4670e21c5debd83bd96fee46f3523c58d3c6dea585f0aa3dbb08300e8396fcee949becb18b1dfa17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
053ff8bb6b50fde13e2418fba4ff0edf

SHA1
21c1c5b887f9ce0645dabac0c49c2e7b6bb9ee74

SHA256
998c893a88e497f7ada9f4fa26009b891adb76fd0c87d2bb701848ea4c06e333

SHA512
478cb67017c271a54d96156df711208a6a6bb3b5a9c976255aaa70e403e52ba8ef89947a7761b4d9152944dbe1dae2d161005bc49405e4fe59cc5c998c83bcfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
326B

MD5
8b043f8b8511599f4f8a5c06f4d31bcd

SHA1
078ede0c727b11a350ec9a036f1d4a7cc9a4fd44

SHA256
f102c731684ba0706092a40de4251ff286d6a41ddc582991320d078e7b5e5feb

SHA512
26aabcec76885814b71ab42eef65e0b8bb6945421a8bc99c30a7c507ce031e7db16934fad666c5d177d4786742523fd283731d9ffbab4ae30c621355f3909f7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
7aca2a6b7a624b8df98f13a29ccb0753

SHA1
a5faebe0135eddbab7ff7b432ca718b40e6b63c4

SHA256
04cf7ed136ba3a5311d27fde5f1b6c262cfa0a36b8c7f572baa59f12a63baf70

SHA512
93d49be7cad7e4432109d193afcee62cfa2fb639f7e244fc1b76b9682f7d7bc3a1e61e4857fd77a7ba0d55e43356fe8c06c2780996aa1ee7f67a59c4f51d73bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
8273f7604bc276cb0cf0ee0bd75e6ea1

SHA1
ce614528d013c02412e93ef3d19bfbf3b0cd4027

SHA256
063bac2aaba66313376328cda95caf72af512767e2e29b998acd57b6850f3517

SHA512
c7527ad4196e6622cc9ff6739b66d2ca0dc4f292b2f628d690bba18671dd92990ebc6f2751b142c47fd0c5d396a4f3e6f24611d968dbf71b97da82a96591e6d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
da44e9ffa659573d82c41f0190edb126

SHA1
773507a7fe4fdcd742739acab949da41fa288237

SHA256
3f76a6f7ca6ad9e49894639ff194eca4d0e6a2d858c9f91ff3f2282d932ea66a

SHA512
1d119ba80da7895aaf4f889e13b13e5879261ae74f4887897e1064e89c2e54e6e03e784806d2aa6cf87554f2ffb6aa62ad8d003586149e75dac993c03cf7f73a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
44KB

MD5
992102e67e487510bddb4bf17de94e2c

SHA1
2cb6e9804f53fbe5e13d42e2f03c34af695f8d21

SHA256
57bfaccbcd2b5ae42b0a29668beadf44b68cf1d60566f5378e7319817a11b35a

SHA512
f08d0a5b36d25d349862f6cc3781709c92233e29b3c5b8f43967feab0645d25dbd9b2cdc5d8c243c9a5ee6397f4cfc789e0ec7e8a140b93fc4cbde9e55dee947

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
ed8264925a0689a5a8491411616b28ec

SHA1
c23b658384b7df8978e7c013945fb129b39c800d

SHA256
7afe069de459fffc09f715c8064534adabd24f950c0e459da49c01c4e70a6ff8

SHA512
3b07c80dcce3b1b5f36e98fb9e489b2333c4935a0b436bf01fce3eab97426132903b84ed3f8340b0e91157627f0953eae4ca41fd4d4a29c44e0c1b6e613fc854

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
f82421fc0111ae8136ec53f5a0dc3717

SHA1
0e9ec9817ec18ec2ec54c8028a657939d272deab

SHA256
474a7b110d9d34933fffb65c642e9a3ecc741c249601d0b08fcb7c227c830a6b

SHA512
b25ac8ce06c66b1aece4bece7f0a5ed62744529bc30b4d6f10f5d37a1127650fb2493abf8939401dbf12f1d25909a716cfd307c706e038466ad2cd5671bdc094

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
3a346353a0b18506dc608be381c40cb1

SHA1
75c977e831a79cc1140f6ee3c986da1c6a57364d

SHA256
4e351c1f5b189d8f843f9351b77e0c8deba9d1eb5a20565f71e57087cb2b171e

SHA512
2970124f8f541b1d6a9f4eb518a6147d321825029d255d12ba75e8cfe4d1dba127c73f76a92322b7801d070985f3a238e0313890d305f9be0d9b23fdadc9b28f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
24a672d1bdfbfc0af0aa7916b2143014

SHA1
6320fd6a3727c40dbaaf67614a25238eb106b5bb

SHA256
e7362e8f563eec2b9be2eae5ad2508379487851ba9aa12bcecc5769682407eb3

SHA512
78b02b1c2877aa7ea0c463ef417db4f851f33cce4ecb612f51102fbfe74e7dd9786c8d04eb0fe95190ee0a2974ab95129a21cb959f6a2188904e12084540c553

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
7ce206d80f81b069e0cfabdbf8c6af96

SHA1
96ef8932a47b0640ce52d2a241a8add75d8bb732

SHA256
1bb6819123267ac054f49ce141f1c2269b07ee51081e00262e42cf002b377afe

SHA512
2c67a67aefe3a5482fd6386efe46465e60ce6ea04978200a6073176ee457d576e777c149a07a8fb3e8f06f65ce170841eb0d28263ae5baf0782daf3351045d63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

Filesize
20KB

MD5
d713ba9b8bc6a09281e1c2166405e4fa

SHA1
da30fc10f5f79c7504081778243123394717159a

SHA256
4d0624fc5f612d174fb0fc97eeee9ce54e75f21606244733cd6bd92bb9f045d4

SHA512
4ad4ef2739e1f19c9d23b90d367c7185a65cb3ebd8e716297bb21c8d82352eb15eab2dd969a743db37b0316c680227e50c0fc4a96d814b856c73cab5d9f78dd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

Filesize
20KB

MD5
2ec494e3841e8ead0d3921f298e1506b

SHA1
ba8d046f7923547a365dad8e77f6ad59406a35b7

SHA256
a327edaa945e3091546f39ebf0458d1fef0d60ea1221fc0ee291a7b2fa8fe426

SHA512
177445ed9255f01de7fe3fd7f32b621f1b4d687032033199881946f6f7bdb3440eb60124d44a7b43be5ec42c9e162e4b0c0815e8db33da5e444a9081962e3281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
79679d2ceaab4e6a6bcdddb1dcd5189a

SHA1
0f94f7074f142f1683df90be2effbc5dc8905579

SHA256
d8f99aa7fbfbaa526d3498b0dde6a909e05cfb716e8131ddadd9a6ef3a992361

SHA512
37a5c4f3f153060e4b0be15aed331b3e06e6df660657f12438777b6dbf15c2423a26fde034adf2201ee73128ced167985c41430fa451b0a0c2a9fce271e6489d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
af8ecd344189381e7db007e43e072269

SHA1
028e14e7ccce0e787f03c8023f95be1a3c0eda9f

SHA256
80954f505b771dc90f268de1c8281aa1ccc3313bdeb262dff3004abbb91055dd

SHA512
affc9b24a31f0f4010f8786ae4b30a9b3ba896993ba0ab2e01c8c8aafd3688f20a878cbd24aaa3a977726b1a9319a84106e97f79ee9a9946bf02179cb70f63b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

Filesize
5B

MD5
0bf48788ad7c57514bb5dc1e5e6a1fb1

SHA1
6bcd280005038896a715b949af11b025b17aa403

SHA256
408d0903555510326d728f26d0bbc7fb007fa4b47a0fa3b1e68d6c257be80aa5

SHA512
2be25f3baff4acdc2803f754d8fd88a6d904221f4c101e04b1c19bd7a006e6ebd9cf3d4318786a80f51ce80217a1b653ed96bb27bcf74d970d871c5c17756083

Download Submit
memory/3496-7-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-8-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-6-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-5-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-0-0x00007FF99D6A3000-0x00007FF99D6A5000-memory.dmp

Filesize
8KB

Download
memory/3496-4-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-3-0x0000020FE4B00000-0x0000020FE4CF4000-memory.dmp

Filesize
2.0MB

Download
memory/3496-2-0x00007FF99D6A0000-0x00007FF99E162000-memory.dmp

Filesize
10.8MB

Download
memory/3496-1-0x0000020FC78B0000-0x0000020FC8798000-memory.dmp

Filesize
14.9MB

Download