hxxps://github[.]com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry[.]exe

Resubmissions

09-10-2024 19:17

241009-xztfsascjl 3

09-10-2024 19:14

241009-xxymqawepg 3

09-10-2024 19:00

241009-xnwf1awdkh 10

Analysis

max time kernel
148s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
09-10-2024 19:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 13 IoCs

pid	Process
3348	msedge.exe
3348	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
5036	msedge.exe
5036	msedge.exe
3336	identity_helper.exe
3336	identity_helper.exe
3820	msedge.exe
3820	msedge.exe
3820	msedge.exe
3820	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe

Suspicious use of SendNotifyMessage 14 IoCs

pid	Process
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe
4120	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4120 wrote to memory of 2900	4120	msedge.exe	78
PID 4120 wrote to memory of 2900	4120	msedge.exe	78
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 772	4120	msedge.exe	79
PID 4120 wrote to memory of 3348	4120	msedge.exe	80
PID 4120 wrote to memory of 3348	4120	msedge.exe	80
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81
PID 4120 wrote to memory of 3360	4120	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Da2dalus/The-MALWARE-Repo/blob/master/Ransomware/WannaCry.exe
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff983b13cb8,0x7ff983b13cc8,0x7ff983b13cd8
  2⤵
  PID:2900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1820 /prefetch:2
  2⤵
  PID:772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:3360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5500 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2940 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12335125763659168881,15317842755514963210,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6484 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3820

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3044

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
554d6d27186fa7d6762d95dde7a17584

SHA1
93ea7b20b8fae384cf0be0d65e4295097112fdca

SHA256
2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb

SHA512
57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a28bb0d36049e72d00393056dce10a26

SHA1
c753387b64cc15c0efc80084da393acdb4fc01d0

SHA256
684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1

SHA512
20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
61KB

MD5
ed605a7c7377deca946dd07291bc3507

SHA1
5df2e582cf4f6e22dbe979b90878f1b3161399f2

SHA256
10e82428ca369208390a24f136e852c8a33db3acec8e5fefaf60251eab21bb6e

SHA512
70faa1a22c234e7bfa69f67da1a47117b6e36dce8634dd40e0c861c193aa0cbaf1b6cfa61772b8e6a2099c19df23eaa4daa215b9856b873628818c152de0a613

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
112KB

MD5
9ad1d0601e1e5ed7e4bb8c3e27501789

SHA1
401672987dd76fe0e03c1bac0a98b76824e13ba0

SHA256
e8fe2eff68d7ddd83210339914bf464ae72f9d0ad889033500d9aa72a50a2230

SHA512
4654681ea51d311b7b40ecf5fb924551c55db14c77e910decfc3b37802e7a9ee822f4ce5351e7b9381991e3093b6e0c32a6dea8e9bdd95eff7383af03dcd5d95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

Filesize
137KB

MD5
e9bd240ee84d274a2527f9bbeee55080

SHA1
34fa36101a1686639b1d039dcb678edf5a8f6a95

SHA256
3c42732fcc20dbe6de3bd610ec38ee490d8e90d32cb94b5bf7f5a9c05818c871

SHA512
721db784840babf1af6d116b6a938d311428d6f958a475bddda9f1aa61b9f0cec249f35664ac6d9ba941ecfd65a807eb3426bf3825d26502eb28689f1eea6482

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
46KB

MD5
c38586e7e5a14913a11e5bd436149879

SHA1
cceeacdfbf77408c590169988d81b87e846858e6

SHA256
e8de7326dc5c0d2c3238c9d360bbfdad33fe2202ceeda5d6a28b8c9b42d9c9a9

SHA512
dfe42b32b56fdd1077700642578a7e2a1ff9fdd2c79356f694fbe1c8a175c5c9cd770732dba69ddbc460c7fbbb917f923fd57f62df0f551761f56b7617ad0d00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f59e30bd413f93d1c4904e3a4322921b

SHA1
30ca8cb72bbd60474aff4283d2737c616fd6f76a

SHA256
23c15b052843b2bcd8f1514928730f375567a85019d6d1bc45f871a548d5bd34

SHA512
ea662e21595e31ee838372c761d490e97f8a6f37cb529221b2ad23cfb5e22130031afd2b7701b272b6c815686b7f45932c46c1e9e53a83960f2d0902bb631858

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
da37ea3fde28325a036276f7c0ca379f

SHA1
5f75849950004aba1e422a822012257c5df7f6eb

SHA256
5f6c983e4c884be2f68fb17dac9df3b9ff735e3b0d2d914693876c2c993110b5

SHA512
4d4cf86de2f1d96f29faf005067f0b5a1e95e7361dce055f23db5d877b1369f297108d5c43cd98554f4950a4fa6617b8b525a3a197d2f85d242874c0e1f01661

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b19af8a001c6f27ae250bd0aba140b0c

SHA1
31ff196be78b8de1f5c5dec1608157af737f3a58

SHA256
de7ee5902c76cea06eca4b87d771257b42da028a7282b951850c40b76c31f0c8

SHA512
b0b64d1a254923f4f04ba542ef042dbbab32be5ba8e31f01f6809d90e286acc86e4cc086f6eae1a2c7eb34737905ea4f6962071de0257ed73f5386f135ac9d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
9a930b50bd80cf09f3804fa080d2ec08

SHA1
a25ec4759660800513172f87c6b6afe9e63e8631

SHA256
1cd4c2340cecdaedc8dea61c5271e60ccbd53ce07b14a73a323b5faacccc45db

SHA512
67b5d25b112ea9c06f8c22d17d1c1dbc49af9c511976f27a8e6b84386d23ddbcf411919980d07aebaf18aa417ac72b546b1632a3c318a3682f2de63e73d3a6f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7061d88073c64c6c85c88866766f9f8a

SHA1
9ba82bc3a398d9359557bcd3c12c3640f164e3fe

SHA256
21386e85bdbf5537060a35ce67c144d39bab44fb34f738e0f8e0fcf8ec3b9417

SHA512
0c9a537dab821607af6e874dfcdba2521cb4827f6297e26dc2342febd27c1c175d7734f6e81a39b42b052661cf24369137cd45a9eb58de5a1de9dc85a2e463a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
706269c2cc8d0ccacc9a64d117f17c19

SHA1
a1788e1a6f3ddd25073435903b1be42b4e66020f

SHA256
44a9688b959ba0df1f8470d03ee3b70ca02ad1f06de4bbc370471556644c9d40

SHA512
be21c8c8181f35daf42bfffdc8ed874d7ef7d970b67b5af52359b1bab5bd3734a106defed73929afddb00ab74a31ec378d043617b6ff2f931473012dc628e60f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f67f06259e0b97ee3e6b538b19ca4dba

SHA1
b5cc531e3784d51ab86d56a9fa17d6ebbfcab084

SHA256
257297fb498f9941883c5aa64106df599ade48c81a3ace6bb2973ac7369717c4

SHA512
6ba27f47c2bad24d893204e32d95e2ff83da50e3136676d7fb818062abbcbcce1c92305f3316a2de91b03247a6064adc2ffbbe3daea7e5738e452395a0c4c1a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
46cd5635deeccd63e4f3ed7ffd0fd8d1

SHA1
634ab4d038d39503647b71a58aae17f2e6d29289

SHA256
4e155242f510034ff3b3f41589fba3f3b511cad429b4c0d546f17a4105cdb175

SHA512
9fca4f90c94127cc0c2f75253b874d8512ac40548487271cb8bc224288112956b8d9a494d46b8a794c6526f2006618bda60b2d10722dc8f7e07c8e0af468d92e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
14e6d3886254ecaf7a1ebe2461caad68

SHA1
eb114f5226e8d3f0ae1edde78154870098073401

SHA256
d8cd6b24c3f1617907afec6bc56744f3e82235cbb3c72e2cb2a12a6dc8e7e39c

SHA512
d4f851bdf12c05292e6f6960405718a587ebec1058a02d4425cca409cf95387e05cc9fe39dea06259bfe2c5a7fd8f48f918b1f5fe3dbfb9e85450b6d57dc15ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4f02579e90f74819635c1ded4c5736a4

SHA1
f393f7e4ce793a2f345608499a26dff9d8e621d0

SHA256
fbf54eefa9a64f5c938a87f586e87ce1d860bc065a2788ae9b23ea61761798af

SHA512
47f039085a91b5efd47d674a8101e9438ac615ba56c01fb9ec0eb94b49240e94d99d1a5b4656e2c8a7a434bff5d153a04dbc5c45f5292543c19c93393c61ace7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
58a05b2dd1714a8b01810457291b0dee

SHA1
725155dfdcc3d04423a2ad9e7e897c0df95b0e2f

SHA256
4695d313aa3f8365e87438c4297725222b253a533f9df12c6e6b0defa138e913

SHA512
245111b5c7b8b5f678832f68ca8a3d355beb2ad856f809a8b5fd9059fff479a7fcb482b0564b76bdc8a88a1b0bb47998637470cbf3b9bdc66b566887724866a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
19598ba9dd11888e5902df0eaff49563

SHA1
6fbfcd2ce3461fd879c615ce140dd59ae80802c9

SHA256
91cdc3773a95d3813d831e66ef5910cda793ddb57901777c1ba66c596f996cd3

SHA512
e6ffd3353b4206c0c1fb34142e884c143fc9270134e9a1d55eb79c1f9673861e5a08dd94d738434b73d3bb7042774ee77c5d16104fefef9b70e84569f6b4efd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8fe6a83d6c0e3a60253ab35e5320569f

SHA1
c8df069ab0baf1d89c85bb0aad0a9ad738de22c4

SHA256
9029cd674eb6c5e2fe5304330d2e7e4235f0ec65c4fd046f2877dea1dc04c45d

SHA512
e0b450decc1f9124eb7a02e781e820187b3908544487de24b40e488bc55c12c7c92c89f833128a5e6a00f3770affd32b538a42096a70623e5ebb9984f26e5dc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\11802650c6ef09311332a2006a52b6b4df9cd349\df210c13-d650-428c-bba6-f2a8071a16c5\index-dir\the-real-index

Filesize
72B

MD5
456157d8ca01cbceaf0df53a14a2dbc7

SHA1
eaca4fa4eb0cfa657beec5dbbda0e0a2bc24e871

SHA256
8274b0f76e97e7cbcf5b3fe9e86a88d47177d773a94425b66df4ab0628910f32

SHA512
05e789b9f2c0226c003c6170512ae4cf4b00cd1f2938376cb263898268e6626a60c482a9c31d2b69c6bad07f6fcdb91ab53a7c3b5e1519649383c7fa81e92ceb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\11802650c6ef09311332a2006a52b6b4df9cd349\df210c13-d650-428c-bba6-f2a8071a16c5\index-dir\the-real-index~RFe587a2c.TMP

Filesize
48B

MD5
9123f7917eb8a594766fa6bb63aa8cd1

SHA1
f61a2175a62f5348ed585a1414d0cfb710781b4c

SHA256
f3d3d51c9841eaa22a9e07db2b48296a027e024503968a2b8663a71fc3699ebb

SHA512
63bb713ab9f2b1b7b2e3736eb966311a1d38c894483e359c33925ae211146cc98b0a02992b5f87550d7e19cd24c89d2191ba6fafad238365b7531a1374f316c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\11802650c6ef09311332a2006a52b6b4df9cd349\index.txt

Filesize
122B

MD5
d513ad96ac5deb5fa218d3e573e88668

SHA1
2afb30c93bc18391f3ea57134647ae52a6428a46

SHA256
5e1fff720ac13a0796254dfa75fe8ce4c9b21079f1e561d3763dfc2a33088fc4

SHA512
adfca216255bd6dcb4abfaf9dc9a0861399d5bf550e8ba7b6faf8656272fbb5c6684b579830d4002f346cc64adfa7be4663644f16d8ebd2888cff8423e4beb4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\11802650c6ef09311332a2006a52b6b4df9cd349\index.txt

Filesize
116B

MD5
7bf9d93147f129339034bbba099d4c41

SHA1
7c6883da03850f8e212d909ace04a6619a5bc214

SHA256
41aaccf88a054a8100243cd26a9c200579777cde265939957e8237c65c5f9aba

SHA512
3410ce7612a9a99ba6e0207261e65ea323b80b84a97e168eef1281519a888fee0dea70c9bc93362f5347814b35f817aa72864d3e1ccc683df03bf8a4b9c28555

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
14KB

MD5
b8c1d3d53f637f8a370f9db037083826

SHA1
dda7d8ce31df2527613d9449f891919bcb7795e1

SHA256
4c61cfd55a4b5a6e7ce72c88aaeeb74c83f11a84dd1a4731f34d0d4826ef9c55

SHA512
8a10646cac287361c5bf2dec6bec6bbae9b1cd64c4d4e190e685f5893addb80b979ff5248c41714a71ba08106f0198a27c57a935c4a7f6dfbe8fa038dab9a4c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

Filesize
10KB

MD5
a7cc97c7660e85c644d5f387fcf95681

SHA1
c47ae414bf5c5b0d2cd49c1b12a19cf05f0d8037

SHA256
03f0db58c0cea442a55a25cf77f957604937d634eeb19d48fd6a03b06abdf5b8

SHA512
61ad9e71031c9705fb1bb9607af8d5a5362dcbcfe68d50940e692c5e59b0bd247977a3b35011d38c2233a861a51e0bbb815531a0dd28fee8c6a8073937cb8adf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
cd710847fb726f7d58b1c1e1f23768a5

SHA1
3957b43e0ed9cd26b25c07a75360f0f8cbf96a9e

SHA256
791db7677c89fccf31073ff5f07f2730c833f783000dfda25eb8a352ed24985a

SHA512
70796efa266074e55506160ba51aa15f88f139aff00f47d3c7b312c9bf0fe7d3d0fbbe5050218eee85bb271d4e2a815712007aa04516d0fde1f17a50a0cacc7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587961.TMP

Filesize
48B

MD5
a2385adea06984b2398a6fd11868b1f3

SHA1
9cee551adc9c279a14c632f7b3ec421bb94c6e92

SHA256
2a81361e07ee81f26cdafd8ade83c443fa1bfb40ff553791ba85daeb9627421c

SHA512
a20b9f6e974382c69f1ee9a128d13e8707c4169e437201d80622ce52047600aff5978a4f1bec0cecc835d3daed7616545e4b4fdedd6a6a707b21a59be9608ed7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
991a020265d411c14265a889766e316d

SHA1
2c3a66380dcc773bb90e54ee5c2910f9085d47d3

SHA256
3a7dde632bb3a363adbfccaf590fa28df404241f54c25e37ec28915b6df6355d

SHA512
2ac822157ce367c683f48a377fda1fb2fdcbb0f28fa3930329bc4a4b5644c1fe75da5226dd752751b11f682ec23112043f8583d0bd04ef2721aee4aa20c404c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f813d0cb69ed48f7361abe7ab8bf27df

SHA1
8d8fe2d37edd8d02eca1f8546087b7a22b1bee9d

SHA256
739c50a7e8222a757e46b961279899b13967e97b88aa15bc2e588a82ef17848f

SHA512
d5bb3b5b5b717f7bfd1010d8ac36e0b6fb313f6ced315ec0cffc58e4811128bc4fea1b3b82231b25bc34220a0bb544cc6498e5e28189c6e38def19ce0b55f93b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581940.TMP

Filesize
874B

MD5
e603d00f672ad9aa552ca0d8bc6aae28

SHA1
fe4ef88b39838b8cb00fc7c7c8f653b31c7512ca

SHA256
2dc8641aec865bd487d85197b6b7ddabd1917e5ce33f375b3397f00b4b2bfbff

SHA512
d2ec9295ff004bb8c1d4cbb2643642b70560fbea137c0f25eb2c4475d39efb1556cf9d0c3b47e15457a897255b4c93f750ad83ffdc1d14921d38723a5ddd0883

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
3df464b45d7ce2ed5745f1ae15ce5d6c

SHA1
5bd440fbef3c6bdad9393dc9a53b3af367ecbe48

SHA256
277eece5be4e56569df90a5ceee86470e77940257a3119c5370dc39f818fa0a5

SHA512
0880af7669ff3d7140ba469d5005e24779b11820dc17ad754165740c9803d0ff1e01acf3a25bef8b82ca824651750a111979f049dadfaa296dd2f3d2fef34c85

Download Submit