hxxps://www[.]bing[.]com/ck/a?!&&p=922e989d099cbf70JmltdHM9MTcyODY5MTIwMCZpZ3VpZD0yYTMwNjE3NS03MmE0LTYzYjYtMzNlMy03NDYzNzM4MzYyMjkmaW5zaWQ9NTIyMw&ptn=3&ver=2&hsh=3&fclid=2a306175-72a4-63b6-33e3-746373836229&psq=monoxide+virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0tvbnNreWx1eC9Nb25veGlkZQ&ntb=1

Resubmissions

12/10/2024, 12:47

241012-p1aq3a1dpd 4

12/10/2024, 12:40

241012-pwbgssvglr 7

Analysis

max time kernel
397s
max time network
397s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2024, 12:40

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://www.bing.com/ck/a?!&&p=922e989d099cbf70JmltdHM9MTcyODY5MTIwMCZpZ3VpZD0yYTMwNjE3NS03MmE0LTYzYjYtMzNlMy03NDYzNzM4MzYyMjkmaW5zaWQ9NTIyMw&ptn=3&ver=2&hsh=3&fclid=2a306175-72a4-63b6-33e3-746373836229&psq=monoxide+virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0tvbnNreWx1eC9Nb25veGlkZQ&ntb=1

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
82	raw.githubusercontent.com
83	raw.githubusercontent.com

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 26 IoCs

pid	Process
2676	msedge.exe
2676	msedge.exe
2296	msedge.exe
2296	msedge.exe
4364	identity_helper.exe
4364	identity_helper.exe
2248	msedge.exe
2248	msedge.exe
2248	msedge.exe
2248	msedge.exe
5000	msedge.exe
5000	msedge.exe
2916	msedge.exe
2916	msedge.exe
404	msedge.exe
404	msedge.exe
2920	msedge.exe
2920	msedge.exe
4564	msedge.exe
4564	msedge.exe
1240	msedge.exe
1240	msedge.exe
1676	msedge.exe
1676	msedge.exe
2356	msedge.exe
2356	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 34 IoCs

pid	Process
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe
2296	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2296 wrote to memory of 2740	2296	msedge.exe	83
PID 2296 wrote to memory of 2740	2296	msedge.exe	83
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2532	2296	msedge.exe	84
PID 2296 wrote to memory of 2676	2296	msedge.exe	85
PID 2296 wrote to memory of 2676	2296	msedge.exe	85
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86
PID 2296 wrote to memory of 4848	2296	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.bing.com/ck/a?!&&p=922e989d099cbf70JmltdHM9MTcyODY5MTIwMCZpZ3VpZD0yYTMwNjE3NS03MmE0LTYzYjYtMzNlMy03NDYzNzM4MzYyMjkmaW5zaWQ9NTIyMw&ptn=3&ver=2&hsh=3&fclid=2a306175-72a4-63b6-33e3-746373836229&psq=monoxide+virus+download&u=a1aHR0cHM6Ly9naXRodWIuY29tL0tvbnNreWx1eC9Nb25veGlkZQ&ntb=1
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8dd1246f8,0x7ff8dd124708,0x7ff8dd124718
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4984 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5376 /prefetch:8
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
  2⤵
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
  2⤵
  PID:2832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1
  2⤵
  PID:3436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4080 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6728 /prefetch:1
  2⤵
  PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6668 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
  2⤵
  PID:2852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6292 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
  2⤵
  PID:2632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5116 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7012 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6960 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3480 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6456 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3448 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
  2⤵
  PID:3656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
  2⤵
  PID:720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9759239447901540614,15641783935089474503,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7772 /prefetch:1
  2⤵
  PID:2628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2976

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:764

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3912

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3960

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
37KB

MD5
1b6703b594119e2ef0f09a829876ae73

SHA1
d324911ee56f7b031f0375192e4124b0b450395e

SHA256
0a8d23eceec4035c56dcfea9505de12a3b222bac422d3de5c15148952fec38a0

SHA512
62b38dd0c1cfb92daffd30d2961994aef66decf55a5c286f2274b725e72e990fa05cae0494dc6ad1565e4fbc88a6ddd9685bd6bc4da9100763ef268305f3afe2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
37KB

MD5
fed3d674a2f247d846667fb6430e60a7

SHA1
5983d3f704afd0c03e7858da2888fcc94b4454fb

SHA256
001c91272600648126ab2fd51263117c17f14d1447a194b318394d8bb9b96c5d

SHA512
f2b9d820ac40a113d1ab3ed152dfed87322318cd38ba25eb5c5e71107df955b37448ab14a2779b29fce7ebd49cc0bbafbd505748786bc00cd47c3a138aefdddc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
20KB

MD5
a6f79c766b869e079daa91e038bff5c0

SHA1
45a9a1e2a7898ed47fc3a2dc1d674ca87980451b

SHA256
d27842b8823f69f4748bc26e91cf865eceb2a4ec60258cbca23899a9aef8c35a

SHA512
ed56aaa8229e56142ffa5eb926e4cfa87ac2a500bfa70b93001d55b08922800fe267208f6bd580a16aed7021a56b56ae70dae868c7376a77b08f1c3c23d14ab7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
19KB

MD5
7eab02c9122098646914e18bd7324a42

SHA1
5e2044e849182f1d3c8bcf7aa91d413b970fc52f

SHA256
d58d66c51a1feb9af55ba4a2dcf2c339b7976dd011fbd5d071ca86b9d7f58a42

SHA512
dbb0f94de62d7d77d4bfe6c298043c559a0d4bc117bd7dc1d627caabffa8e712cec5e3adb4a737b350429493ac0ebfb81c8759aebed41b30218d0e7ff6f3196f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
18KB

MD5
2e23d6e099f830cf0b14356b3c3443ce

SHA1
027db4ff48118566db039d6b5f574a8ac73002bc

SHA256
7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

SHA512
165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
17KB

MD5
89b14043a36def333f547e45b88b36be

SHA1
7729f36422740316ae722cfe5b6e5fe3d731d021

SHA256
e13e0d24952c346806b3c5bfda2626f51886baf807f96f58efc82a6d88b00e81

SHA512
3489698d642de8232fff37b4e289110670dae623f98222dc4635ca0e6e4252911a7d499169dbd37cc8e9e777d0ce410ff7176c50e7b0dcfee8b2a67a429315fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
59KB

MD5
02240241c502c60a601fea4d1ddf616c

SHA1
654602ee1bbdcade5912f9b727473f592ddc3237

SHA256
2c57c29f743821138afdd7d3e75f38f4b3912f60bb7a3c5e0170bd79adc1709a

SHA512
8b135da031724d41b7ed6fc4e6b78568c915f900a9ad35f09f98cdffe58d0f1e611232b46c78c1fc0eec6acdbaff1822887e2cdfff2ffe6aa3f5fd897261b62e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
38KB

MD5
bf95b000a1f52c689cebc5fa260f201e

SHA1
ebe21a68dd7d8321b540757f246ed6e10a18683a

SHA256
0abded4712a9ab59e84a24ec40179ed475eded446a082584d22c2f7708db6c40

SHA512
151752d4174ff487b3895535521e38071a729e7853b3b2605928b14350ff4106d2d73aae14f7c9a69843d417648a2dfcb9b295a254391c18d99f354c39e8c32b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
53KB

MD5
cfff8fc00d16fc868cf319409948c243

SHA1
b7e2e2a6656c77a19d9819a7d782a981d9e16d44

SHA256
51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a

SHA512
9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
88KB

MD5
76d82c7d8c864c474936304e74ce3f4c

SHA1
8447bf273d15b973b48937326a90c60baa2903bf

SHA256
3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8

SHA512
a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
99KB

MD5
b6b2fb3562093661d9091ba03cd38b7b

SHA1
39f80671c735180266fa0845a4e4689b7d51e550

SHA256
530eb1f6d30ce52b11c3844741721eed669decc69060854ddb6666012c6e9e20

SHA512
7c3f88910bb87eb58078104290d0a6fc96bb34705974bf93e6dffd928160a9f28e34d879f015f0a05754f56aeacc462e27ba3f332e9dddd6e3879c5d97db5089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
19KB

MD5
ca39c956585ff3441ed99f219a95908e

SHA1
c17d8ac3a1fa156abb4d7d6f4799bbabc09966b1

SHA256
c23e03e141a70b1967f6d62a272ecbc588655211752e250f9173bebcc61127df

SHA512
57b5cbce513d2f1c698e4ca82cb9b2ba1c26d7b80f21e4efa77493d0053943bd5a8eaedc3dccb23192c0145dc411a99a86356777e95afa78ac616ce3f5189a5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
70KB

MD5
4308671e9d218f479c8810d2c04ea6c6

SHA1
dd3686818bc62f93c6ab0190ed611031f97fdfcf

SHA256
5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a

SHA512
5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
27KB

MD5
d8ad625c3b6ebf71c6081a85f887e6bb

SHA1
379f10b8da67d19ab8ad932639a7afd4975c964b

SHA256
aff84929e57c1898ad3441f3fc7f850d903641cff756ac5a86baaefb33145db3

SHA512
41c690dffac3a8dd4cb07e61947fc8a0d966d46c6f1993c6cc3156dc89f34dcd0b1378e6afd60ec57859c27dd01149655cecd642becfb2bc986f351f7998a271

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ea1baa9d09cb238_0

Filesize
2KB

MD5
a37c9d36ef150541053376f20700ab3e

SHA1
fa4f48b8aef209ec29ba2e56a81fa4ae85b4b092

SHA256
4eda4744cfaec7634771d73bb11f872bc53be4d7e8e5214b2eb1c3d3e3256cab

SHA512
82b1092444ac8980e575231dcfe5b6d704de2423eeb9927e75109b0d81bcbfb16dbf4f746e35978488910a71d8f1157b49f880876ac94c90138a3839b1636ddf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f18e555747ab0be1e3fbabf136258620

SHA1
dd660ccfd9fdd2fcaf33a46765f222735cb38e23

SHA256
4007c8d1140c00be2995369c1b90ac284c3294aae6113a1b4e74c3424ddf3abb

SHA512
988c118712bb86199aee56672db2c7f91d170fd525357faba4c1c83d46e3f0fc12ff13a8a966d0650ccfdc2011f4bf64d3bd6fa6eb7ed4ec4ed717a696dcfbbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
fa61d371247ac6261e8c9ddbea643ed0

SHA1
f1ac4cd4c7bc3bb4d14b89b753411a2efe9e5fb1

SHA256
535375d3ff95818a9fc8189048c2a36b54050a723a0c40a0ddc1f53d8ac8820d

SHA512
5e7f45075e77fed3b1e8b37a73becef76c0ece2932410c5cede0833cc5a656ac580516691d78ffbba83afb1768e5bc3c2125c07581e35b4d66ff2252685c328a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
4e843a5585638af2e8f7fc532a49fdc3

SHA1
59050fce14dcce174dcc49693f0fe705d2a04b8c

SHA256
a0f0888319e1f0ca82a2b20fbaebcd3063444f25ba459f67e911cc532e53cfb9

SHA512
08978af9bdbe1d5cb245969291d4aef8cfce0d2bf7eed9d023fcd4f91a5e4add4e6765986c269bf1291367065f76204e64d34d0f6c75701852c122cec7c3d2fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
102a5d4f960c2373aebecd144734eb1e

SHA1
74fb70f17b99ccbc9ddb0ed0bd944ee1d4220f4a

SHA256
e0f3687df26d0c8ad0858f6993610335b9e2b9664cf5fd93c3e2bea04f20c0cd

SHA512
6b33fd52c6e11c24d1978a5b513627525aa67e980da5eded17b3da6c765ed91d405e61898935be32a879fd63973b79cdbb676701a914b3dbaea4f22f792201ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
06de88fca6c1d5b2caeaba9e7a592380

SHA1
2d29c800a6519deeb277997202fb48b4d714f052

SHA256
1aa34eb3c539cd137288fc0bd9c4b554349573fa1149e8810dfc61f3460599c0

SHA512
ab62c3fbf23afb65b781d59dc2181ac604e770739b31e6d227d2f6d43bbed417e17dced5c2facc2c7ad5fa0c573acbdbeb76d6862505009828353fd815c97dda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
99e1fb0590f52f580ea3685751f6e489

SHA1
23f1ecfe6f0d8ed7dc79e084adae6cc1e571e99c

SHA256
5cf9a4124d0f80e7035749591d4d1ab3576a8e76fdde1be61e33a7bbd4fb33bf

SHA512
434aa00976d6652668a84714de12b417ad7acb37c54bf378024731bfd516614c0013e2537ad0ee4c7134fbc22154f8fd652ab8cb2ac7d53c6053cc42b8913461

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
940B

MD5
7ddae9d96c9f43d76684f09a5c108678

SHA1
9c1e6795dc952b7c973473894abae62e55c01ad0

SHA256
dc3bce1705d2dfd73e9973fa71785d48eb496bc0070c87f05594387bb3da3516

SHA512
b9c66af2c18a8a41b954d06c0fc307e3a07a8f57fd634c96917af28e80c776d3ec96650140b6a28396c28dfa8b3899116e5fb34c3d135757ecc1abed0ee5acfc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
566B

MD5
02f8987a24cb1df11cb0eb3b358db79e

SHA1
0604466085642cc3a27ad72b75897009fe6df2a4

SHA256
90d436efc86185ebdc4ed452a442b1fc4ffd49caf6de1b65cded9bd2de12fd83

SHA512
908d7f0d32a1bb2958256ee9dec690a3ae6deab3b99210590f3fe04eef61e7f31d1ecb2cb39bc7b15719bbaa4858a1571a01883eff750811452fafb9f0d39e1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
c70ae6be36258bedcde76ffc04b378c8

SHA1
b0791e9a75e82c878bdfdd0f514856e16be989a7

SHA256
877ffc0191c7b9cc5e5cb24604d4c7b4627055b9cd5ad07709c3776069f9e165

SHA512
480e8e32cc0afa4fcdb7c4044e67baba76b0612247d927eea5ed060e955b2b8e34300b55550182c7ebccfffca7a1c329cc96fff5b37fd52201f75f799dfc0df3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
316d74697a07d97385830cde9d95ee93

SHA1
bf2c4ac9dc4d2545b6c1149f155def53eae1d686

SHA256
47fa43d5777aa37920d593132ffeceb385a4f0a0229ed160757336c9239337de

SHA512
9a37e1534c59073e33286e0b59601758dcbeaab4a26ff52563592eefbdf7335bfcbef2f4c3805326f5c3ecd00101b56d8b509b150a0d0cd59a2267b92865a245

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c22a8566bda47d59eb900447e47ebebb

SHA1
e1ab07a2092bb506b9dff4c4c2d8791da46fd67c

SHA256
0549ecee91a6efd46e6a67cd39dc6a41eb8dd48bdfb17c61652dc38fad3b4480

SHA512
33de2f46d77ae57cb475adcf2770decd8992702733d984c303c1865693d08759ff16546d09c3c5ddaa9050883f6cc86807d0fdc8b67b57faf59c9b90a6879e7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
66bba368f1e212cb1bb06ea6befc7767

SHA1
d5ba4174e17f88a1a513735d208c2cee9e8b4235

SHA256
b37ba04accf6c351e491e2948e49ace462bdad2cdf8e4dbcb2b51a3d4a913d29

SHA512
f22576d969436e99bf06caf390816301576121c6029fef31f8272c4883f6a6a78f80a1ceb0a9a16b91a9c995be74095da5f6983927cfa2e22e4bdcda6e629f46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
43a55e56eabd9e14c546cd10c92fefd1

SHA1
a1f5710962bd08295a4bdd28810b0b340627b674

SHA256
1606bf5fa9bc7d6407c6c305ae8a2e288edf2a17d8a3b7422f117fee67f2b839

SHA512
d87d857dd027d00fcaaab2e2065b2f8344b20321baaf059d5b6a43c7d19bc4d6af2eebff23ba8ca79c2e5c5ec1beca3f344bb1fa64f84a9b82c5838a03516b63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3456c7423bd8773eab50c21473d6407a

SHA1
067d0fec19de6684756acdbac814a6b5837f9cf5

SHA256
4e30ce858b0bd18df13b07da043a833f6faedc95de9c90a3c143484a10c67b88

SHA512
801d0e457284d54016c3128381d4ff4425ddd72fe470084ce44c2e88df222cc848a9a298a1d813b83755aad538f8b63b8233b765a165f72c271cd7a3a1852732

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
3075ce2c24aaa5481bed2beee8b7eb7d

SHA1
3d2e3843ee78e2b6621c9d94e601367d9ce7fba6

SHA256
acd7f9ecab979ff8c75e103361487130429655b677baeb29c3d407a030214395

SHA512
019caea5dbfc3f283f22a17027c33d98c6636f77bbcfa73dbf3029c62f09e3608ebe24ad1de8c82d5749adf0078242bd0490aa6a1e752d34a17bd5cd44916b35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e80248a8ea53e0ae036b6e224fa28570

SHA1
ea1f1cfa41a4f9953899fd9ff668acfb8acb329e

SHA256
a6548146611a88701639de2e18c34ac85bd7b0bf3fde33af21068876c992c0d5

SHA512
b89280763ccaa1b43d2c2dbb87529350cb9a6fafd51677ae7a7a3b5bbd65a0a3c4b75ef30061397454df2c33432664b3bbcfd8cee62f9d24ae0f8745c84ca4a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
b6eac80aa44cf55dea72d57d2c196792

SHA1
76c81916cb2dfd189c98678b7d3a4625d639adfd

SHA256
ef8bad60b48dc72afecc85eb0717d9288c76964e7cd3f1c378a60fbcbdc13aa5

SHA512
8443eeb595fdf4d4bd75a276b0e239ecb7ec93eb460bddedfaf9c34035231df8d2743af151a6a5233b3a957e4e34868261c02143f765b1993af05ab6f46ec46f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f10e85e39592bd520ada5c07eceb9ebc

SHA1
20e307ceadb696c1e1ef0b59299ead518d4d55f5

SHA256
7801fb2cc3b883399c99454d80c940bd8a39ff702862bdd08dd6173774adc89a

SHA512
b2263ac62dcf5287e50e843c4c08872f6965e219955f0e79f1a620d14f5ad0dce3bdce51504463e1fd3872d68ef7caedfd60ceb1685b2756977f0f9ba275bab8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
7b55a2cfa004d3111be7a6ebb226c9ce

SHA1
5c6da4951b813537018a155c32ebb56c333d41b1

SHA256
2ba82e18d330cf0ee3afadc7991dedda58c0f55850f3e49f8894bb9a6f69b84f

SHA512
1f933ab54edb4ffc42ce0fef38f0c1a585366d1b67d3fcdde6c8d4da32ad374c0ab38cc8fdbb34128b3c8b726de5329b585e27bde96ed083e4fa6e119e536f9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a832587d211623e22ca38b60229146ba

SHA1
a648e1af0497bd7bd7f7312a1c9746be3194c843

SHA256
bf0ba1660810dafdd123fece073e04dfc8c12e901de5ec0e4c4a6d27c532425f

SHA512
17378bad103dd926d966fdfa94a1d79b2c5c5d6e1e9f25b88aa4b02a28bc031335f51f9a517adf189399031cc4eecf3cc59900ec08327e7f214dbfb2620b5d19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9b44b36037b0081322938bcfd5736f9f

SHA1
2c6913f0a66e90c8b9e27ff01cbfb3eb2fd06920

SHA256
6e0b31466cb52d75d86d1c3c3d10e60144dd18b09946a52b42525061e0f2de5b

SHA512
92a14c1703be6f27861bfdf8ec3a70673174d2c3cf675074edfe11109699abb3437f89205bd45200ac59acc8b0e1fd10f8eba95444b2cfe2f7a19a526c1c0c02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1dfd3364a15122171c62e5ce2edae57e

SHA1
961a72a35d7307291ce7921f2dc47a836c147ecf

SHA256
bf4ac8847d3225afbca4e2da1f7d19512805789e881384b9666b9cc7e37947b9

SHA512
1bfee64ef245a81f255deec11001b6089eefb05a915cdb9b2c425420fba500d4fd704a3d239aa45c4edcce90a589349eead7f4b0380f52d6862e4b0fa624cb5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5b1eb882e79b68f7f6d3e477bb8b1583

SHA1
3514912b4fd174d26f920aea0399aa4f4f38383c

SHA256
0ed43ecdbad6716522ab563cc5a58c65dff9959b23f6773b6b6b28761c0ba184

SHA512
acdee6084bc971a459253a6e577f1cc1f41beec6995aa88937462612edb4f535152a6ca5a0924c0c553885e0f00334d81b8a4aaeb0e562ad901f3a05d0ecf041

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
cdfe58b72a76f23a98ef79dc82318afb

SHA1
d2d8d35b531bc7e69bc785dd39aa108e1eb0204f

SHA256
9cbc4fee2106333e3764f376866b5b73100a7273223dea9315e6deb53448f475

SHA512
2f6e1daa4b3cd2a2b03287a7fd9fed00ad5d48504d1c8503ca757b9fa72b669b4a9210902d657b4f04fd6f9ea3fa894f78396248f42bb9b572fe42accbcb71e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
da8c0077e49c9504bcf244b603a8d106

SHA1
c417172213635b066a2e3aca0fbbdc6ec77b612a

SHA256
8aaaf7019d08a20a86de274e183c4a751e2947dc46b7c84ad1e3cffadc558a15

SHA512
16c8a4b4c1108876573bcf1a6382ecb71d8f3a78eb746d89b85859de150072b808a946ef812a0647e350f7d6bbdb8883bb36d2500c7e679473bb9b03b23b5e3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8c73e2f02b769e8a9ed09bf05a2b62c6

SHA1
20d380670354bf4a82b7fd130065ce4ae69cfba4

SHA256
5057a5b7fef48359b7a6fdb6f4e5ce028fde35628eb7cebdfa7df11cf3b29b07

SHA512
154da0d429582304504c70ab4faff0f9bcd0f1aef8a9bd7967270e3957c405e6c3df703d8d1138d222d7c2cad533b93622ccab19cc42ca92f1d0123f9751fd83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dfd99431bea66b32ed7e9c758d5a197b

SHA1
5d5a1efe23be81a840637edc37841f3e4bbc6610

SHA256
56b7b1756d950b7b7f9936a866f9d1c87bca3c3a510374ce20b366d23a619827

SHA512
2c1380deb2be50ff6bff2bf3551b7eaf326df27d082f319d9fc0c0ef83834f600839ae0e8fc948ac6930a05670457a5e16ac637cc8dc23d3a7fbab0e9f2eac71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
55ae850ef29fce62cc880adb239804ff

SHA1
cc28b7df1a1010fd5996de82903dab4d28675f25

SHA256
13560de612810d2ebac64ae866cfe5bdb7913233fb92ed8d0c40c4f738d16baa

SHA512
72a0bc4e3b73f25c9b6d4ee64301ae1b1451ab81677f9a24dff3005ae0a6d2ae1f49cf7905936d7f6ec4aa9fc81cf1e5d0a41f89107f1cec3518d3debe3201f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2d2428fb954704dbbe12388b844dd693

SHA1
9f226bcd5ffb3f28f0351652db8547587d3618f4

SHA256
c0d9ba5405b6504adfec2c2669b4c31def1d62a3889481a2bc96c2cc7a1069a3

SHA512
3b3cb94176996b271b1eb99f96214845c5aed9ed01316b9cd763bcf9d010b92966037c126c6d76d8fd6b07ce49a40e97af2f9fd41ac52b4981722410462eaba4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4818debe640f0722d458bd723ee35850

SHA1
845f71cebad37b4da4fcf89bf54517932d885812

SHA256
f4527a954ebc50870b9201800e0f72ffab717cbedb8b64e306866b3fc935ea4f

SHA512
1f288219534509d8bb2578132c29fc48a4aff0f4612b1bb6b7211f27846994aa6aeb9c4b996c0efd2e9788a5383525ed80306345465caf70320583411c24436a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
53468856159f710387a64456a11d8a49

SHA1
eff2e3d63f9d9788588bb4a274f5af973dd5b7b5

SHA256
9f92ce182c0b86b1bb5fa1928946f5ca8a667e56d4b29da61f7429b29a868f2e

SHA512
4914530f19a509bbe31f17e74f083437b86a3679a631ddd74c4d4edf607b3ab917e53a764e4669384d7f1c37795805b6a2969bacbb075a38ef748de9d2827a36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
2183b33d20d1582a52fb6c833c5d0205

SHA1
e3ee0ed53146afd47d065fdc9f4e0f1e1cc54aee

SHA256
2c590168f4af4734c385957c13e301fd50f7864ef9ed3acfe3e7b502c8eb7f0e

SHA512
a471003587f84697ee1f30fbed5974f8510c573abc8abd275bfc4e2f0c955de5f9861157ba3123c819c8fc815ee44963f89fb8b66151e600a786f08e444d1036

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4208f74c021c99add0768f2c1dc56c02

SHA1
d062056acf4e0eadd24ac89f1b291966ba03d103

SHA256
b01f2a5c0faaed05cab2d1923d9cc837bed4e05118640c99ce18124e301b9766

SHA512
bb9db20979d5d11685ee75847c6e72534dd0ac4f8bc9a43f678e896bbf0a96f16971a2efcd23229dba9c7ceef3e69b714affeed5af6814592bc2f33990ccabb7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
53d0adefe2ca01a3ecd31829b74ee5d0

SHA1
ce8fd9f51268030dd2390480da50ffcefcd012ae

SHA256
527ed8a316b744955715a46c65afa57060c75fc9f1c909281f2ebc1952e39183

SHA512
a42d06954f78831d3d34a055651f246ea606b0443b462f69f2fd2d615e73a19848fc1e105746477e175ca96a5f04636492276aa1c049abcaba808978f24908c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59f60e.TMP

Filesize
874B

MD5
d901a71095c67c72ef1f0b0c587afd58

SHA1
1e37af238834969a2a1e5a12c296b9d5db071882

SHA256
4a2e2bacb3a7c7e540ac54b970e5f9650d084db445767e4f9ad3daecf1136d1b

SHA512
66e9051bd960412e37c2045a0f1824414c8335110dc70d6b4998cf2b7e1bb8a878528d344e20d1bb47d123de073860ac266f9372e9b02cee69ca6c47722f9220

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6d6fb0bee9be511a1e406f66e38dae9c

SHA1
5cf4a95e8a27de9bf1380535079cf6e6e105a54a

SHA256
6756f4ede46eb5f8a9f88953d5f826368ea3834de3038d205f54d70003d5509a

SHA512
ba451b961d22aacae881899a7d97031da8e49f6f06ff62f6f8a7a9f8d0a69aaa3664c2a70ff38b1d7b494113d78457e34cd1a0841a276d287098a4be78cae72d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
eb0cf1d695607fa29b92b02943d35165

SHA1
13ffcb12eb4cbbf62a95c2c2a6583c9b77401d85

SHA256
1f7b9cd0e536f5b444ca86abba453a9c886a7c69cfd47b01c70145ac1f072aeb

SHA512
3281a8c6f6735f4e08a65ee1e4a85fb2c6f2c7c465fb9d4e9eb19e42747efe8fa46b1cf683e0c6188dac504c4ec737b4d0718eb46bd6d22804e2d425bd9e1a1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
cf822e0a8f20af54bca5ccc5b80894a8

SHA1
cd67d68d5c7edc452f522f2751f2c71029167763

SHA256
4f3402d53c8f6cbf6509210ab2fe8ffc6e9b7f3d1e6540dae4272bc758da7b60

SHA512
c5276088a500e057c56b847c56e11625da12d846ff081802a8114048f3c51738928d61b9fd6d5de495a1b00cef9000996bae06c0a4a88e0a01ffb6028f6ec185

Download Submit
C:\Users\Admin\Downloads\35def2bb-e996-4ce1-9068-541187755d97.tmp

Filesize
161KB

MD5
ccd874473ab655718505ab53a3fc1478

SHA1
44218649c39a64e9cb8b54b7df41c740bd29e0b1

SHA256
a15b1d99c234f9d396caaa398323d1080a4865da0f397bc84d0282524db4d8c0

SHA512
4f078fd0c72ba43ca14014f91f73fa53a7566606c2bf64031fb653f43e9a9f53be3afc85d20165f07d69d1278b33e780fed9ed23ae794625a5f6fa10a3bf0482

Download Submit
C:\Users\Admin\Downloads\Monoxide.zip

Filesize
200KB

MD5
e77bca3013a7cdd34871d734a294d60b

SHA1
697b1f62007b9b9fbe6f1e98aede0e5800a6a6f7

SHA256
0d1c5ead44e729aa9b25547bad1f128759d144b8ecdec25bb28d67d694a5b3e0

SHA512
d9ff6c0fdc7cc2378b3de99abce734b6248c8c91fe78cd6c68cd5e84c6400beb0c5192eb9aa28fd22f60744e8c26d29fa5b6dad79296a1c84f0d2275a30628e2

Download Submit
C:\Users\Admin\Downloads\master.htm

Filesize
330KB

MD5
7e3e282f900f824f06b987519ef548dd

SHA1
6598f59f67913fdb2821976478438bceb8cd6d16

SHA256
4519e1bae40d4b43cfe225ce9c9c654c9a6a31b990613587506b010feab6799c

SHA512
5f3d172378b4c41779a3073e50514b8fc10526e1ef02f7d6372a79725d473e43f751fa7bcf80a24ff6e9e67e59656e5bd283e0ac6739ac0a3852fd91e945f844

Download Submit