1b992921c84a2bdb2aaae2b5d04ecce54ff58a3c5abc4b2686e879a72d79eb65

Analysis

max time kernel
598s
max time network
598s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-10-2024 00:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

20KB
MD5

d4ddd3e7f66971b9513fb72fa7fa1abd
SHA1

5d4d0cea3347442231d216b32ee8a4c5f488cc29
SHA256

1b992921c84a2bdb2aaae2b5d04ecce54ff58a3c5abc4b2686e879a72d79eb65
SHA512

d1642225996a8dc62f5ba479082c9d10cbc2aeade71262fc95400bbb3637790c206b61395d00c7ce988dbb8c61d11eb078445cb2610f4071574286b2f90e004b
SSDEEP

384:0TEW6VvWspa1ocy4F4lbGal7vhpNWH8B0nPro2REu4Y0wM1OTf41xCejiw:661o1ocy4GEa5JpNE8qnPrEu4Y0wM12q

Score

6^/10

microsoft steam discovery phishing

Malware Config

Signatures

Looks up external IP address via web service 2 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.

Processes:

flow ioc

252 api.ipify.org
253 api.ipify.org
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

flow	ioc
252	api.ipify.org
253	api.ipify.org

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exemsedge.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies registry class 1 IoCs

Processes:

msedge.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{B67F65CC-01D1-40A1-ACB9-28B35D3BC687}	msedge.exe

Suspicious behavior: EnumeratesProcesses 19 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exe

pid	process
4976	msedge.exe
4976	msedge.exe
3260	msedge.exe
3260	msedge.exe
2052	identity_helper.exe
2052	identity_helper.exe
2096	msedge.exe
2096	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2184	identity_helper.exe
2184	identity_helper.exe
5572	msedge.exe
5572	msedge.exe
5572	msedge.exe
5572	msedge.exe
1532	msedge.exe
1532	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 55 IoCs

Processes:

msedge.exemsedge.exe

pid	process
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe

Suspicious use of FindShellTrayWindow 51 IoCs

Processes:

msedge.exemsedge.exe

pid	process
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

msedge.exemsedge.exe

pid	process
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
3260	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe
2268	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 3260 wrote to memory of 1576	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 1576	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3496	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 4976	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 4976	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe
PID 3260 wrote to memory of 3480	3260	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3260

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff837e746f8,0x7ff837e74708,0x7ff837e74718
2⤵
PID:1576

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
2⤵
PID:3496

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4976

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
2⤵
PID:3480

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
2⤵
PID:2976

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
2⤵
PID:4012

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
2⤵
PID:4604

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2052

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
2⤵
PID:680

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
2⤵
PID:2760

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
2⤵
PID:4636

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,3829616640733168064,1635201819805237733,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
2⤵
PID:3244

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3220

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2872

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2268

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff837e746f8,0x7ff837e74708,0x7ff837e74718
2⤵
PID:3408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
2⤵
PID:2420

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2096

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2984 /prefetch:8
2⤵
PID:1116

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
2⤵
PID:1604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
2⤵
PID:380

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
2⤵
PID:2140

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
2⤵
PID:4516

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3628 /prefetch:8
2⤵
PID:3724

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3628 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2184

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
2⤵
PID:1884

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
2⤵
PID:4208

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
2⤵
PID:3724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
2⤵
PID:112

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
2⤵
PID:5100

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
2⤵
PID:724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
2⤵
PID:5400

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
2⤵
PID:5408

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
2⤵
PID:5572

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
2⤵
PID:5580

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5040 /prefetch:8
2⤵
PID:5876

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1776 /prefetch:1
2⤵
PID:1792

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
2⤵
PID:320

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
2⤵
PID:5848

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
2⤵
PID:5552

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
2⤵
PID:5776

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
2⤵
PID:5768

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5580 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5572

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6328 /prefetch:8
2⤵
PID:5560

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
2⤵
PID:5596

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
2⤵
PID:6004

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
2⤵
PID:5780

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1
2⤵
PID:5760

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
2⤵
PID:1760

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6204 /prefetch:8
2⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:1532

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
2⤵
PID:5096

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7368 /prefetch:1
2⤵
PID:3604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
2⤵
PID:2372

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
2⤵
PID:6120

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7340 /prefetch:1
2⤵
PID:920

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
2⤵
PID:1068

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4424 /prefetch:1
2⤵
PID:5600

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
2⤵
PID:4432

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
2⤵
PID:3160

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
2⤵
PID:2588

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6840 /prefetch:1
2⤵
PID:3164

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5184 /prefetch:8
2⤵
PID:5560

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
2⤵
PID:2752

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
2⤵
PID:5200

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
2⤵
PID:2388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
2⤵
PID:5324

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2844 /prefetch:1
2⤵
PID:3196

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
2⤵
PID:4064

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1
2⤵
PID:5188

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
2⤵
PID:5688

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
2⤵
PID:4968

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
2⤵
PID:1624

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
2⤵
PID:5232

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
2⤵
PID:4848

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,15511730564318644675,17063151226228341107,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7592 /prefetch:1
2⤵
PID:5424

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4192

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4992

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4d8 0x30c
1⤵
PID:5916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c8bb30e8100687d93d3272d3acc82cdc

SHA1
4eb090b67fb7913e1ce2a2f590b4df9412b3d028

SHA256
78e3320030a6f37d3c8930906b1bdf1427743114ac06611b55aad02c5439af89

SHA512
cf047e733a6f9d70b5b9c4694a16bb1f852e097f1968639eda8ac94dd067926fa245a4124cba6fd674e6e8bccb03329c67b861cc487e6221de1322615644e507

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fab8d8d865e33fe195732aa7dcb91c30

SHA1
2637e832f38acc70af3e511f5eba80fbd7461f2c

SHA256
1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea

SHA512
39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
7fdd7c8d869774aafbcf45ad5c9901e1

SHA1
279583897f79550bbe00202361172e95ce5ab202

SHA256
30058418677797326646b895d36e9df4ba0a626a59b569885b1a3e3cd725bc46

SHA512
da6d4df336d1d3d02767a90940dd4d9ea54e5c4ea78f7971ddd9cae99c0498bf536b981ed8df382f66660178b6b8bdd4689b7ab2d8c2b973834a3893cd61570b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36988ca14952e1848e81a959880ea217

SHA1
a0482ef725657760502c2d1a5abe0bb37aebaadb

SHA256
d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6

SHA512
d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

Filesize
44KB

MD5
595682778bb33eb8384b5ba1229b2a24

SHA1
099b886d6bcd798021e219a503c8905549306ba4

SHA256
10494271834b1265985716982a5184e366df95ef1a76f290977d116ceeb35f36

SHA512
19f78fec26d9f07920f06d50a73602d532a08a9a19c20305b12a352262a967016bcab3ad6f663c853b14a5bb73b32401909162c258629570656eb7ebb53cbc46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

Filesize
264KB

MD5
e4724ef14c4e5c222254161ded1ba8b8

SHA1
69aa13f0007b66f23467b527d306b977d26e03aa

SHA256
4bdc97a0d25f273f58f5b388dafe274caa36e0d4c9474e09264d943742d3cfd6

SHA512
a89291ce167a869957111a99c80fe49d1b38b692901d4bb36f571e9f1191b599029d21ed7df10a469d9bb449c6baf47311f6e75dd3307e0a44eeb2015ec3f4c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
47KB

MD5
44a0efdb62c8716a215a27af435fd27a

SHA1
d293b55224f753fe1eb368a8b7599d78709c3b87

SHA256
4e7f7517db2a941ef752966fefc24801b7c8a94d71bb5cc9c64dc8fb697dc0b6

SHA512
c039c14abf279adfe16d0c3621dc27a4713c447a5cced596fd8147bcbe5c5e60c444f30102797628954fb7cdff8de13448c190a95f5dd29713f409e7cea3fac6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
67KB

MD5
fb2f02c107cee2b4f2286d528d23b94e

SHA1
d76d6b684b7cfbe340e61734a7c197cc672b1af3

SHA256
925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a

SHA512
be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
27KB

MD5
7153c0e56f2bd0b9d61cbe3c697e3bf1

SHA1
59c1a4ba00584dd66c94113e7d38b8fec194da14

SHA256
ecf4f22780a8de18840ba98100130e64734d0406893841ac7361a3d73903a2ae

SHA512
33a20aa2217b42b59bda70bde70681fb75c0e615c651a799849b71afa276114e77e15087f97b2db231e2dc66cd842f367355fb268f74714de51ff15d2112a37d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

Filesize
20KB

MD5
9ab049e4fa2e057058b33715b6caeae5

SHA1
16958cdc71f415bdec24f1359e40f66c4960c767

SHA256
d147489e927ae1eacc5ab01c03e52653593dbc4bf7112c040ce26c370cb6b2d8

SHA512
efedf364b2601eb5e7369f5e2a2b359ac83908a1cd07bbc10e52b76bfccd3339bfa6f4cd5c9f55bf934f477a12da878f3de07971109fbaef341592ef6a62ae70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

Filesize
32KB

MD5
e88b1871ed8eef59b7df05a91a6f2157

SHA1
feebf868e5bc28362677fd6e92ac3d41c5c9715e

SHA256
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

SHA512
747ffeff5987583436786ab4597bd1d16c3818328ac6c4f714d3f68ea7f3ba2a8bf6dc372731213669af7c92e554d0233ef7a278bd1cf4d42b8939977c87f837

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

Filesize
31KB

MD5
328fc862bf86eb29dffd529f34041a71

SHA1
1fc42b25ccc7ab86925330c9c242034ba25154ab

SHA256
58531b3245c799311b1d620c9f8d5d272213d2df093feb9dca89998e5382a451

SHA512
5a0cf43007be7f2fb70a407c16d82c2418304911edb9bd787faea2ea9e3a2054e9a43baf9019e79eb17ea8867db10478148f69faa5022e37afad2383f4cac43f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
26KB

MD5
f94cfe1b22fc127b7179d380294bc56d

SHA1
00928dc867098d5c8a8cc4e99553fb4fbd5dce85

SHA256
264c41255c511dd407c391505ee423ed8f09ca42f0a7d170b2f4c9733ce6e445

SHA512
bfb4eac08b58d486792e6d9d6acb1b32d29e1e43d8e46cf0696566973cff543570eccaa767c83e0bca9b5052e9abfb8bb579337a71b52cbec8351bf3b7d4af8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
22KB

MD5
9bbbd0d94cc12ae2725861f1d4575fa0

SHA1
e5795ef2aeb3c6334f4b39588a92f739bb041bfa

SHA256
c1914d89af51766c38ef99caaadc08ce4ffd1de962437a233a7a3a1d6ebff326

SHA512
e4181a7c2a0bca8dd444e9c6e6acbeced2a9cb227554b527260ecc495f3f4cb2250c7a9e0ab18f1bf164cc054252d5f77b2f5554369ec35816870837773da2ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
44KB

MD5
d6597f04e3ee186184b2a5bc27c407a8

SHA1
cada5c13d436708b05bf7cf1dd82e38fd9101e61

SHA256
957abc2c5f20d81a6240f1c91b67ed4f33ebd902e0501bbeeafb8f3b21b2eee8

SHA512
77acb1e5b0edfaafc79f502104bf8e3b1d2facf55f8851ac60dcb063d1450c3f303163f261dd5d4c5a2db020d003ce6c97782b76b5bd3ab3f08267ec611774f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

Filesize
20KB

MD5
f85a52738e1eecbbd780234b719227d8

SHA1
fcf516cf198dabbe8297ff497a7c56cb436aa950

SHA256
fd104379d8348961292f3730ea6a8663f5aa69e40294f399613d5b6370a9bccf

SHA512
b5b80abe111c8326cc336bd08b3354f7616a9fd0416009da64e608c86e94a9c38ddd92ae94c7e2f00df5c6485a43a302daa51672f671504c792dc6ff0e9276af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

Filesize
63KB

MD5
54f20de8a9081fccaa118be5bf3aa347

SHA1
9a6f5952bca06500c4df3f5a26a54955e55ccc14

SHA256
b47847a633f51ffc2135e83796b686532acbb5876025eac6d20a083502315834

SHA512
488522b5d5dc119f11e33f295fc3a2537cfe8360287ba619eae02d70629d6bacf7ea9f8e85a05a1b9d84a0688922e97c7d754c42d5428363253765fee35f6d63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

Filesize
21KB

MD5
85f9dc7edef4f310dde46c383bc27cf2

SHA1
a68d77ce694c56e08e70c2bcc7f74c7c8fbf8e89

SHA256
eb2f8fdfe47c43875d6a9ecb49b8d9850f05cfb65efcfde2a06f8f75d78f0c60

SHA512
a35ce740c3cb691693501eadc5258632ce1e7993c3a6782ba148da0468347c69950903246208f44fdb06b9cf03e73a1c4aca4a324816aa717d1af693c11bb7d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

Filesize
33KB

MD5
1aca735014a6bb648f468ee476680d5b

SHA1
6d28e3ae6e42784769199948211e3aa0806fa62c

SHA256
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

SHA512
808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069

Filesize
22KB

MD5
52d9d84a96978cee1041f678c55aca6f

SHA1
182e5aba11733940455115228c1bee4f43c7acc0

SHA256
cbb1b238ec4dc6fbb203cab36076a245fbcef04dfca6b7f0e29735ee018f0dbe

SHA512
3b85a7269daa613c55b0b70de3c6ef3be3e39fa58eac52d8895d31886e02e80fa6c358acfb1facad7e1a7a9957e8fd83aff1102516867502c5f8eaf115640604

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e

Filesize
71KB

MD5
e70228eab135f1ae1bbf0b59c377762a

SHA1
d7391fc9ac4898fcee740d74cc1205fb616b4b59

SHA256
c0c32d95ffe02b09c4f18ec9155f5ad2827c774fb4a5ea9b19bd75d1f2099246

SHA512
791177b26b1ab75ebe7c4e1d252ddc637813ffdf938e9d6ee378c7745ab20623e0f9a4629218593388fa88807a3bf9c0967060afc2b07c97687b0d092143e2a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
17KB

MD5
09d3139ae1f090834b86ff1999fdb9b2

SHA1
063201fcd46058bb19607cb5716a66cbb12752a4

SHA256
adaa3809464e70dfcf7910a5b28f9b4275a202cd97dc03621b55cdaebe7f7bff

SHA512
a605e29144da332d07fa01c80cf479aced342b1c7142f1415a5db460a11bb6811bfd0c3f63900dc8501e78d5316b9f07879187297c5b5158ffa964e4bd2118fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008b

Filesize
54KB

MD5
cbeab1fc0e0a14a7a0e560b431f2fbfc

SHA1
3f038d936ed555c65db6a0f76e3b8320ca4c41db

SHA256
76ae75fadecaf73a58af196614dc5fcdaf9a3ca534c6b1187cb1e86f06f1b026

SHA512
c5f85c344a4c03413db6588ac10dd63c13044e845acf749ed0ba2c6564fffc501dc024fd12f1ee22f19ca86444c44a66e0701aedef50c326dcfecd4ba5b3492f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

Filesize
40KB

MD5
23dccd50c1598cf87c321dd0e788e2e4

SHA1
4697f41531098e96b97de4ca6626fd86621efb1e

SHA256
167b5e3d2fc6a069ef986144f71f70ca1ed8c4332846757c8aa4792703420635

SHA512
00174629a41be7b3d69e0ef03041aab41adae416c39209934b8a9c3923350010ddf01ce8d37cedd6bd57769796b41ee3c18c1b393726988039b556416c20f676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5

Filesize
30KB

MD5
81d72046d97e4e906981ee8bfbae3a7e

SHA1
5dc528721d51b10ca551605eeb57f3113ca776bd

SHA256
e3da38ef8935759329b8b15329c698dc013f378b39bcecd32111da2fb03117ca

SHA512
b60212bb3dd7615d70576dc6d72dcb2a00b4878b5cac19353dcfc8962ff6dc3203ae8b47a3a0791ab8c4b92ab55892c4fe7f8371b7ce83ae8ac80aa9ed110624

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000eb

Filesize
19KB

MD5
aa30a76b8a2f9d278695d880e81397c1

SHA1
119aebb6525571f006fcf93fbfa29d8d0361c4a9

SHA256
2d627009bba28a4198391513b178f400f903fce35fbe35aab88aa4ffb3161a63

SHA512
03fe411cfeedba7aae881063f3ac51a0297eaa9333478d1ce96dcd8efb9f6fc284eca7bfba0afcc0f2ef95b0553c3ee553f220227227e1218622b079aef1abeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ec

Filesize
32KB

MD5
e13edde4a25e96e573f37bdd11e020aa

SHA1
84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2

SHA256
45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515

SHA512
9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee

Filesize
36KB

MD5
f2cdb176e06fa3199e1b11189393f50c

SHA1
0df571500e656e1976ce8232b557d51293e9f561

SHA256
a6555b50ba728cb18be31af3e577a2cfefd5070a7f8ccb9f7703a4efa1e71045

SHA512
a501b75619242e507579c93a972a62b939d7f5129d5fd033effeac8e071baba2e49c26968191e00ab280fff4c228672b711b2d214358577195d6b24ebcd5daf5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ef

Filesize
53KB

MD5
98e852f90289e8ebe6d464bc67167ce4

SHA1
dfcec9f225565c4e3a05789ed1e18b54f30da561

SHA256
566cc9ba58f6c0d97034b268e1fa7713c86d060c0b09e8eb5bb61d27e308de40

SHA512
80bb1bfd1bf6c9c2d6e4e5a24fad5f76410f78cec3b49e2d972161cfe63212e1df194a8af1d6228778603fa28898ab5106be34fe6fcf802dce16204788b4b453

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f2

Filesize
215KB

MD5
0e3d96124ecfd1e2818dfd4d5f21352a

SHA1
098b1aa4b26d3c77d24dc2ffd335d2f3a7aeb5d7

SHA256
eef545efdb498b725fbabeedd5b80cec3c60357df9bc2943cfd7c8d5ae061dcc

SHA512
c02d65d901e26d0ed28600fa739f1aa42184e00b4e9919f1e4e9623fe9d07a2e2c35b0215d4f101afc1e32fc101a200ca4244eb1d9ca846065d387144451331c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f4

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7

Filesize
119KB

MD5
d45f521dba72b19a4096691a165b1990

SHA1
2a08728fbb9229acccbf907efdf4091f9b9a232f

SHA256
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

SHA512
9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f8

Filesize
130KB

MD5
07247cbd12d4e4160efd413823d0def8

SHA1
517a80968aa295d0a700a338c22ba41e3a8b78a7

SHA256
41464efd9a32a5967b30addc21fe16cd0a35870fda56658b531a9a2434b4d829

SHA512
27e0e7505d41891e70bd06733f96e82e45061d621a1d20bbc524fc89c5406a799cf53d98c0fa256cb4ebfc19750c9a05531a8d273cebc260d48948edffdf6244

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f9

Filesize
210KB

MD5
cceed19f381f97eb007d412685a22857

SHA1
cb099f1d967272578c3078b026dd720341c1f59b

SHA256
e537a2e9dbaa1a924a7781cf45165394cc646d0ce675e09662191cdefb96dd6f

SHA512
a3e0a899be0a848b4aeea5745f04060f93cafebd56b03738f5165fade5fc08b93b60f86907c54e572278b665f997e036a80f05b23bd4b71a7c920c4d249d094b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
a29f389c71ba300262246b6794bbb3e2

SHA1
c1520e2bfb7d730c14289c0d083992add35d645d

SHA256
0c47ce7640f7db2bfc357b678abb1c700965627ac8d0b3c534711ec979567819

SHA512
222f52079c257bafcbc3e393893a950d41f44262bd69ac0b5883d55edad4f2fcbd657873e03e4fc4c7e98486d839b8324f907f597ad2ac0bd377b023424d88b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
613828193004e6559d94e45a3675af63

SHA1
32b81f5390e83225593880fa362c70a07412aa47

SHA256
25cf0b6824ba1bcab159881b3ffe051aca2d07b9492d2ee2092da9eb6c68452e

SHA512
da089f125fd674025700d692dcfb70e4b37d72240e3c2ec63a597ab125c21575456b4b7a442cdaaa510660d8892161d5d0ba174f07e5927667b7e587e7f99a0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
5f90d66be56fb5a9c60fbcd110744964

SHA1
047f625a67d781e50ed051db584715040b608ca8

SHA256
16339ca9067c36eca0421e2a1e34076e6f171e9c3598442e165a53ab381c0a24

SHA512
b5aab7dc53a94ab5381aab7e0ba86710a516017669082fcd554336565b9320c126475fbcfa8608410cf5a5d6d533737f502a83d81997dde217b6286486ae6b10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
dc4c93615e770786d548971a181f9263

SHA1
b42c5d70d402849bfb8761f1c5305e94d7bb6035

SHA256
d80fd41aabce0411ac2a65c1f0e7d0e4fc195c0ea2e4ec5c5e80f5a67b58d886

SHA512
7c0e26b9db7bf6039748e7c0e8f99e20ca7103b8ff86729ef4ca076adf6edf4fcd65c4fc40f6e18cb7c0540f00c11de2152d7f43be564d286f7737320e43cf00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
6ef2f684c72c6c504cc004597a5b806f

SHA1
3387f88318bee28e8cc51d8d4ba7675298d9dd5a

SHA256
fcbb41d915905c33af04ac597be40f24edfdd3929bdee0f62903591191275de9

SHA512
9a34ef1c204ac5bcd5a025f79acd1b69bc3a23a54ff7d16804c7d17e9b35b3b988cce081c8767165176aa477703df485a38b87195b41e5d11584d2140e7a797b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
124KB

MD5
478028f971dff9ce8a4238d2cb7b0894

SHA1
fdd1ed34155b2a20874994aa1b68486b0294911f

SHA256
58807bfee663d2567cb88e3217892f5c46d543195f959d2789c0631337ec4d5c

SHA512
edc14cc25cb7798b8d24a928dd17e4d090ae79e71b1afa1b9d2db5d7bb84a5d065be40f72b546f0c095c9f4336697e55f0eab8acea9a5a8ddd6c8ae9b14290b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

Filesize
586B

MD5
20619853dd5de5ad23358089dedd1232

SHA1
f9bcb65632604c789e105146f3df8c5b558a399c

SHA256
31c0c454b232376ad0c7a15e282162982735eea7f1ed88715616f7656fb250d5

SHA512
f0cf9479112d684eee91310a79c40b1938dbfde37105496ba1c2c221aa49f1f6430f789dac51ad8c2017091c73d638910d18f261bfbac04c1ef64f5805f59cf1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

Filesize
28KB

MD5
bb35a7f0bfbcf24432c82a142d63a00c

SHA1
2666ac7081cc533e6ff51136a626b6210b43d712

SHA256
e98c0b4697ee0fed94ff4394b839b5981f1dcc27712a480d082d54f8e5a808fe

SHA512
ed1ab4d01500446149fa677f80083a0ec5cdc1ed30e9cf8c81c0d2c312453ae99d7df5052c230ac4c53ba92ce48e882836612c6a239abe730358e5f39537c47d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
f0ca706cac312e31bf2ef7a1626cad7e

SHA1
9d32564e1589198cc57b76ea360949afa88a5ec7

SHA256
5851d336e6f69d09081714fca6163c2a9d3906a27eab3a85f96f901acd347041

SHA512
0a2485fe59ea59f4fdef8789c51dbff3df9f932657fc7e9816ac80a0d225736581cbb389e5a94bf902fecfc424c5ff5ccca5bdbe745be7aa10f7d49753b7dd78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor

Filesize
36KB

MD5
cf4b0a74bdc68a111bd7ccbd8569daa5

SHA1
e567e83b8db5476018dfed63802d0f60690c8139

SHA256
f79fc9fca22eace1d33311f380f135b75b30baa639f2d819fa437580ef268b6d

SHA512
4ffda967282821d319e22334cc4410eb8883b436654c2ffa65a7a75fdac296a349a672c734e8fed023b9b34d5f17d1af611f81d433108f898459b5ae412dac9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
10KB

MD5
f8e32964c3a9ea90f0c482e9d83de169

SHA1
ded9a88a9a5def2decfd5fbec4e9743f7e59b185

SHA256
5a38334f0c98d64e8c75495418a8046167b27e15e18044ef42bd1d28acfaa2ec

SHA512
53791b598b4ee9d47ca4e43cb80e6bbb59ffbee583ddb959f54500b1a9b8d34435b2d2b670b4196d3de9961e9979a93cd31b1bf8ee8f7f76d2e6da4c27ef8001

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
da1352d34cdf3f7def9c4c0c42a1fa70

SHA1
c2ae761153d0c26e7aa3715b5e16b2522438a148

SHA256
bda136aeded4331988e52c1a157eaa577fa24d60a649f327f0a5b130d8401e17

SHA512
d22029c349df035bbccffd3c23daf4d60c8808bda89fb3b7d7f5cefba7ead054bbb9de22d84149dd68711fb71663d73a2a55a5e19cc63f2ad8fab35b1deeafbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
12KB

MD5
791b8bd70aa87c325f04e3ac5155d43a

SHA1
fe98455ac0cf6a30a4536005390defa617c9609e

SHA256
831a5b25ee57589c588f274e11dd275cc2a7b2131b16da99c9c372b305ff5a6b

SHA512
c35548aee2edebf091665e8141b82d3230f5cf094aa59e61ca93cf897fe27aa0349302b55c72df8bd803a56ce46d431fc6a4186e5ad91922146e0258198174d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
be20cc6ace1a380cfcd1f319313f0fa8

SHA1
517adb7278954505a6ef113aec27a40cfe002cb7

SHA256
401b0e900fc0ca53b190585a58b5ccab59b3dc438c6342fe24f3fdac9ed1fcea

SHA512
1a8c9bc41c52d2f6ca33ebc75f3d90ad44a4d67f45d8bda4fbddfe2017eebcb875ed5a5461d10622335e3d7522b087f3968e2057497365aa513b00645fd7d49f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
62a33b2e55cd35698aac8c2602a0d7de

SHA1
b0921bfa3e8ec0c00a0d8adfa08a065d5682fc11

SHA256
87fcb1d802a7d58e1647f7a169ddfa2343f02f25f06b983dac6399ef9de0b3cd

SHA512
0c191dfb6565a3f1288f2afc24de0aa34b9f982ee7e59b6684d597e62ba774d9fc164516d3c9ab34e4180da8c39bfc7de26fec0dbe6a79dae62f623136dd0bf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
28b61142316dd73b12a11fd3cc97aedf

SHA1
eb413519f945e1d0ed92ffa17dfa11f155aa6146

SHA256
823e9d125729a399717ade7057d0fb73f36a378621fb50dd0a0515a0fbfb8809

SHA512
1fdbc8bb4afcb63d2d635fdcd4172f0f802b61aff89bd4b18e4b4a1f389cee081fcc53d435114660cf6743bc0ec15223b989773bc0cdca5dd086ff400e021944

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
263b2981133e8344a73735bc5094d035

SHA1
f7e5506eb005d8da9b90c43d29990cac69a77fb6

SHA256
98f483df6352de8c9c6a82122cb57cf711c5a409b684eee48acdd333d474cf21

SHA512
f2cbaf0f6d952e20a9597c995ef7471f1bac7c81f8e8c155266e4e64179fdfc87e5eecf7457dfd97d8b104c0fb68b9591aac381e7d4edac2fb1193de6b6cd8cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
9fc88473b1cd90da0dd42d4f9fcebcb3

SHA1
78a56fed0e265d715119df249667473722464a85

SHA256
a3120db51d46103f846c0574d739d02cd9839971fae28a4cb9ff33c5d7b97c5d

SHA512
b515c69e92cfe460915148bd9d763a4595495a98f92bae76a4d8ca04ff7633ca795c47d768453db8ca0d53dd5eb470ebb23a68bf442698ef95ab955ca6297cd5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
3afcd654e1ff76c6e4156399c559ba38

SHA1
39e8d074dd2bfbd633d29ecd29bfe75826edb99b

SHA256
78aa73ca200c6738c2f765e9c862f71c2ac04c51b9395103404489adab26a41f

SHA512
66d3b4111340360eda9e3a85c2c282d042678974c8ba974e0b4e36750b18837409b89b16250003161ee4c4bf471a1e6982cba8c18287c33cb5a7178d806da15d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
eca373feb203bccc02a4697806022cc3

SHA1
4134ca0f1fc533df5d6a1a63cdfbb98a9cb3bae7

SHA256
78d67088da42441b12c9564e13fc6c7a5da2e86c30108eae6b645f69d3dd3edf

SHA512
d4e26868d5776db14289cae2090e476e37ae9879cb6eacba278dd71364050de3c5953753ef1c83878e49aad7b3ef55a78e0fa4ecd2d43a4e7df2ab664cc1a02e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e8a311da3bba633bebf671b3405d0d3d

SHA1
52564747280b0b9df2a0097ede3e7f84a2adf8bf

SHA256
a2dd499c373813f18e868df98bd3ecb4325dc131724962831fdd300b1165dc78

SHA512
a34a473028fee3b81068e67c994efac72351885466fce4bf23504c745edeba3849e72b811828696015cfd84a8a861f56c4e443aaeb633a3ed6edf5a14a2eaad7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
4d193fe8b79c28f65dc02f19df6c34d2

SHA1
e1c58ef21adf83fcf3a5ff421803269f2cef4b20

SHA256
e47074e2bcf96c0cf26bc9d7c6511211b89e7bc0321ffb0c030e16db422dd794

SHA512
d566c837d884ec401dcc57f1acbc1d303eff0ac2c21c3472a9194e6013e4b2370c0b17b15e85bae524c8dceaa76e10a792bb1d91d5bd275a572425d7f43d34b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4ae02ed72f105034aac2b585caa6fe80

SHA1
a3abf67009854319e3d2dcfae167b18043dd19f2

SHA256
5b349fdbb002bbf591ae128512113127f41ce39d6141f575b53ad5cf27b698cc

SHA512
43fd8a22920ea92381f9782a184d41465a6e4447be866902cd074600d7bcc0f7dd477e4563e5240bde6ce269bbe9f6a86ed2573aa4b2f4dcb738a8c673ec5c67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
57652b376489d80e021c0f6f2a20a082

SHA1
cce1a386d7ae06d43ed3121a307314d62472cfd9

SHA256
f8d2c1a0b2537d55cdfefa3116e99fc9af50039f048149d3ddd0844e3d827d9b

SHA512
5a24887693672811d40e55433592098754c26ed8772b03a87564f51162a103d37f5233711441fb9411e05ee75ddb32912ced6ed5d0881f318d9f83ac775471b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
77304552bef4290fad22c5036e2747dd

SHA1
89a6cf3c6fc8a454c45a42450cf6ec320dc623d2

SHA256
4793ff01623c3d4892d1eb9604109e3b7bdb5623268dda4ba89c0637180f6f93

SHA512
fd53864ca75865d5d3822105b1ad72d95c3087c7bd0990ea4f7876c69ac8b7f412aa2ea2773ff39c1eb4e9f0ce6d58aab1b3cb2d404ea6a0ca8c050d4fcc44aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
dc5dcccf36d56f49d7f0e0242644d99c

SHA1
a564acfae05c1d3d4c1ad19a222de08d82d35bdf

SHA256
6d86a70909514381e8d364d0c07eb1784e8f0af6f9dcffae02c11d0070707c4c

SHA512
a51c1415deae8a0d598971d0da38ca4cec4d690160e8c6acce8631a15244a78d7f94b6c7825b0d42f05d390bfe88ced6044d8f42354745dbac2fa4740d21f3bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7f9af2dfe5b0b419d2a4ab50bd38ea81

SHA1
920ffb19cc0ad33b8fd394b4154ecd8822f874b2

SHA256
059784120b5aa65f7ee91c92f54134479421d2a7f4d0b52dbdbd70fee9357d6d

SHA512
d03225033b6028d447c7ce38f24516bb96a05c0b2dfb87ceb157cdd101e624dc84604fe2618b93c0dfeff7dd5cb9fff826d33c0c3f74dbeda4c1432cc482f6c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
99d31469e7bb3f95fbd8fc41362434a3

SHA1
67a7b2c2e5dc31e4ba9511ef3a7e8a50e5c487be

SHA256
efcd635b2e1ca2fa856d4ba5fc215487add71a2cc87e4827289f766761c82421

SHA512
2ce57bf2d67b46799679376ceb6af49b79b3ad21cf71b994df12e5c96f6b4f836e3aa9ca8450622e709694e51782dcf6ef4f80eea635588eb0222724dfdbecf6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
502f519fb0d681454e69c8743dcf3e23

SHA1
b6a232b54320e9088c2b70a16404541274a54629

SHA256
b475c88f5878f8053549bc7dc5741516aa6d67df6c508b7a7f0e4d4894556b87

SHA512
d0132511f885451e2c73a2236b4a34d864b90b3c38edbf1154010b0ca4a0dfb1c7a239fb012da363fadec3794169a98b74dedc9eff6f85065a8e584c329f57fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
11c744c8cc11e19f2471c9828cd406c3

SHA1
e44c2e2b0e7cf4c64f713e1b32a5e563c18bdb3b

SHA256
805da531f6f03cdf628999f48b70f964e713a00bb30e58e66096c3b3bb6b6eaf

SHA512
574016ae41c0a25d49486b6a4b91c848d7a1d776786ea17187e1dcf8e9f510145859b8eb23b8aa0aee3c12689779b8ec61051b9a0e884b551b617ae67dec4f39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
896c0f11ad6f30cc78f672a7dc983fd4

SHA1
a3b2adfd79638c0a15582c2954c8a02de6741cbb

SHA256
1117df6027cf02ef9e599208923f491ef4855dddc38d9171d39bf2b2ec5662f8

SHA512
6a454cefb25640da633110a8144d1b4146d756f19bafc862ec5ecb9e6b1f7ff8036350b58e32b2546cac298fd7bc59a8c0757a81c513b7a11b8aea1d405ee642

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1c50970b7f4eb455f1729a88be87b3f8

SHA1
afe737119b3c1ed7ce78e566f8f08dbcd6a1c14e

SHA256
3bd7a7dd8d8993c4afc074da13347226cfa1d79f4e031f90d2cf100dd6b57480

SHA512
aec254fcddd6b63ae198666b4ae615a1063f8bca646f38126c47a0e4a1ceb8121f3c9501efdaf887fd905dbe0aa51ae74ac53eb6bf321c7cbba62e79d0b4e5a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

Filesize
33B

MD5
2b432fef211c69c745aca86de4f8e4ab

SHA1
4b92da8d4c0188cf2409500adcd2200444a82fcc

SHA256
42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de

SHA512
948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

Filesize
156B

MD5
fa1af62bdaf3c63591454d2631d5dd6d

SHA1
14fc1fc51a9b7ccab8f04c45d84442ed02eb9466

SHA256
00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d

SHA512
2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

Filesize
319B

MD5
654b51a8906ff85a4b69c51b8d9aa02a

SHA1
d065c44f669bfbe625bd40616bd5efb9fdb3cb5d

SHA256
8b6cb8bfa3eb6e7a25ed8eb6659ee4b0fcd200a0e74cd87c040ccd2fcec00474

SHA512
440156d7d5f7c5614c111cec183459b5ce9afd05c1a0a7f2b29f21c6c5f71f5b122bf6ec1600fc2587ad00833f958fb71de815aebf4db55cf9d30735be810e82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374463109119742

Filesize
1KB

MD5
e2fb0705390e67d5fbef767311a55a64

SHA1
b7874b231aedc4128311033eeb05128968b130c0

SHA256
cb2451e10c0bf521ae9d340a717eb6f96e51447a93c1bcb8514aafa8d1c66e27

SHA512
675fbac684ad6ea1b0c77f78054361966af7b8168d023a9068fd2f8f49fe2b031a7b51a9953b0059c8c2d84db5dbaf5ee8fb7f9b3d36ecb049aed6d6440f270e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13374463109291742

Filesize
1KB

MD5
6e1ad215681ac152973b5b25b7d0b4fb

SHA1
31e288f015d4486fea16cd60aa341b1ba8b8103f

SHA256
2d47a4343df62327b26b0311ab3a3c2f3a6005f2066fc0f76d15a836fe257807

SHA512
3cac320ad467744e287a15886948f852f84a67cbe4e238ec99d7020bb1c095aca7dc0e029ec65f3f3dd6294879b6fbabc2ef780bc92785350ed81752eb7f8f79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
88427413f54eef9b4e7022a3e8ab973d

SHA1
95c82fdcc8969b91e697724ee4905a3cea4dfbbf

SHA256
a4199f662fcd7d2819a83a22346e91f19c27c3ae0d8464f8a3fcb167e2042737

SHA512
c4112e631ac5c550a30ba2792db61ac60ccc893d6ad4a62bd028171bc1206edb455fb8013089f4a7b9470cd15b2635b3944d7b5cec3cc05bd8c03a69a970b658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
4e465e712ca2939d25b71f7eda1d62e4

SHA1
55fad6d6109e94d375041f70c40984b4beccf4be

SHA256
5d565445f4b1ad7246b055811da9d6a64bb81a2631ee5a8c3ea021fd765e0e33

SHA512
deb280f28231c3e78c15409a702cf009a0c38f3dd8b509934549a436bf6ea655f6f25904b248f0f8b25170f87b5d05925ee5aa39305f5f29f5fc13181b16bb49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
f57f3ed333657548fe66cbdd683ee8de

SHA1
c14120204464b965ec8e988444417c50a770d6ba

SHA256
ec760c22ad6f71e46be798d64f141e5dfbf5f56bb5a4982a0aac4b2b4719dfa6

SHA512
3f8b6fe0dc8d5e54fca5bd2579fcb9bee35af4d94bdfba17673188f54fa15a62c8912e591245136f4bc469ed85df52311973cdbc5bd3db6de559503a7e0b1ad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
0520f2b873894198d3de67696fd63f43

SHA1
b997a6bd7900e713eb42c5e93772c506b6867e73

SHA256
5fb0a9eb33b2d205232b15f4a11e9530c7df96511eac745924fe864988640920

SHA512
5523409ed15a8e75fe9ec540a488f2d9c6a52e6a0ddd363dbd69bcfa9d3f85e962478fa0cbb1aab7ff671b87947040f6df4eb5afe7f4278924e0476b4148226f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
11f7bd6950794776dd023e5965fd3f79

SHA1
ad0c96e9160b4641ad58e8f3a032835de0e098b6

SHA256
137cd8eb84a873af8305d8e15596cc37963762ffc885e348192e5eaa3c988b38

SHA512
e2fdcd5414a6f622905b883dd7e490aa94ad2df63ef48b81ba9cdac830d8f74ebf7ce49fc3d6446dde83b0a109a4cdcbe37ed0cc4aeedcc568dd6351fb228880

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
eb3f6ec7370e1be0204e97084e211203

SHA1
1fd44a4883662bba27d23998208643c0eccf00a1

SHA256
dc00eea7016448495a48e14a63a1b55f2b8efed603d54eb8883456428a2ae023

SHA512
2f45b79f6e22a2812711034a7126ded09012e57c978a52869f4a5800dd88fe570130a2d73c998d7bf0e369e6ae689e545812fdec310a0f1d363a3e1cdde73e9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
92b69aaa7c2930e6f06ecd230d394b04

SHA1
cecbfed778100753b3c546914baf66f6523ac08b

SHA256
1cd648031e750e2939c925cc1b77111b9adb5ea6858e1737c8d702cd32bb8f68

SHA512
cdfe65f983b5e5da8ac1fc36fe4acb44f4b9e7f786177ed2152848f6b932028bd050852ddccae71dfc4f109f49232f2e828a6afe58a5bde04b2e137d958666bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
adb3d89cedd1a718438174e41a258bfa

SHA1
bfbe07e4473a75bac4c5efe25f1db39e25b7b0a8

SHA256
07d266f83e28ca3d1b3ca888e9de8d68bac6fc3c2874bbea013614aecba6fd47

SHA512
6bd2697372f4a0bfe3614aab863a1b56b30aa96e519aba570a744f93f5f7972424bedbfd5949053782df6e70721350b588d6026e2b0100fabf6ff154ab205d70

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
4b82b62087f26ece3533d00448ffec3e

SHA1
600c8c3b4e7343245dd8a4f9ee0e2182c75423c8

SHA256
2c0a074f56b152a0fce1a9cbcbfdab57ffb92743d7a6bc5da4a86412be3ec255

SHA512
be12d9a27f72c95aaea7293d1e99a330112f2c768c9fc3d09d1c290ebd94eac5d4d264ce82ed1c4cae44ba5840e566e547fe5d5b2ee4726b42ac8881f06f9fd8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
40d69645f85013318088bf1a53d20866

SHA1
ac7afbc78501f1fc7a1076b884927ca9117146ba

SHA256
ffc0618dc54f62e4b6374b338dd6b583d650504785f0b49f56fa170a2baf326e

SHA512
201dba5486f094654b916e06474625f9599f8de6604d71c26ee1bb37a3e6885a265d4d2018a5a20c3a4a88080433ae71d53c151e12a8717cdfd0795776edee51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
2e7d82828f7ab6bb5b657da8782a5c8a

SHA1
5a0aabce3f2410f3622620462aef3719f8c49a2c

SHA256
67298105c2bc7115a4746e75983fcb8ca4dc77408089afb4d57bbcc1e17e918c

SHA512
0ad25e74a5d3d28444f05309501cee55fb85434369266140b07ad6515078547aa58d44ed37b8e2a6b7fcced25a51b318662dc2e8fd00281cfc825f30532b4026

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
702B

MD5
60acb122166730a08d2d951af53e313a

SHA1
3fc7210cdb9c54c88e445cae7e9f9c68f4526407

SHA256
5c404d8aeb9e71669059c167d140db12ec4abf9e1e993f6d9f771a5b7a0c50c5

SHA512
21134bb3c0702aa004caa55640ee9eb04c0fbef8701f5017549c39a5af0c45945e872c2d14007c8b6e89e16d37bd695ec267e5f0d99a4b63a3d3bcaf2221d835

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
72252cf70122ad0db556ddcfe9b363eb

SHA1
01c5b2df69c608a2ca6bdb4b9b24587d50cd9dc9

SHA256
c0232977c039ec1a48c138719a9a12325aa719784ac467e3be28de88fe814703

SHA512
24c6d6f7f748d40a035d4941e3d423e509d4d81da1429ab21978c3d66d9ce648c451e11e18dcceec5e63d727674aa402d9fc37af6587140b414f940eb4539d6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
58f83432f71ceabd74cdfc4dd5f00034

SHA1
f6189aca9ef4d8d415fbf62850872ec7163a15eb

SHA256
fb56c0eeae52b3fabf5fb780e9681f618ef8920cd912b720784e4ea64c8fabe2

SHA512
0c0881f276b1832b318a01602c45d3cb58b5292fb1d7cd6323eb1260d1eac50fdf882092505d3534a1033f8804ade572a2d501caba3f990ef8b9d031fa11542c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
de18bf85881dccad6e87ea09418e1fb8

SHA1
a7debf830be55ad4cae7691ffb15d8cda93e5bc5

SHA256
c521f08d5ec4da6ca20ad8103a566abd8d3c53b7971bbcd73f3bc4c1d5a1047b

SHA512
7005c031be24d6148eddcf79410bc047941a2ed0be90eb3a323dcd1a1112ee6cdafbd440d1d345149edbd6926b130023d0c3a6c9daa1cbf383a8b758f0cebfcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
4eb742657c1735efedccff766724a210

SHA1
6cedc4bfd80656ddc7288b24dd31f410eddb54d0

SHA256
3cea6b7b0a8f1135fa9bbbf4ff048db5341e53e65817966dbc5b781877ecf112

SHA512
98cff6ae9c18c35d4f875b4166c0aa44f2505f5140ecdd61b26989765d18e49e57c8ff900c3f805aed0c3b70312d24f333d70c8038bd7ea2d7db841e3aa48b29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58d695.TMP

Filesize
702B

MD5
ce50dde5ce343b1c7b9e5cb8686443b6

SHA1
bbc03aa0b1514804c246196dc7874b8248b26a71

SHA256
55cf2d18917667a561cd95210d1ff13f648e4f9f6562948cb8d45500b1e1050a

SHA512
bd599df7dd5e5d747a1002c901ada61574dbf29210f87efa3c1bdf8e89e82af26d241d2c73f4b470e8865743cc81b883712eeb6b559f818e5ad0f1fb34d4c778

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
a69e2d1c6b6290d053ae9c70986670ff

SHA1
d78939bdaf4a39c388bf1b404d37de1e8357fe62

SHA256
0cfcfd9ba00b12e13dd6ce9d0f49e9493438c023c4e40c47bcc9488b028ed03e

SHA512
ba696b273d401839df0a063cdb809b2551808023852d0b11e2d44980c97fd34af74dd6d1beaea12d675929529d1cfbffe4138cb7cc73434cd29d00c3b17648dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG

Filesize
136B

MD5
bbc7e7d976e53fadddbcf53b7232310c

SHA1
c4d6b325e5ef49784faf6cee2909ab510f0298a5

SHA256
10a1a11158495d4e71fbd21a6eac5cbc110a4d798c891d2dd98d1feee4e8ede7

SHA512
4a2a5e92e9fde86543746b9c96c2123c0ac5832b4ebdeac07dbe5e839da3b70db0c825007174655b3df7bb98596922054b1f21bceeaec3c76a3191ae1056ae9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004

Filesize
50B

MD5
031d6d1e28fe41a9bdcbd8a21da92df1

SHA1
38cee81cb035a60a23d6e045e5d72116f2a58683

SHA256
b51bc53f3c43a5b800a723623c4e56a836367d6e2787c57d71184df5d24151da

SHA512
e994cd3a8ee3e3cf6304c33df5b7d6cc8207e0c08d568925afa9d46d42f6f1a5bdd7261f0fd1fcdf4df1a173ef4e159ee1de8125e54efee488a1220ce85af904

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

Filesize
44KB

MD5
3a38e75ddfb9c96a1567a90979974adc

SHA1
577f8541e1717c219c3e269e589f9b35cfc1b39b

SHA256
432aca12d5b1059faee1489ef0687a894f0fbb49787035c8b3a43cec8ae93d3f

SHA512
3496b18167bfb14938fbab925297768b14ab8bfae127fcc4de207698ab7f24ad94dd41d77a2daed98ad8ee40b67367ce6b6ae4bb295986a2a02e9d74e35f2ae2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
187B

MD5
4068c73942c6390865083b78b88b7520

SHA1
559e6b01b1f600ef7cccc7b96fdd10b1f1cac9fa

SHA256
f2e621a5888115e5ad102c36a60beee21af4c37c8558481df2931a42c67e66ee

SHA512
5b4226291f35464ee5ba549de9bb7c5c5176c951abff025bb85c4e8a20d3d2fb0f410283c64ab4095d2e5ca28292800053824d8654ca86ed2535c0a280634a89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
b36b55d592e0f0fe3a0ab9a9f3a01c05

SHA1
1cbdee869568a08b9904c750b25f544b08faaa6d

SHA256
2b447cb51a20adf287ea17e95520dac20667a04e886236a1544f308a1c4b44f4

SHA512
12f2eddf3cf126dbbe4dac2d44002b2b35cfe97d793e4aac7d18e0e8c724b8e315d58fc98748001df494158f72b5876a632b958a4fed405a41f658809dd93d3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
565B

MD5
5f20989030f08065a11a97211289dd7a

SHA1
95e39d71fbaf8c1cf8bdefd1755c27824cb4d421

SHA256
eae620fb8cfaf290561bcaa01262162bf0936855b161ca3c36c7be8274e0077b

SHA512
97a46b4c0e47a86a9585860b3756f5cbd0d79cbda9cd844077f0849c2fe253692031ada2a82ef2c4c0c9d061a4bd4005064de0204c736e545429ee027f3dd4e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
13e7c90cf54c16a660db347312f21c31

SHA1
910ffe383de793510ff57cc09665e45bfcb50571

SHA256
c8316c1bd9200a2aeaeb6ebfffe30acdebf01d4c3ad0529fd3fc1c9c509d5616

SHA512
c682a118857264215a9f93c3fc95202d0fe5d235717b25aca1a6b67803f29b2a8156324cd6c5f02510c38ad2a5a4bff633b6f6284f93da9d7db090212c2f8b26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

Filesize
44KB

MD5
f8c7822ed9f4e864a7a9c4f3dcdcdbe3

SHA1
11b138c2261d0d72d7173e4b5e280f53f97ee0fb

SHA256
8d0a17ba13048d0a9192d55d74d8f206a5e5d2b7e243ff34d5c6dc4bb3de8706

SHA512
4cda5af6f3d6215be76326889167097aadce2f729e837152ccd68746b5615e7fb0a1d865f923e72f132ef7a816fe9c695550b24a9ee2451a4bee6865e4360b33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
dcd06daaf31bf8f4f203befa9877f20e

SHA1
bc586bb3c09b47ea76a3fefd8fb1447b4eea587f

SHA256
ef90b40bfb0c19509324c9fcf86e3377ee22df34c0946f31bddd8e5568d3c8d0

SHA512
de53e569e174fd9a83430ef4fc0e4af992b259a0191f2fca2e83b8eef94032324407e3cf2f5922b26473f0a11f2e7c6afd216bae8659f1dc48ad1aab166339cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

Filesize
4.0MB

MD5
25d44e7daa00ad2102a50f274809c159

SHA1
0f4539e8185453e3f2656c9cc80359ea5acf836e

SHA256
cbc8b4e89716e0ab4871e2a30f5c44c40d4cd43c2d8c988fe82f80d2742cbd76

SHA512
0766313424bceb5b53b917234fb547034f30c1cda39f5cff6d70067aadac3111ad1cfcf1c633d60d99f0d2d8b3c77a5274165651e5b6f208b7a84c5d2079ca05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

Filesize
120B

MD5
a397e5983d4a1619e36143b4d804b870

SHA1
aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4

SHA256
9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4

SHA512
4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
838a7b32aefb618130392bc7d006aa2e

SHA1
5159e0f18c9e68f0e75e2239875aa994847b8290

SHA256
ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

SHA512
9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
088ae60e027f907c8c2b612e06f1bb93

SHA1
6cf8a7434a19c492685ec5c155a4ae5b02b5b58c

SHA256
a5c75d728e3d9cfa14b4343fbe7eda49ec8475366036939faf55de536d602529

SHA512
b62d112017e8ac11b58295cd73a736ba8cdc9e10573c7537def763e8c68f6c0d1666eb85c45b67dd3b733e62ad8cac3b67e419b3cf123930d4a78c2354188507

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
619df25cede1f7806a96b1f12672d860

SHA1
6f57087789a50a13f00cc0f25b9802f71afa7dca

SHA256
a7c5a91a2d6e2083e533ffcdb31b55f6185d76a59b4ff049dacfcb71b10db7c1

SHA512
eae2c78a8cb32b012e9afe8d7a5ff01938f4517090affa4f0541d6bb16d4069dd9dd46daced214a1155ace65c6cce844844275e1515ce91d63b7ea223bdfe27c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

Filesize
3B

MD5
1f213343a8b23f84bb3a4a58fb393e3a

SHA1
562d7a5b0934d3b58bb94ed4bab8249b7671b644

SHA256
3ac88f78a14a90d89653ca88cb957daa6cd4c622077a857c064939371d2230ab

SHA512
9509afa96785b9c7f901dee48210dcf10443c65b5c9dc41dcfd5413aa8e149b0e3aecbe573a46c8164d02446f2822dc7c2c1d8dd20f65a866096dfbadf436faa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres

Filesize
4KB

MD5
e680dbad260787bc2792566ed54be6d1

SHA1
3773465d4234ce4872644004ff077aefac8392de

SHA256
319579bf218599fd79cffec67c67d6a93937ec01c7a51e8c12e742ec82fb389f

SHA512
8eb91f8194852e0c66296655fb4b4fd6b6ff02adce3e33bc342399e74102baf9082105b7b3ddf299213637a6fe8130e493651533f72366ce888e7aa4bb51ec69

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
f3ce8f91c9a214cab938c50a057554bc

SHA1
64f8f01e750d5423564b22d11401db8f250bfc1f

SHA256
3bf474e799bc5cc6bbc71be4a261aa022f53963b1536281290838bda0043cacf

SHA512
a1d0c0e1f6ea66944b9f40d1994da2d95debc0addd3091e9c6da08b5653744887c0be506741e3a52c58964f28f22c9d35220609c12d5eaffe28742c965ec8252

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
79f8dbff4c9870384fff722f220afb70

SHA1
6b3b1d04b67ef1c6a3ea3967dc14caae9a8c2fdd

SHA256
a76383aa4ed189d92cb59f2b313288525e226d082633815cc107d9fca7b5b530

SHA512
bda8026bcd83bd6af09ddae2d991adff35780547c7688f28a81463d16534043fee9e050e88435cfc187f51b6ea90d3fe3338940403310b1266981c35ab45972e

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
024864b997a6fb9c6cf1a35ab1636753

SHA1
022d1618978a1c18db1a08b880d4916e3037f516

SHA256
45ea4094676d410f4e7fbc1334c831ae0425fc9f327b0977dbd44b3be0a6c010

SHA512
8bcfa5154867c2ebe7c3cd4ff6f04393362d415905110b3097f3e5c88077df28f0aa6ec20a9b630eb54877a277ce018dc76b381f6eda74a530f5827b769a8fe5

Download Submit
\??\pipe\LOCAL\crashpad_3260_JZIVWVRCMFPVEBZX

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit