Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-11-2024 01:13

General

  • Target

    https://t.co/TIPXfxukQw

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://t.co/TIPXfxukQw
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:316
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8658546f8,0x7ff865854708,0x7ff865854718
      2⤵
        PID:4748
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
        2⤵
          PID:2308
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4460
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8
          2⤵
            PID:3700
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
            2⤵
              PID:2888
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
              2⤵
                PID:1580
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
                2⤵
                  PID:1412
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5588 /prefetch:8
                  2⤵
                    PID:768
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5572 /prefetch:8
                    2⤵
                    • Modifies registry class
                    • Suspicious behavior: EnumeratesProcesses
                    PID:3724
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
                    2⤵
                      PID:2160
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
                      2⤵
                        PID:4940
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5272 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:2032
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
                        2⤵
                          PID:1200
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
                          2⤵
                            PID:4532
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
                            2⤵
                              PID:3136
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
                              2⤵
                                PID:3492
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13145919412402043712,5658322271790892121,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3184 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:4928
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:212
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:4020

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  d7cb450b1315c63b1d5d89d98ba22da5

                                  SHA1

                                  694005cd9e1a4c54e0b83d0598a8a0c089df1556

                                  SHA256

                                  38355fd694faf1223518e40bac1996bdceaf44191214b0a23c4334d5fb07d031

                                  SHA512

                                  df04d4f4b77bae447a940b28aeac345b21b299d8d26e28ecbb3c1c9e9a0e07c551e412d545c7dbb147a92c12bad7ae49ac35af021c34b88e2c6c5f7a0b65f6a8

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  37f660dd4b6ddf23bc37f5c823d1c33a

                                  SHA1

                                  1c35538aa307a3e09d15519df6ace99674ae428b

                                  SHA256

                                  4e2510a1d5a50a94fe4ce0f74932ab780758a8cbdc6d176a9ce8ab92309f26f8

                                  SHA512

                                  807b8b8dc9109b6f78fc63655450bf12b9a006ff63e8f29ade8899d45fdf4a6c068c5c46a3efbc4232b9e1e35d6494f00ded5cdb3e235c8a25023bfbd823992d

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  1KB

                                  MD5

                                  e487d3448eb1d88c5cb2175338076e17

                                  SHA1

                                  8cf21324da247b4590a743a69c93839fa98affb5

                                  SHA256

                                  d5f8aec4badc4289014ff74c2822dc0716dec0bca373c373d731c31673199372

                                  SHA512

                                  7e6d2e848ef46c7019570ba874fc96380ca787216483ba6a31b4179423586b76afe362d18b762f97d9df41a4d556c0c9a833dbe86ad0ee32e581688e8d117274

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  1KB

                                  MD5

                                  4154689403713f1cfaaf4295dcf98375

                                  SHA1

                                  a2b9f06c739bba59abe9a5268cea2a816882b372

                                  SHA256

                                  9d2173547d9f3fe160dc6dc247df394e23c83ca80427aec6b5e8df2316f145c8

                                  SHA512

                                  fc3ac9494c382f6cf6002e2f70b4837b2633f5f876bf26160e0bc87a39cd75fc8a41c4907cbfd5bc9e3b3e401458e89644737febfe12d64d51b3e145e59e1980

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.lazada.com.ph_0.indexeddb.leveldb\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  46295cac801e5d4857d09837238a6394

                                  SHA1

                                  44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                  SHA256

                                  0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                  SHA512

                                  8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  2KB

                                  MD5

                                  c45eca47fc216db7dd17950ac6aaf128

                                  SHA1

                                  a0669c7c8a1e57a6c505c31b14a5c41fa3d92554

                                  SHA256

                                  3dcaa38832eb0e2f8dcbdfd662e352f747e08ed53503853e161ff94ebf82a5d2

                                  SHA512

                                  87bb09ccd8199cfa4b938fa95bcee9ca30f00264b4ee34a31bda55b1044ad22f87e0c60acd7757223aa8982c462c2009b3fb4671980265587b444c642f94425c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  1KB

                                  MD5

                                  f90cb67a3f9c23d41c203c44e90c0578

                                  SHA1

                                  78c0ab2b4e31adab31c2e7c297f73cd9b4e9b667

                                  SHA256

                                  701e5fe86bb1427ebc769aa5d4dfee80edf18071e3a9a16ccda72a6ce1d6cca7

                                  SHA512

                                  97946ff61e9cd956e16b82c5038e9681fbe366893cfda30cbfae135d904661dd4c4af100b5272745e5be26f700318ea583294814adb0d3fd17222d3dabba4258

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  6KB

                                  MD5

                                  4e4e4a02bd8c7eaa8dbc5e4848bab413

                                  SHA1

                                  36064dab7d1c96c8a786e64f1e9c973de778420e

                                  SHA256

                                  0014debe5fdffa99a171af1e3ae783efd3f8eec890fab1ef0b7457764ed68857

                                  SHA512

                                  9e1d2fb94e3d94759dbb58897ec48c2947ede1e690dbe04c4b424aa388d36396b82208eb9317d66007eb0295a2d85b1dc511c45b72b5f02ef6b90178e64310ca

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  5KB

                                  MD5

                                  350063adb1c3897d07270078e9a2af61

                                  SHA1

                                  a0687d8a8a9d282e09cfc78b87c70b665a7b0e54

                                  SHA256

                                  3188b2fc79dfb8b22fdd5b3c19b90feb0d62cd6440e12723a295fbfb6c9c6cf3

                                  SHA512

                                  3489f0cebfc4a49eaf0ff4451ec5648587ccbccfc5eb914f038efb7d61bb96683b0d3cc87da3dfda3609ab4b56a1f4b4ce5e3a7da4f685c271cca424f88254fc

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  6KB

                                  MD5

                                  dbda984b62e45c6435b8feb204b57e2b

                                  SHA1

                                  7be69d613f21fa359d3959eceb7b7f77e130bf7c

                                  SHA256

                                  e7991743d90182f4538362544493b89d6a3f1d497b6c0c0cb540177ad6aec2bb

                                  SHA512

                                  9a42beddc86c8b28a167d65fb6ad4110c24b75b91e7629c4b77c0dd7ec71ee37b2655bd3f99f716b8b2eaeaf73780474e5e0e23cea27ae3d673eaa7829f5dd88

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\bdeda67a-328c-472b-b06c-0883946f8905\index-dir\the-real-index

                                  Filesize

                                  72B

                                  MD5

                                  2c54510aa6f7bc76de0a70cc521fafef

                                  SHA1

                                  538e48c7ba965f6e0f6da55b958842019e98b63b

                                  SHA256

                                  552071212e69803f18bb902a29e5360891a46de7b44b1c217fddbb11c3114e77

                                  SHA512

                                  13f774a74db1caab946891f560d3f01c57d65bf215d808791160392585bd25795e353bfb6265cda8ce4c751555e8ca02f8e9f5bac21478d385ee263a1c8ab97e

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\bdeda67a-328c-472b-b06c-0883946f8905\index-dir\the-real-index~RFe59162e.TMP

                                  Filesize

                                  48B

                                  MD5

                                  fe1ce2c6e555d8ffc39fea7bd649486e

                                  SHA1

                                  f67dd57931845280a47f17b5d1d760bcbc5e0f16

                                  SHA256

                                  95fc67fbdb765528801ef68a73369513ddb15ed92f9cfb0d86e00a017318099b

                                  SHA512

                                  41af39424e818315e7ddac20b9448d50423c423ed78b0d7031e687a8f7bbe7f29febb1e17f7ccd5c5343d1c82523449fef843713b8579ef41d43c7a9f5be8ee2

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\temp-index

                                  Filesize

                                  72B

                                  MD5

                                  f28deaaa23f94bf931b998672c055869

                                  SHA1

                                  41ee7f25de5ab18e90d1ab6f2f7af8cf6a3bc323

                                  SHA256

                                  f3c323a00a4b3bc16bfa39657ba03394f2f6cf25ddaa55f726f034802681bba0

                                  SHA512

                                  80ef78c451b68a4e65ae4ebcdd50cef486c9645def29f1d55318fbe0d7ace2314eab879fd8c616d2f67a5e4c5b989a2265c9b7bd863a614e6e2d56b0eaf3bcd9

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\the-real-index

                                  Filesize

                                  240B

                                  MD5

                                  0fb038f2d7eeb1eae641a35c2b074f51

                                  SHA1

                                  2e925371b0df1e312dacff69d9fff79ed2df6ef8

                                  SHA256

                                  0e02ffadfd19d8eb4eb1b61d769ca1c8963cbb4b6515a3ef85558413e52896c5

                                  SHA512

                                  a1361c4cbe8a7f73b2e080aeb4e7bd36248231ee073812fa16d2fc5c00407e88318f63ead64e305f76e2bbf7d48c82e4a6280f7692f3907052236bf59aca6642

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbd698e0-a938-460d-9bfa-0fa222910dce\index-dir\the-real-index~RFe582bed.TMP

                                  Filesize

                                  48B

                                  MD5

                                  d90c3d417a689923575ec80ae19e41ca

                                  SHA1

                                  ab509b94955f7f31e133690cd936a61453f8f91b

                                  SHA256

                                  7e89f2ff865dbb2803bd336b4e2d015fe1519aa072c8ec8bc0441d4fef34cf37

                                  SHA512

                                  2829b5fe042d41c5ffdba35a942b8e2ed68bf66a13f0c5334cc771ea6be99dd23ce7b204748b5b1d2b19fb71fcbed064da8694ba72a021f829205f9800d2300b

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbeb7016-db55-49d9-a4d8-5b7ffa30c91d\index-dir\the-real-index

                                  Filesize

                                  144B

                                  MD5

                                  25eb08d3819147a747523f1a56b3baa2

                                  SHA1

                                  bf950e63836f4f21a822664f1cc9e74f47548dc9

                                  SHA256

                                  e2eaf73db9d6573b0905a47c99c821c19f954c17d8d0be458097ec410b0d632f

                                  SHA512

                                  7c50c5c757a4c83eaeab84703312d9655e9ed2f001d41146517291b05c1877a32416b656dc15b477495c618d201e3868a9129c34ec40c3b69565c3fc768f3e54

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\fbeb7016-db55-49d9-a4d8-5b7ffa30c91d\index-dir\the-real-index~RFe582601.TMP

                                  Filesize

                                  48B

                                  MD5

                                  d396b85cf7d72ea08773f467445dae5f

                                  SHA1

                                  cd5dc709817b4382814bd617692288d2a3371541

                                  SHA256

                                  f698c96cbb333dabd466f26b104f70054fa92245d3f29c0f8b641ee91b16bc1a

                                  SHA512

                                  907ac5c82116b4079144481607cd152ffce124dce6edf18730d9596c36f7a2d96d42b2ad1fa9fce867c0a2907adecfd764aad4ec360a7ca9a746f9dca9fe110c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt

                                  Filesize

                                  230B

                                  MD5

                                  60b1a353fa7a6ced934ab70deb9bf30a

                                  SHA1

                                  b6c8c3d399d6ed29457c760610d2bb8cb39b76c7

                                  SHA256

                                  c7829d66e199a82fbb941540c7bce0c8e09ab6fcd295e57f90b47447bceebb8a

                                  SHA512

                                  f2db343d11a7c4f596d42ad3977ce9a8659d1ce1ae3d2ea96266f2d128ce7876a1364676a269ee2879206c18476178ae40b590ab3fa6dea2a8fcd80c2e229459

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt

                                  Filesize

                                  166B

                                  MD5

                                  78f7d7662d3eed2f18b6c3be87e24a00

                                  SHA1

                                  2bf3408372d5e0664ab41eac2883fec8c9b50f51

                                  SHA256

                                  d65c641b98abe3761bf75e0c637a5dc4c175ac41c5cc3426d48dadea85250114

                                  SHA512

                                  fa862557e88cb8c8876cf37c2decded36eaa86633864632acfde9f1eacb06ea5e1e907351657c7a63f3f7ed4eba9c23aef70dc79cbd5c03793b1358c7b73ed3c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt

                                  Filesize

                                  163B

                                  MD5

                                  9c1450881e322599e141b6d5e39240a6

                                  SHA1

                                  0f49aa0370950dd6e100fbd940236be1382d6791

                                  SHA256

                                  6f4730e0aca838120a4e09a54ffb748ec498e5338e6569e70f2a183220901c3d

                                  SHA512

                                  6fc5f738c8aa7c2d87cc5683e92a0c644739d3dc5ed9d8f3a4cb9f59ca006f7e1adee803257dd3d263bac3dd5c7350817b6f940e3b665bc3b0ec0eecd7d26017

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt

                                  Filesize

                                  228B

                                  MD5

                                  4bb22e85fa67060dbc7aee16289b9688

                                  SHA1

                                  0f6f0595d53861b2a0c7155c906ac8a55152a64f

                                  SHA256

                                  158ccbdc726acddb42246c423d88ab89c8d5d9dbe6ebf8a4b622b4b3fec4cb89

                                  SHA512

                                  66e64930d83ae21d241cefea0c489bdacc89c8310e67eacfbc96d9440b8d6c2357c28bedb1ac46eb9edc3e84e6e3df24b6d003180f31eb46e4624f602ef1a30e

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9e1a0a2a620f90c1b97d20905371b42dc068abd2\index.txt~RFe57ddbd.TMP

                                  Filesize

                                  103B

                                  MD5

                                  61b288c8507f6227725b6a7f1e01de84

                                  SHA1

                                  dad7bc4d828c558bfa7a4db5f3daf66f918b0867

                                  SHA256

                                  1c67dfc499d52952d58733f99d276a594ffa979d4e53c9c4196808fc8629c06a

                                  SHA512

                                  58c19c5290b15a21b03130dca1a455b0903788556ceec0f10cca3014da0aeef6a3dcb399ad66f890d6e1dae728492e6c2b291137754b15b8d18ca131769d84c9

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                  Filesize

                                  240B

                                  MD5

                                  0d3e7238171646ced1e6723d0b74a5fd

                                  SHA1

                                  9e6a4f91444566217177257580327697bf7eeaf9

                                  SHA256

                                  25f356808395ee30203051141fb019cbceec0c10b83ab727ffc390e1968a4b90

                                  SHA512

                                  d7d8281f4667477ce4c0cbfac5bb15f5a441b1544264973bf5e1492b6332e9e5591eb268984be073ec08dfcb63052f21088462c6736240d4cd4b6d57b5a6b548

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582390.TMP

                                  Filesize

                                  48B

                                  MD5

                                  b8deaedaad3ca5535827f8378730691b

                                  SHA1

                                  142c832dbb911b28bca88e3caceeee45ec462723

                                  SHA256

                                  2db7e77da29fd9bb95906842ee2edde1afb3a78b7f53fe4bf17b1521dc77e64c

                                  SHA512

                                  385634bb591abd8577be52cac271436b4f40b1f4074c3ff8c72ccc75df793196e9b7c74e361663174f89d08b488ed6f4a27b653e73717ec64a45d6a6b013ff3e

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                  Filesize

                                  2KB

                                  MD5

                                  4c65dc6c5dae81eec31d8beca8baa748

                                  SHA1

                                  33ae87be46adbdce138c5459d5e043cbf3885693

                                  SHA256

                                  d1973ac38fe3f98b98cc7e96ff5217dbcc9448ab5966a023a5057471fea5d95f

                                  SHA512

                                  9749cd57363d0217ab9ed552b90a7dd4c807894066ffbcd0570529b2e067dc0603c13308e5d9f63060b7bf701629fc54d51a0415bd22f147ecfc684ca9647169

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58eeb0.TMP

                                  Filesize

                                  2KB

                                  MD5

                                  3bbcfaabfbd5298a2512623e26c2e993

                                  SHA1

                                  3832383056ef58425fe3c78e1944c9937b2c50d6

                                  SHA256

                                  6e3b8e6a7904b6d18b9f71f2e93c27ba46a7e0422ea643b2ce57e4792a50705a

                                  SHA512

                                  b73eb8d1dfbfae265e6a7f92a7c0d36a86ba0f823ad8f90285cbc2ecaa25b0dc23dc1826e9594e30d1450423e78e606befa0044f589c7c6426251da3ac017817

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  206702161f94c5cd39fadd03f4014d98

                                  SHA1

                                  bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                  SHA256

                                  1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                  SHA512

                                  0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                  Filesize

                                  10KB

                                  MD5

                                  e8b06e8835cbc2b43e61bd51e0bbe9cf

                                  SHA1

                                  e101b139b2d8e49160c8675652e44ce85477f178

                                  SHA256

                                  46b1d99f3ab939bd000742f859fcba82c8e040541aeb22f0ff475023d196071d

                                  SHA512

                                  2f62b77601b333b0f34d530ae919aeaef905401e0fe4576e11335b942dcd5025aeb23f99d0d7440c7a46a5b11ad8324e9404cbe67bc4f53eba48d52f1ba7d097

                                • \??\pipe\LOCAL\crashpad_316_UYGQZFGQZJTECWGC

                                  MD5

                                  d41d8cd98f00b204e9800998ecf8427e

                                  SHA1

                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                  SHA256

                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                  SHA512

                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e