hxxps://capitalmarket[.]com/

Analysis

max time kernel
0s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
21/11/2024, 06:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://capitalmarket.com/

Score

6^/10

discovery

Malware Config

Signatures

Looks up external IP address via web service 2 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
97	api.ipify.org
99	api.ipify.org

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4124	msedge.exe
4124	msedge.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4068	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4068 wrote to memory of 2184	4068	msedge.exe	83
PID 4068 wrote to memory of 2184	4068	msedge.exe	83
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 2152	4068	msedge.exe	84
PID 4068 wrote to memory of 4124	4068	msedge.exe	85
PID 4068 wrote to memory of 4124	4068	msedge.exe	85
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86
PID 4068 wrote to memory of 3932	4068	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://capitalmarket.com/
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb315846f8,0x7ffb31584708,0x7ffb31584718
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2976 /prefetch:8
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6872 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6872 /prefetch:8
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,12649642097656810714,8184162572069217131,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4892 /prefetch:2
  2⤵
  PID:5100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2796

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2732

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
99afa4934d1e3c56bbce114b356e8a99

SHA1
3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

SHA256
08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

SHA512
76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
443a627d539ca4eab732bad0cbe7332b

SHA1
86b18b906a1acd2a22f4b2c78ac3564c394a9569

SHA256
1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

SHA512
923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\540a2e59-c241-4113-a1f7-311163081662.tmp

Filesize
5KB

MD5
54fc3d8bc18772243bb6057397bc9640

SHA1
d776d7474f75e27386c85fb56a2e8300576fd2a7

SHA256
88cc16dc56f23c4ca109a03bcbcd75a385b2c57aed1b01d4eef977bce8d70ff6

SHA512
8a591c01e73c3bafc36feee23f853c276e907c0fcb83fc0e3a9b3fb8feeae822b42b75ba5b427150715cd3c8f3d5780a24c04837698041af11552638d7495d00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
405e2cc7ea010a8bfad14a9a37e31025

SHA1
c248013cc51af1d43b7db89ae05ae5c0406b5018

SHA256
94dbfbb358c6eafa69560049704e74758cdc8dd5bb9138e534be5c7752f08945

SHA512
29b4b3738bd3ca208c4ac8b553273051e50f63f5df2e3d8cded00123a7a53e458dc2ad70697a2a28f8044b47763f288d2f9847f8a579b029dae04f18ae62bb7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
22505d799779745d1d6619a0dfd9e3f8

SHA1
39a39f4e8c24875fc5db3474bf09e63bda0f3d8a

SHA256
7e2c7362052c6d78889b4785ef239524caf32078f6abc17c5313182f394539a8

SHA512
955903a4d9ec0b1f71c1f98f270584e92f17e3d86f6eabbe5cede96feaa381d75cd68c12994bb143a7158bcf8bac8b90e726ee8e4c638e693d51c66b9fea0bce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
5ea76b02dfe31642fc07387fa234a8c1

SHA1
32e9626a7af3ca01fd98be7b41e8e96a7ba73016

SHA256
b1c82f6287f7a2c1a4d85590c33501f1eaa15f0e1913a517571766a3acca7288

SHA512
954195e2e220f737e45fd740dab9d1da6e49d6d814eb3a1d0a66cb6cf04dfb33cdbbfd7b6d29f7efe618f19346a53c98aca62b28195319ab33b2eed563e20073

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
e4ad0f7b8f256ab195c8e18c3ad983f5

SHA1
b58ac5c2c2fa3f5b1fa9c42913544cee1d6e8052

SHA256
4e0b1f96bfb8020fc6b0adfedf1d65036f03bdea9f0869eda4dc3271ea6b9daa

SHA512
a90117d0bd9b3e3a0bb1c49cfac41ad0257cf182f2c6289f02034ac3b6c70784539f8cc8c3ea8ebd88470b3fef4ba2d918e9a93b0b1ad74ccac578b259809cd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6556cf16ae5850d96d4085aa1b41d4fe

SHA1
5bf382a61c3392c034eb0bcc36909b8dded654a6

SHA256
c1633513f1f938c191fbee7429537ca848411f26549ef6622827929af97e7517

SHA512
db1d5f5baf9499a3bbe62228da093d889ff93fcc42e8da8dcd8ebb9e730af21c57760072cfefab87ebf7eb534f9a96bae693fcdd4425c3a7f6a31381eabe3be2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e0e46c5ec485a3dc0067de93843a38df

SHA1
8622814cfb949e7c547e8ee06ff22a8b2d904a40

SHA256
3a02c02368481fc457c1a884fda117b5b9e68068cc8284eee7c0660de8a9b59f

SHA512
ae67fb86cb3b03cabd654e3d0624ecd12f3dc23a3dbde7c893405fbb7298043631e32350f3e83683dcb6a01438389048c703096cc69c0982e26088f34f33388c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c034f48bb4ff9fe38aa9346c697d7062

SHA1
42d46d1c82846ec62414baf546813e0ebf5172e6

SHA256
ffee4085467b5f378e80c744495f36af99fc2fa141814b491aa4b912737d9029

SHA512
41d2b562b556463058625670442e7e97088a8d5d6d31a09d036acd9585dca95baa23cdd32469ac3cd300d9eb708b9386d29c47fa9f1475dad28f13e48b78ef49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f3a3bed6dee2a83e0cbbcee450466af5

SHA1
e2e7fb7ee2df519d6073e4cfecd6a29983ae1a3a

SHA256
103522a75ac27ce45aafe652d5969b24f7fce37873d5aef900cb3ded45e7c4d6

SHA512
b32c283b84492519f5be35fbf8f05132c0ffa31623ddad93a325c986e024435368ffcbde7a5087f3f2ba9aeacafeb75df0cc5f12b3b94169cf5243284e1277a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b70762aed5e0ea21e3202dc40f290597

SHA1
f184e2bff83a7e073992dea6c4a9550ba376aaf4

SHA256
97801b02ca15c289faedc5cf136f5c768802782a8033f9a0402311437308cd84

SHA512
1de366156adb4ed7c5086beecb317b7b47eb390a23dee6967310fac36b6027eb783580a906364030196e6f9201bba5ce5790f1832219b2ff5f61bb13d9f2de5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58022e.TMP

Filesize
706B

MD5
7a9008b16fc9ae24b409445231071397

SHA1
d478a3971d98b371aff5967bf44a2467b1c09bd0

SHA256
2c8cc8924a548544c2e65b2a99ca21182dbb73012eb84f436e1f4b8837ae5179

SHA512
f80bbd6ac9c219ddba5e98c34051abcc15933b7c0d7c919139f425534f2a03e26fd253cd8ce0be619ffa89c694d7eab4bffdd3e70c43a7a16bc1e73ee137e62c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
c86a34c2905d41eb0afebb67567eb24b

SHA1
da321c2274542a5257e56eb15adf8a53ace0c1a6

SHA256
8a03d31a3a16aa0dd77043322c5d61628aa77dfe97ca2fb7e493a1436b7e8544

SHA512
732f2ca87a2c9b3e39774c2bbcbc6aa24db5a1de546d381b43743b4b20fedd47d59d78101e680dfa8e4baa47978518b3784bba50d9ffb02669270b14ebd209b4

Download Submit