hxxps://linx-bio[.]com/concrete-surfaces

Analysis

max time kernel
145s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
21-11-2024 13:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://linx-bio.com/concrete-surfaces

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: ecagencyclient@e74aced2-d72e-4149-a62c-e4221576a93e
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2864	msedge.exe
2864	msedge.exe
2360	msedge.exe
2360	msedge.exe
3192	identity_helper.exe
3192	identity_helper.exe
2496	msedge.exe
2496	msedge.exe
2496	msedge.exe
2496	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe
2360	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 3672	2360	msedge.exe	83
PID 2360 wrote to memory of 3672	2360	msedge.exe	83
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 396	2360	msedge.exe	84
PID 2360 wrote to memory of 2864	2360	msedge.exe	85
PID 2360 wrote to memory of 2864	2360	msedge.exe	85
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86
PID 2360 wrote to memory of 4204	2360	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://linx-bio.com/concrete-surfaces
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe1fe846f8,0x7ffe1fe84708,0x7ffe1fe84718
  2⤵
  PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:8
  2⤵
  PID:1220
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
  2⤵
  PID:392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
  2⤵
  PID:5108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6224 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13668380515726200888,13322975969238753651,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4732 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2216

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4856

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
600B

MD5
823f4216b5bf3322dd4731aff205d790

SHA1
5cb22f2b7b79dad266176c18a89133cbe2449a1e

SHA256
c6ead8439e59e7273ee1a24433f87cc7c3d436ea9a930fbfa72c7c4b2186f760

SHA512
8de29e7cf35b5f7bb0ff4f5a1c5d48a3873e34f3c48bd7bd247918ee7740f4750382039d789ab6b90fc18f7f205352d2cb2f1292fb888be29260017f22e33520

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_linx-bio.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
32a742c8d1e2560e816d2b5e5d5052c1

SHA1
90e327c9c177b70010d81958e9d4543b941ea6a1

SHA256
c140bf85e63918a27dc4ae249ca1079b3e12e7ff9ab2c1863869e22c5cf7f8e9

SHA512
853c8c8ecf36a1d0b55762c6f157d6c7e7bd3fd2603791363c8d4f1e506444cdc640f7c03bd43a46f0d8d723c92ec3e081cb4f2f6fc2d7c8dce7f136a89f5134

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
be439f33c443646b4d679b3458e5a77f

SHA1
4e21fea821e446226e0ebf8e2c62cd733978d1d2

SHA256
e77e2911cc4d7dc9169a29cd53db185d26584fa6ec73eaba1a2fb5091a768d08

SHA512
828b759799647b2734c16fe84a92a87cd87eb7691fa54b246f56fc23b16fe9e8659845c74264b36a7d5f595bbd2822e5c0ec45c55937844d03e4e23fed69d166

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
05f777e744a95291405cb4687407d622

SHA1
06de8332db8aa776cad5d4860408e5496741013a

SHA256
577cdc991f9d2380944b488b291971c37f95239c462736426761d8ad0a091013

SHA512
8208eb9234b23019736c537595f5cf5afb045645d44917fe464439bf1c2635b391ecc485e666b64d0bb7f3a5961ba09f2bb60e8074485390f11c94c53cbf2e3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c025bf4fbb25f12164823b32c3c52c52

SHA1
eb760046b14216960ec87010919b7a423cf94e2d

SHA256
c3e3ba0cec2f97a8c1c9fa5a5508f33ce4d209cc497d5f49d92712f74f391ebf

SHA512
c38f7e8b356388e0adfa0943761a2eb78ed7686d92651a5e04bd53401e5ae1ac4cb41f21feffcc76ed8081fe8803bb47107b221a1a6c9c3e8ab93b520d9edb4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
11e21d640aaf40770a3029873e8a9779

SHA1
724dcfc28998e249e7c97339a71da36b5d63dafb

SHA256
299948eb9bf96a9001e4d46edf1d32c0c1a05ea7fe1a01b5cef18d1f74f24db0

SHA512
3eb42f8efb78f8f770769afe3739700bea1556500ff53c1601e4aa7608fbdf72defff685c8399b147deb17cdcfc715e7742f20468982c8e19f5ed350f755faca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57cfc3.TMP

Filesize
48B

MD5
134049fa14de9091ec42878ef594ed3b

SHA1
17d2e43d15d730a38376e5a4a6f9c3ef9153864f

SHA256
ab27c17b44e672ae5a7559393453a8433cc05b328a9f915ab8ce9bf4c478d7b8

SHA512
7d24af845cdf6111938f999e35d1cedaca08cb068de6b4efef492edea60adaeeaae420bd82495fea0c59ebeb235640d4061042f746e1c4fdab6fc2214dcdfaa7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1d86461a9e5c93dc601b6e38193fc6d0

SHA1
5d73ab8a37919e14bd488c466d0c6b44b7bf7274

SHA256
ffac89c118359f9629dfd28ad21e339196266ce7f1d42cb5267a232340a122d2

SHA512
7dc21520db5a293a8724edb803f9cf959b16b45195193e34103843e8a856ed9ef10f71c977e24a528b0e313b537726143546206e6f6e459ef99eff1bca4bb6d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580c20.TMP

Filesize
704B

MD5
3799317f3961e352100f37ae93ff61e4

SHA1
d35009f7c9c2b146c1322728c3eb99d81652a6aa

SHA256
64b45cc696cb7c439fac2f2780d97eab692a3a48a7db7ce6d0d4154f08f5f8d0

SHA512
528e7dbd32d300a36e967ceeefcb90a1551c781b7f5b44a30213f56c38c331e787d158cbd3d1c20034c435acb9565b79b03700527c25d4275474ad9e984b5776

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
ef732ffd4df2b638596a1c5f19de9318

SHA1
5d183e9084bc5e8e3d5914e1ef6d41b98d9ec89f

SHA256
13a006995cb72febab76dda8cdcf8c6b926f3230012e7ab3fc087c4618385a47

SHA512
d17f4f043bf329c7d46c0e16a4ed43c5330e71627ccbaa1b52ee26b822fa0b5b8c731d1f38b36ac579c6dba7f3d3657779e0832ad0ee4e46926d91fcf3acffc1

Download Submit