hxxps://www[.]puaida[.]com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1[.]0

Analysis

max time kernel
1151s
max time network
1146s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
21/11/2024, 17:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0

Score

7^/10

paypal discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_1024x1024@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 20221020161041_4512a5da-9155-4f2c-b38f-8ab8d290c7a0_110x110@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_1024x1024@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 202210201611331_9b73ab50-ad9d-4a66-9d51-76759f165eb4_110x110@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_1024x1024@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 202210201611334_5d42d85c-2741-44a6-9ca0-28feacdafd41_110x110@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_1024x1024@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 20221102112404_0c7cb7f3-1de8-4151-9fa1-212213644d0f_110x110@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_1024x1024@2x.jpg
phishing
A potential corporate email address has been identified in the URL: 20221102112426_d918bcf5-d9d3-4737-b41d-9963bda6a351_110x110@2x.jpg
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: wpm@3c762e5aw5b983e43pc2dc4883m545d5a27
phishing
Detected potential entity reuse from brand PAYPAL.
phishing paypal
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1045960512-3948844814-3059691613-1000\{38F1D905-3D92-431E-9512-F997AC138351}	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
264	msedge.exe
264	msedge.exe
2000	msedge.exe
2000	msedge.exe
4960	identity_helper.exe
4960	identity_helper.exe
3948	msedge.exe
3948	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe

Suspicious use of FindShellTrayWindow 30 IoCs

pid	Process
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe
2000	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2000 wrote to memory of 4212	2000	msedge.exe	83
PID 2000 wrote to memory of 4212	2000	msedge.exe	83
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 348	2000	msedge.exe	84
PID 2000 wrote to memory of 264	2000	msedge.exe	85
PID 2000 wrote to memory of 264	2000	msedge.exe	85
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86
PID 2000 wrote to memory of 3200	2000	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.puaida.com/products/charger-for-puaida-electric-skateboard-output-42v-2000ma-for-36v-battery?_pos=1&_psq=battery+charger&_ss=e&_v=1.0
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb596c46f8,0x7ffb596c4708,0x7ffb596c4718
  2⤵
  PID:4212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8
  2⤵
  PID:3316
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:2312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5328 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:3948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
  2⤵
  PID:5968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6086507877821703397,15569489548066257974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:5792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3032

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2520

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
bffcefacce25cd03f3d5c9446ddb903d

SHA1
8923f84aa86db316d2f5c122fe3874bbe26f3bab

SHA256
23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405

SHA512
761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d22073dea53e79d9b824f27ac5e9813e

SHA1
6d8a7281241248431a1571e6ddc55798b01fa961

SHA256
86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6

SHA512
97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
82KB

MD5
894bd8e3a241807fdbfc2c14ff1fb466

SHA1
0dc9be8e83c527b33466f54dd4950eb076f6ad2e

SHA256
6bfdf4f69e8b9a7673068ccc4f6881e5204a1c90406559f9d849742bfeae4370

SHA512
b534c326001eb8a0f197f8c98b7de9dcb0dcdc50ae8552f34bf0df2c80db19bad736e1d1273ec097aa7685cf6200a5c3e28bf689ecee69b0df12ccba1f141869

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
60KB

MD5
b100307705c311e8ae4d31d8b2a4a93c

SHA1
3b1ec50ed6b09f7b3c14f6e8e201f2a2b1c98975

SHA256
4a9f5d41f5ac4c03f7772f676247d201dadf15f9ac01a31ac26685d2f559c2fc

SHA512
213f7dbe76418eaf912a232d0650215b481674943ed689ed8ea4716caa6f5293b4495597040822a62ed9372f3703245a9498e28b852f00a2256fd28a54899ea0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
133KB

MD5
15b3e100dc3d18db38203c4137151898

SHA1
2face70b71cd8c84843f51ad20bfcb1aceec8756

SHA256
97f239d5211678c6f2902b552a2716cff3fdb952d578f5cafff7acadf0e5889a

SHA512
0ef36fafc1c7c04d6fb351b8bcfb4d8eac9db718def509afd73a822cccf1bf9be2ebe060b929dbeea7878621c8d7ccfba26b87f85c1515820a6fdfeddbf72784

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
90KB

MD5
27020c5912976e958fed0bd54bbe0206

SHA1
fbefc0f8947c74381a0ac77a51ae402f2ea7602d

SHA256
456018b738e8ea9d299e02dd16823722e3fdfbdb664b443eb3ed282b9172e49e

SHA512
cecc574942419a7e754b70f69e2ebc0a22dd0e11c627770d76fa636c3afc986479b4115e0008d4a67e14c51cc8d79dfa11b2387547e3a0ad64e6780c14d1e362

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
108KB

MD5
d4cc008d8088db1b3da383a5e1a849d5

SHA1
422e444c8edc280dbb3da0398b620d7e991f6f2b

SHA256
225042a58aefef8e76964b6be11f505d5c22ede56d09ed50bc030cacbba9f33d

SHA512
7b2396194b91e9e5b8a353cd5ada362bbcdd1656e6a79752ffa3a1c8bbe4efd628768ff5b62a787523545b4f410e7428d188cb098ca3b397c2a750cd96230b37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
386KB

MD5
51026e08572ad5c098fc079e4a42ff52

SHA1
f2266875a0d86771c60d24c3233eb7b38893b430

SHA256
fb09c1b2c02c3eaa402ca43946cb6a28dc314a37e056be46a974e9fd04046a8e

SHA512
f0ea9677c7729d3accc2fa4f52a81ef88ef8bcf2a4a8b37499eabb792bf3f1dfeecc94d3f931277b4dca0ffae523482bdc7f42bcc9263859666f36c0e24b4d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

Filesize
36KB

MD5
aa94898a82b24c3e9c6558e9d3312bb2

SHA1
90bb2247df40cbd6f65d2a72e5778b618b705bee

SHA256
ec489525138de2789b9f482b46f4e4ea5c48325acb0422f7833e38db6cbdbfc9

SHA512
2ebfd3c5b59ea41a8b1a7edad723ffbafbefc4b9992d703948a5942919f1096f10f1648166cb4be78f9c57694b3b9c2b17000b99fec5e30ef80c9c55d6af4441

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
22KB

MD5
57be76b01e7082230a2d95ccd0392532

SHA1
afda663da5176968f251ceb66ca3c6375e781afe

SHA256
dbaf0270ca1516a770fdff3b52a576c69c146dabb47c3014c5d8894cd19bcb7b

SHA512
2777ee7744745da3d8a73ba95b2197ac4142273f6e6e71ca70cbd8b54aceef64142619412648684b57daee02feb775f5991c71ba7e2bc9aadc17139c8ce5ceb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

Filesize
41KB

MD5
14fa32e8a1b4b0394f57c9192c461106

SHA1
3d59e72cd78cd6371a27bbdb38548f0a0980fa6f

SHA256
43e3c856d5b9e20fa16629ca68243bb0ac6ac565e1464c4313b98654a0ece5ce

SHA512
d7f3975c7f4f19d386c0e52d7a395af63c5f9d81ba07a9915aa86880fec93f93e7cb2fa1c49d0404a51a7470f853b37ff3c6ad22fe80deb17f046abda16b803a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
25KB

MD5
2285e7c07b04a7969954fcfb5782657d

SHA1
6c9976153995a4351b8539bfaebf6938655f4f16

SHA256
20358cafdbcdab6676033f2bd416e651f5f76829b47cbe551004a3b21653f505

SHA512
02916f911d6693f3237b7c59487c7350ce0ec82d985ebe81f337b7cafcda34472c4b7a58f84a0e445db66754eee8eb21962aa9ce3ac0bc38883b748ad8a67e07

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
20KB

MD5
e04b04cc671f52d74650f31b15be9a8c

SHA1
c85f91ea821d792887902daa9670754f7c64e25c

SHA256
d295e9eede99e9941874e30bfa1238f633474059db0b9c4c2f65cd90f3b9b9bc

SHA512
34218206cb28c3c019e6c23b6f56d4c0c767b7a4dfa05e301d8a3afdd028db08da880069951168f16abe1545a4f95f0b326556b8ff0395960c4bb6b13c5faed5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
20KB

MD5
ec0bdb3eeb234a4bec109897dabc70c3

SHA1
91ba95a725d9bdfe4971390fba64eb8dfe38af4a

SHA256
ab5263bf82c79706137931c4f9b49670ff211b5994cdeb8832654ab4bb613bce

SHA512
95e5783561099cb73b0f2dc203b93caf36b98db665f831580718609b51c5a115ddc3ed1fab1e584b9ed5932885abfd93f12a675b0d00c8e20825a9869a71ac20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
19KB

MD5
c32845986a55e184047e928fbede46bb

SHA1
da808834c2315f31dd3910e2ae6b1a895d7f73f5

SHA256
2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b

SHA512
26fa88547c88e96d32cc03fd43970c1f44af9602e16460f883fc67507c30f05586f09794a1e4daf38469d3c18b659d75000766d37c9cc973842cc1fa40ab5fdb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

Filesize
20KB

MD5
1e537622c9985bb4d5cafd3d96368bbb

SHA1
126dd24093e910b23578142c0183010eb1f2b9be

SHA256
29d7a171bf5aa6e154d2c9fe04406c067791ed4711013a406ae706343e2e6c4c

SHA512
c2c415b83ee8e817e67e5cf9ceb5c6174d2c8b2518e35f4f890a0856c2ebcbe00fd892c88df35c9abd7b0b96d8a004ccab647930638e89ea28f65687064ea79d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

Filesize
64KB

MD5
0bfd8f07b8dbf053bcdd5f8d3d011376

SHA1
c6bab8862703a66b62a92eff44bfbd81c2350f9d

SHA256
6c506939dcb293bc97449a62c2c54a7080692de1575957e871ab8be96d370cae

SHA512
057b4220d1526d5a8dca17da6421b85a87ee59bf9c65ff0e20248559db3766beb80691c8893ac100bf2087c9150b42dfe030962955b73c2492a91035677a2fa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
23KB

MD5
26245a9fcfbba6bed7c23982ec432f26

SHA1
e7efeccae27f22799b24ef36ad9ba39f6d3dd1a1

SHA256
8e30d0992a4bed059b2f7bb06dd70e595571a2e3e548906d29c73b653efa9c21

SHA512
1c2ff5bb32e3c9f3bbd99f6600323b6f384bdba8794de1ca9ed6621e229ae13bbe2977d258f12fd3f30046126d5767c72255baabf122b837b5e6bb4f3eab98e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

Filesize
43KB

MD5
ab612afa2a93eb38039e8da10eeb0396

SHA1
c46bd7e689f7b981d9c6cfdf7791171d6225e8eb

SHA256
2ce4b747c335e5728db029ed53a76ce21c5d22e638136abb324e366473ba3507

SHA512
52974e3aca8830a916e87e64fea35746cd9b4890c7f01ec2c302cf98cfb5b56cc6440e8af56667f8cd36c0b49734acc1f8a8607a2c185b3ec1a53ea5d79b9f0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
53fb28253dd544cd2eb71dd48c5aac98

SHA1
d7abe22b35937bae21cc7fa20d4e0d7bd2f7fa40

SHA256
440c573664d3ca6548144ad0c9b61a7e023effc9ccff86bd37d6ddfd4155ca35

SHA512
ad2f61b319003f99690a2a3c478dbcfd4667bee3d133fe99bff0a9188d5358d80746fb94f05dba6606d3ab7ba46eb9867610c24d74132835d5982133326cab93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
bb2b8945e0bb9539d59823562a21be0a

SHA1
5f48c1207cca391e385f5696c009b13d9dfc3e33

SHA256
2a6dba3bdedbbcc18e421d736a9bc59e2f35a02b6230e885894b5c3b2ec96591

SHA512
440a9940874e9ac9493c5c8d164d3635d26e5d38748f409fa158507542398555ea1684602b7a32af0f78a016a7fcd0c2e358d3830e393390695e5446723dc9bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
491453ebb0e0c486e6765518b2508e53

SHA1
027f6b38286e39194d60fc9098e4648b3d372804

SHA256
0509ae16f62dd2a4288db8374cd34368673e77ff83c92ec170d1ff484b3d713f

SHA512
ddfc0ebedba7628099c1c5f222276e8def82a0d56f5e2901affdbfc00c2dc2cbd75da23212555ce391666ad4e4e05aa1aa40ab059755559f70fce59dafc6e342

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
971c979e7f1df46486367a011c99c2c6

SHA1
ef8ffa1c7574dfa57648f52ce26b0ee0c8bdaf23

SHA256
98dd145889960d795997eff9ec33941b1d28d26383248d87f2c76d93be1fd135

SHA512
514c07ac260ecd51afa090f732c2c73eccbe210bbfd9b39e02673c6f3863c80937c8f1dbc843c123f2f008811cdbe74006190291d0bbb852aaae9732072e17a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
69b96fee7f65ca9a0777c306b111054d

SHA1
acadb3fc746355225756840b6eee581b480b3803

SHA256
ac9877afbdf516719fdd52fa3ba1a27966c2585e946edf5c0aed28678fc05a45

SHA512
24f2d3f4cfae46534366e946d549fbfc3fd8f747a9c1f762908f738f5e035239fe2d841b65c7cd30a2b9051042b9304016fb92bff2e5961f5ce4b3b8c74647f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
eee47b36ba7bfec366b323145810369a

SHA1
485ab7aec99a6807c2a0d8da549c6a76187f8911

SHA256
e9455d5d3ec569ae70bbeb3c53f8fad3fadc66f30d66cabe163c66a4ad01a7fd

SHA512
df4c5535f2a91efd1533d81eec1ead88f0980ebd221bb8fb8159f8efa0fdf773309ddd82cf33036407c46b399d6dbce758649e41ff57d417fe78d5fbacb547c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9d8590c6fdb7c9862660ba0614eeba79

SHA1
7fd77e4ac8c735366ce6609ae107363587671a35

SHA256
fa8f771a4771e6da000f1f80d1f8704722b9029e4235b14d25cd8e90265566cb

SHA512
97d9a0e72da8cc56cc5b98710929dc9909882484aade1ecbdb72c13e1d40692b1bec947e4db82211b14bbb0ae29e3eced2cef2bf154806eea3a3521f50b313d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
1a3f82721d65aa64290aa6c4a820d02a

SHA1
8fd3b961cf7c9c29f0447c26201824469fea04bd

SHA256
521a8749682d23f821840b425232d0217084cbc6ce5fd8cfb38ba78d4a2a99ef

SHA512
4cb388c78ab0b9cf4770d2f64e07dedb9072e9900e3b00c109f0a71134c4d1bcd573aa5db36a924b1bed9079e816b973ffb65b1a347e1c6c81453cedfa7c04c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
54adf5012d3d0d7913823e115d792c23

SHA1
33424095fe04cfcc78e5c20c5e49253b720a2ea1

SHA256
382dd6da0fc85e0f972f2259582e10fe62c5641678fa573d3b31e1b7310e6a5a

SHA512
80412f0ad06eea6228f4ff28c472d37cc6b1ac0ec6775a205f0ce059e010e387382b9400576861deb28b7bdc9ad92a6b4b1f28c9e4db6ed61dd2e1273fd5cac7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
b0fbf5fb174dffb42026fd55a5f2c673

SHA1
de61c8d68b29a0a7b3416c3dcea48fab7841a762

SHA256
a83b8a0129bdf20ab532e0501008bb8b5276d93828918a90014e251c46168f23

SHA512
9e414901d36a2f2e5a99f94a93161f74b29ba6ecb3dd530fbdd5b98f010453fc7d549e0f7429ab75d64f4863c441f703c206abea0eca9334c31b9691a6eb1907

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
e7b09d12652f0648a07ec2b7cd9d614c

SHA1
ac997730616ce9458dc2d090fb6b69564118f05c

SHA256
8aebab230d7904c7545b546cad89373ad223010e4f381349974cba402ab182a3

SHA512
7e7ba4d45afdb161ab3327071d34c91e4d13a8005d3704c1923984aeac2bd25a02286f35697ff1e358ba5e3f666f6c6d68a41705d9d86e5c81e9d131da1be08b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
daa2796d0168fc09c2337dcb7629b7b1

SHA1
fc355d4450df473d0e3533e9c66adce7c11f45eb

SHA256
801be95be331e5f4b9782108338d3a2478f48dbf794411d8144bf4a34b84a2ac

SHA512
ffc08e4835e4040e44db11e84d9dc48346df89fcf1d48099db4619474b53e87354be690adf02b39e7d79c2d3966e64767f06b34e05ba8a08002047a0b3ea1fdb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f1e2.TMP

Filesize
2KB

MD5
09f49c3d79c4f9493f74913422dbba1f

SHA1
10c25e8125e5dcd5396cd8201c9c40bdf02ff677

SHA256
c7b3540b9c87bbe9ae61800532d527fc0ca44a32e2dd7e53cc9d2c7214442d08

SHA512
f12d2721a93350e6fd6344b1e15eb023fed30cfbbe00c84ed87fbcebcd3b64b9be41897f5ee539c2c832686daf1f888371206f3a4e43f0dce9846c4b67765f75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d9a417bc-bf6f-4bb4-8985-8dd990053056.tmp

Filesize
5KB

MD5
b3c328086ffc75b42ac2f48e79287c1f

SHA1
a4c8132be474bc81d042bd0ea0afc36f2b2ccad4

SHA256
3d3919451431f5534623ee5989929a995b24969ce799e39a9fdb8377ee67fe7f

SHA512
b17d5d009a8c570e2174c1352f8e388f3feb8592988d414d4fd9d5c1c935f7cc20815be5fba3da2a4d58400d78296767a0cdac193496dd0cbbc4b3a377f5980a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
959b772605f577ec61c779841ad07505

SHA1
1bb5c75b553172dfbd34b0f5a08f942143748b4e

SHA256
1bc5a9d7d670ca8055bbd735dbd451e7aa537acc08984b1950618454921e14ba

SHA512
8c07f9e305fb40bcd5391e668feab37310d2f9b6b9264e39330c1fa15781568695bb1da22cdbb72311b7d6a1960780225c6edae7f7211c329cb46e33db5bfaa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
66e32cba08c2ecd162039016d551e93c

SHA1
0744fc041aff6aa6cc3da34798bfd8c376d77933

SHA256
a9edcf76a0ca3955d02e44101bd586a1b502faabd8a560e6c2e6e025dd7cea85

SHA512
370b25189c28116383fb756b8905a6db72b00bf4ce21d447b6b15146c50e43c35ef8aa3bee7f6fcd4dac3f86b1af98b9e47c0a87a3ddb02f9c1303dc3d9eb6b0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit