Overview

overview

10

Static

static

1

URLScan

urlscan

10

https://protect-us.m...

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2024 11:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://protect-us.mimecast.com/s/YkWuCzpEzofM2jMYTXmr0f

Score
5/10
microsoftdiscoveryphishing

Malware Config

Signatures

  • Detected potential entity reuse from brand MICROSOFT.
    phishingmicrosoft
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://protect-us.mimecast.com/s/YkWuCzpEzofM2jMYTXmr0f
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4432
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8cde346f8,0x7ff8cde34708,0x7ff8cde34718
      2⤵
        PID:3096
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2328 /prefetch:2
        2⤵
          PID:3168
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2680
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
          2⤵
            PID:4608
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
            2⤵
              PID:4580
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
              2⤵
                PID:3156
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
                2⤵
                  PID:4964
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
                  2⤵
                    PID:4824
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:4676
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
                    2⤵
                      PID:3724
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
                      2⤵
                        PID:3892
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
                        2⤵
                          PID:2664
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
                          2⤵
                            PID:5080
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1
                            2⤵
                              PID:1856
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
                              2⤵
                                PID:4528
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
                                2⤵
                                  PID:1788
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
                                  2⤵
                                    PID:1896
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
                                    2⤵
                                      PID:1072
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
                                      2⤵
                                        PID:3548
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
                                        2⤵
                                          PID:1728
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
                                          2⤵
                                            PID:4248
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
                                            2⤵
                                              PID:5100
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
                                              2⤵
                                                PID:2752
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2312 /prefetch:1
                                                2⤵
                                                  PID:2480
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,32901913317884755,16105568868765953852,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4964 /prefetch:2
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:4716
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:748
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:2100

                                                  Network

                                                  MITRE ATT&CK Enterprise v15

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                    Filesize

                                                    152B

                                                    MD5

                                                    8749e21d9d0a17dac32d5aa2027f7a75

                                                    SHA1

                                                    a5d555f8b035c7938a4a864e89218c0402ab7cde

                                                    SHA256

                                                    915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

                                                    SHA512

                                                    c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                    Filesize

                                                    152B

                                                    MD5

                                                    34d2c4f40f47672ecdf6f66fea242f4a

                                                    SHA1

                                                    4bcad62542aeb44cae38a907d8b5a8604115ada2

                                                    SHA256

                                                    b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

                                                    SHA512

                                                    50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                    Filesize

                                                    4KB

                                                    MD5

                                                    6a7b75878bfadd9c5e42e62e64f9c741

                                                    SHA1

                                                    30abbc283276ef791f62eef65bc79c82a527d9ff

                                                    SHA256

                                                    d18665864686b64e03941aa8830d6a0e23ac532d16914ccef2278132af48adc5

                                                    SHA512

                                                    dbc8e54afaac14e6f04286c03ef9f0c242b86dfb37a9eaab810df05bcf65cc417dad0a6c747bafd5543fd75c3fc6b1b687e344f949e3fdabfbbde7b9484536ee

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                    Filesize

                                                    168B

                                                    MD5

                                                    45813334df1b91fe3bece592abf42cbd

                                                    SHA1

                                                    f15669b3e6b4c9318ea723b5046fc14d86803f2f

                                                    SHA256

                                                    8ac9d32c45e05440256397049c6faa13dcc20461a52e9d3927954664d5cadd92

                                                    SHA512

                                                    c7ba9e8b76ad35227f9dc36f44a442ee370aec95a67b58e5a5848c928a194b135623f3ca8a15b53cbb78a0a93a297cbd5541ea6f1f7f078dab8379e0d347f300

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_teams.microsoft.com_0.indexeddb.leveldb\CURRENT
                                                    Filesize

                                                    16B

                                                    MD5

                                                    46295cac801e5d4857d09837238a6394

                                                    SHA1

                                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                    SHA256

                                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                    SHA512

                                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_teams.microsoft.com_0.indexeddb.leveldb\MANIFEST-000001
                                                    Filesize

                                                    23B

                                                    MD5

                                                    3fd11ff447c1ee23538dc4d9724427a3

                                                    SHA1

                                                    1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                    SHA256

                                                    720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                    SHA512

                                                    10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                    Filesize

                                                    3KB

                                                    MD5

                                                    80bf9f6084271513f5c1252fcf108d8b

                                                    SHA1

                                                    d53bf9e58d0ca9f194618c0b4e9b0825b56a90c5

                                                    SHA256

                                                    257760d3e155bf9983b2c22f1c67bf33da12ae3a77cf43cc375f4a718983704a

                                                    SHA512

                                                    3f4b337e592d2dab48531ac1d45a5b62b20fa9c579a1748263dd2eba3890b18734fbb42acbf7b75646251f6a4a59392da9892270f1753a293f47bbb0175896e3

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                    Filesize

                                                    3KB

                                                    MD5

                                                    83bc4cbf8c96e09b6efe4fcd1ccc8309

                                                    SHA1

                                                    203c138d5dc08f254ccb919e312d67e4bf66e8f4

                                                    SHA256

                                                    93ab966a981377bb3997e6331b3814664b094557bec500f4c137423a509bcc7b

                                                    SHA512

                                                    eef6b9aabe93efb33cb2b9f9e5c6b574f82ad08eb387abf9f73022526d4f12272991e5b205b8878e1b2484a09d99a204ce06b79654ba6499f2ad6b1ec23e7d25

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    6KB

                                                    MD5

                                                    4483404aaedf3fc8c989b061c8b5cde4

                                                    SHA1

                                                    47870c667502e111754b2fde5819e75cca85c7d9

                                                    SHA256

                                                    63a0f1f128b962405aeb500fdf57c5bcd432e5405a43a49d54182c344437ea52

                                                    SHA512

                                                    6ca01a1def7af867f43627d5e01b6fa9479330f30771e0626af3615f1a62284cffee1c4ccb34d25b5a69519f58d21b1091167e90d6413103cc4f4c8cb888d633

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    5KB

                                                    MD5

                                                    5f92bf363322cfb4536906232408f769

                                                    SHA1

                                                    ffb630f02f1e4b9f0347ff4c6a37a92b963b02db

                                                    SHA256

                                                    0c8f552d3ce7cd4b6060fd4adb0bde9b1df306b41c4095761a595a26410ecb28

                                                    SHA512

                                                    e2ddcf4cd0a60ac100a21149a419380a8f27970a2390dab0a5f06fe493bfe7d052b39bdddb3b54ed49ab3df52b1a589b5b061df6faf20ac638df1f4ceec73477

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    6KB

                                                    MD5

                                                    90a6af362b25bb728bb1009f94794241

                                                    SHA1

                                                    b8832a6c2dd3a430e674af794b2a51cf8718b174

                                                    SHA256

                                                    1b899cd986c0e51dbdb4c19247a4a5997a09b7464a34a85fa24a063dae794c1d

                                                    SHA512

                                                    3782d2369e77bb5c1ff7c5eec615a0c725ca440f846ca8e95a34625b9f79fed515a90cb06d7d9be68714afa4a3e3d84ab2f067bedfee9a921eb4f343abf5dda2

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                    Filesize

                                                    6KB

                                                    MD5

                                                    bc9f226db6db70bbe7a2a2d2667a8063

                                                    SHA1

                                                    ea8fab7b947f2c9c205f4025ed681204543c24a9

                                                    SHA256

                                                    2f54d368cccbae70ffd57d5833389bdbc3b0f9b9e33612a6117aec623b0ac9ee

                                                    SHA512

                                                    5141353ef226e9ac299fcffbd4dbd4ae17b6d01ddcd30b4972c6b0140e5138d81986462cc81f1d46aa347d164652e6f5da4848e31ddd9704150af560a6b107a5

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\0e43ec25-317c-4c7d-9cfe-7ec975b157c9\index-dir\the-real-index
                                                    Filesize

                                                    96B

                                                    MD5

                                                    cf16cc213030c6fc349b820a4fdf1dd2

                                                    SHA1

                                                    2387fe80c3e034f9ad0371ba9025e039ef281416

                                                    SHA256

                                                    2363b9039e8639f9f60370d675058c0e3fbed858b31df433b61a473728b447fa

                                                    SHA512

                                                    48f142b06be811f358f51f90b3640b3797521db7d13cd84ea1ec4da7cab039fae42585ffc7f3242b8c6c8af762ba6c3348d36aca2f1324047c4410baf5f75565

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\0e43ec25-317c-4c7d-9cfe-7ec975b157c9\index-dir\the-real-index~RFe584f34.TMP
                                                    Filesize

                                                    48B

                                                    MD5

                                                    e0c3188d529a57c7ad9ffc0a21e805e6

                                                    SHA1

                                                    01caae4f18e3294f52b18c637d2acd671d349580

                                                    SHA256

                                                    8236c5f3fb532de3b5dc33b8ff1a009bd43c7bf0b906453dbf7d3ef21efc2baa

                                                    SHA512

                                                    cdfc55914076754b93001765d1215569c45a7f9231caec95d274658ecb9008ff189a4cef0629ac6c4d4e62fc0e8b6591e27b363bfb1bd9e5ce65f056420a3321

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\35f7ef69-5b6a-4fad-b150-ecfb8d25ae15\index-dir\the-real-index
                                                    Filesize

                                                    96B

                                                    MD5

                                                    9590cdea68efd2505aee2e7cb716c378

                                                    SHA1

                                                    6066bfb3bdf0645f64cc799f5bca8bd48aef3b6b

                                                    SHA256

                                                    1e1f9dd9faeba6896d88ffdbeae2d66a314732b7dd42df69d79b0e775ed553c2

                                                    SHA512

                                                    fbb2779d039932e3daed1b7486ef06d091abea8ee7075551a0d99b8cf3f0b919a851509bd12d714353992548da0be0472f14e201dcfd7674fd5480d7e8030fef

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\35f7ef69-5b6a-4fad-b150-ecfb8d25ae15\index-dir\the-real-index~RFe584f34.TMP
                                                    Filesize

                                                    48B

                                                    MD5

                                                    643655cdd0c46d84320fc9d2c1ce33cf

                                                    SHA1

                                                    c208a5f638575cd7b2b4459abce0875515c1af08

                                                    SHA256

                                                    0b98066eb21c8e93e7a0bfbb9f364d9f2a63154dfb778695e5e85e335aa27d07

                                                    SHA512

                                                    1e150e575c0d7da5a9f1870288e6fa140e09a8d918666ade4598f0ab60cd1314bb59ca1c2bebf5c79bb811a649f08a9a9f9efae2427c964246ca6ecea493afeb

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\index.txt
                                                    Filesize

                                                    175B

                                                    MD5

                                                    1e124c9a455784dbc2650c240ca2005f

                                                    SHA1

                                                    7fd1ac5e104d76debaf217ad2e96ba6c7a369549

                                                    SHA256

                                                    a71e51e0c5b1387acbc8387b6e57cadd56e7aee8f79780159f3dccf9877ffe46

                                                    SHA512

                                                    43c95cceaa363254a00d4568aec12f5eb33bd9947c2e001843d07e1e912d2c3c45067c94aae5bca94d634e1f713cb5b5fe06bbdad89e8744e1e421e9c434edca

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\index.txt
                                                    Filesize

                                                    179B

                                                    MD5

                                                    eeeab951f163aa42d3989fccc772f0cc

                                                    SHA1

                                                    f1ce6fa379171ff67aac36c5825f2b6c9ad53f63

                                                    SHA256

                                                    29aa166754ea770d7d1f9532a843b643994c9a2482deb178877d3ec17fb4af0d

                                                    SHA512

                                                    36d0fdd6510259899070a7f86069ef808d4cd9cfa243fedec2816e8c48a7141f805fe00cca4588a1fc453889d224c069325d9010ec2918a0d20bc9700abbd77b

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\2b5c392d2730c0910fd56433cc5e73e510d0f2b4\index.txt~RFe5840dc.TMP
                                                    Filesize

                                                    107B

                                                    MD5

                                                    69ede4828f4144367e4c6c1724a0670e

                                                    SHA1

                                                    86288b43ea716560257c11d17d39d5433224596a

                                                    SHA256

                                                    1c1f0407be7fa8018007bce445799d93831857d74efc7862762fe38588090113

                                                    SHA512

                                                    bc3da6642a5ad290bcff1a73f16ee86624940a44c251e83f10241d5c26307bf47f29b527bb1807da896fc9ce682505ecb3c9e6329ee9e1ad76e125a6ab9ed4ee

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                    Filesize

                                                    2KB

                                                    MD5

                                                    067ebaef6c284553f7009c308600669a

                                                    SHA1

                                                    df88387c1371f061664f81defdb089316267e4b6

                                                    SHA256

                                                    e1557d03b057b89764c15175567ad6d03b765d51f592790f4aa8e6b78f6752e8

                                                    SHA512

                                                    38e63aa68ca22f61d2eead467191b8503e420dd7f2c68fb9e51a751fce1718087d39a6f769f69a79ecc98db3cd145c5ba64299f802c380598cafafad998cffb3

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                    Filesize

                                                    2KB

                                                    MD5

                                                    523bdef4c63697a806ec5fa5b4140907

                                                    SHA1

                                                    9659c56ff649f4423a1ca9f023c8f0c5a1cccdaf

                                                    SHA256

                                                    0985ff2423318b503ba7f3e7e8ce18abe679f45a73767103d358ff3bf5210a38

                                                    SHA512

                                                    e8745896428e6833427e466342d7f5edd51575527c5e079d311025e5d95d1c4d884035615a6504534842b87a1285e28f6e2c8047d8b380ccb51421b659fd4c4e

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    752b4565d147ae21d240794362cb32ca

                                                    SHA1

                                                    b59d90a1fc8dde697d054da9d3675ac27dbe7a94

                                                    SHA256

                                                    a52b3fcbbc42848c2da214102e0418253db598a8dbe13129b9a6a6e42e04c387

                                                    SHA512

                                                    78993fc884ac84557279abf74941f3bad9e64cbd6eda2bb7de8e95014fb55cbdb2d3a1fe47d75e5e331d52362f4b30bb174647d3337b551d886fde2129c302df

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                    Filesize

                                                    2KB

                                                    MD5

                                                    ea95cf8e458403b62aa9db187c32c90c

                                                    SHA1

                                                    96d24e0028bcd963e2b2ada750f343ccdddc1ad3

                                                    SHA256

                                                    ce46437dcd286cd68b613a2d65d18894f5969df9367650de7d75d83942e961ee

                                                    SHA512

                                                    af1d23e6cafd5a555225df3cac6277d98ffe2c6f336ee98026825549ec9c4c82ab2f4af3645677a6d8e72a84a78f156ecc1dad426f096f64d83110124610aa68

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58414a.TMP
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    678b97d53a87b91df4c209531ebc5aa2

                                                    SHA1

                                                    08943bb4fec7ee83e057451759a3827397c398d4

                                                    SHA256

                                                    b9090537f2b9ac558188793ac76959f5fe973df78da7d2a1fe9901f0d97c022d

                                                    SHA512

                                                    88da68f347316c3cf69b13dda946877179a6b30d8f9c1d5694c66c30a3ebd2b0d3bf5048b10f15b0e0010f68d503c43f7858094799dc153aa3c5ea19bb25031b

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                    Filesize

                                                    16B

                                                    MD5

                                                    6752a1d65b201c13b62ea44016eb221f

                                                    SHA1

                                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                    SHA256

                                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                    SHA512

                                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                    Filesize

                                                    10KB

                                                    MD5

                                                    c8f84e4d6a0bdfb475cd828a393b143b

                                                    SHA1

                                                    cd46622a196c6c162a0f435bf9c84fe977ea9a39

                                                    SHA256

                                                    eb28ecb408586c79156a1c481c9365a62e6cbd1d2a3b1bee8eb89fe32ae6bc1e

                                                    SHA512

                                                    5de7213106d2441c893aa037a5d32e76c691a8f2c4ced99338322995958d270f17c1e54d30a10cbf2d858c3f2fdab11e99430d6e4ae22eb97fa85f1f31cad2c5

                                                    Download Submit