Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-12-2024 11:03

General

  • Target

    https://wetransfer.com/downloads/7427c76aafadea00042df4e6730fcd0620241210114544/4a573b5d267ce86048fcbe5a8ac1c1ae20241210114544/c89f8b?t_exp=1734090344&t_lsid=59d5fdfe-bc5b-4b5c-8995-89005834f57b&t_network=email&t_rid=YXV0aDB8Njc0ZGE2ZmE2YTI4M2YzNTEyYTA3MjNl&t_s=download_link&t_ts=1733831144&utm_campaign=TRN_TDL_01&utm

Malware Config

Signatures

  • A potential corporate email address has been identified in the URL: [email protected]
  • A potential corporate email address has been identified in the URL: [email protected]
  • Detected potential entity reuse from brand MICROSOFT.
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 36 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://wetransfer.com/downloads/7427c76aafadea00042df4e6730fcd0620241210114544/4a573b5d267ce86048fcbe5a8ac1c1ae20241210114544/c89f8b?t_exp=1734090344&t_lsid=59d5fdfe-bc5b-4b5c-8995-89005834f57b&t_network=email&t_rid=YXV0aDB8Njc0ZGE2ZmE2YTI4M2YzNTEyYTA3MjNl&t_s=download_link&t_ts=1733831144&utm_campaign=TRN_TDL_01&utm
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1548
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff99ba446f8,0x7ff99ba44708,0x7ff99ba44718
      2⤵
        PID:4360
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
        2⤵
          PID:4400
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:412
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
          2⤵
            PID:3624
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
            2⤵
              PID:3772
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
              2⤵
                PID:2304
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3924 /prefetch:8
                2⤵
                  PID:224
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
                  2⤵
                    PID:1740
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
                    2⤵
                      PID:1464
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
                      2⤵
                        PID:3188
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8
                        2⤵
                          PID:1344
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:2132
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5240 /prefetch:8
                          2⤵
                            PID:2232
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
                            2⤵
                              PID:3704
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
                              2⤵
                                PID:100
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1
                                2⤵
                                  PID:3580
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7204 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:5236
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
                                  2⤵
                                    PID:5408
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
                                    2⤵
                                      PID:5416
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1
                                      2⤵
                                        PID:5900
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
                                        2⤵
                                          PID:5908
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=6864 /prefetch:6
                                          2⤵
                                            PID:6012
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1732 /prefetch:1
                                            2⤵
                                              PID:5128
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6932 /prefetch:1
                                              2⤵
                                                PID:5780
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
                                                2⤵
                                                  PID:2216
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
                                                  2⤵
                                                    PID:2628
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,5451239253478301942,17661985977268072198,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2368 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:5344
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:3644
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:4708
                                                    • C:\Windows\system32\AUDIODG.EXE
                                                      C:\Windows\system32\AUDIODG.EXE 0x414 0x3fc
                                                      1⤵
                                                      • Suspicious use of AdjustPrivilegeToken
                                                      PID:4172

                                                    Network

                                                    MITRE ATT&CK Enterprise v15

                                                    Replay Monitor

                                                    Loading Replay Monitor...

                                                    Downloads

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                      Filesize

                                                      152B

                                                      MD5

                                                      99afa4934d1e3c56bbce114b356e8a99

                                                      SHA1

                                                      3f0e7a1a28d9d9c06b6663df5d83a65c84d52581

                                                      SHA256

                                                      08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8

                                                      SHA512

                                                      76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                      Filesize

                                                      152B

                                                      MD5

                                                      443a627d539ca4eab732bad0cbe7332b

                                                      SHA1

                                                      86b18b906a1acd2a22f4b2c78ac3564c394a9569

                                                      SHA256

                                                      1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9

                                                      SHA512

                                                      923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2d00b824-9b54-4b5e-a1a9-b18fe9951e89.tmp

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      ba9aaa20dfffafa53b7e08ad38bbbecd

                                                      SHA1

                                                      626dc8bee8729b44fb7bed62a9f6584bbfabdeda

                                                      SHA256

                                                      e414296e6a1146fa2863b03164ad249e8de8f0dbc8ca61151ebba10f0d687b01

                                                      SHA512

                                                      2f93c559c60e50378311d508debc8e434b81ea08f2797648ff768f40fddd375f6de8bba36e60fc4af14b40782d75e28d47309f9aa54568a2d453df4db4502fe7

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

                                                      Filesize

                                                      72KB

                                                      MD5

                                                      a9a88d70f348716adad68eb6a040cde1

                                                      SHA1

                                                      e0c505e21dc36394c53729cd214a459b1e351e50

                                                      SHA256

                                                      be3b8d2b70be28e6136c893cd98a316cc27dc3ea5024933515a413e6e54581cc

                                                      SHA512

                                                      88dcfcf6cd5f6415a71e11976c489426ce7aa6d5ce6215e1ec0831e1463465d1477f62a33603a3fb31636dac712c07c7bdd46afc31268aafb2494e66d57717df

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

                                                      Filesize

                                                      22KB

                                                      MD5

                                                      e6897fc3ccf6c02b6b0c2447524f1a7e

                                                      SHA1

                                                      569d49e2fd3cf330a8d6df5a120709b6d484c84a

                                                      SHA256

                                                      7efc5148baeb001f77e9abd76de7ed845fd0dfdd5155f25431e54042120b7054

                                                      SHA512

                                                      cada715ed0d4457f9f11056fda49157c13a6ad3d8c9b6ead04e285ce3eab9cfa3225477baa6bd783be94491ffec3c941d1a309ab78fd2424f4dc8f3af56610a2

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0169fe1069d73c7a_0

                                                      Filesize

                                                      351KB

                                                      MD5

                                                      aae282a3c4f814b45a488aed6149afa8

                                                      SHA1

                                                      37ae0f98cbb28f028485c260a566015aacb99d2d

                                                      SHA256

                                                      c2d1ab1dd9144320693fb5ce7ad52c9c6d670d636c9c46db615f86ac89026613

                                                      SHA512

                                                      2e300065d5a7b1a51f2fedbc7b653d81e61d835205570ca86255a7e4343e7c8cb072705b1ab48ea9ccf22bd3bc982c80582ccf87b1851872e1efdc3f0472b28a

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2cbbbe82392300ec_0

                                                      Filesize

                                                      257B

                                                      MD5

                                                      5ce2ad6448e1680f1fa27cc1353316d9

                                                      SHA1

                                                      2666476c8b30d4f200fcdd3affdc0437981221c1

                                                      SHA256

                                                      ce542ac826d4644559d462eefecf3485a9bce181488f2f88edaf7681aa076ce6

                                                      SHA512

                                                      88931fab80a23b00430afbdecdf8bfeaf4a71ad2d03112d642310881bf298b0c6b692b2c06f7cdb0fa1602243c9662ee32d7c1f13de5940804f2751c9ee24a14

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c32283c6e2a0290_0

                                                      Filesize

                                                      260B

                                                      MD5

                                                      6e05e87e01107e19abbfed90d01d37bd

                                                      SHA1

                                                      e66fd2c8de4fd1ef8aac16998ed1b512a74a2712

                                                      SHA256

                                                      294e683204d5c61ae50d0cc3fa78cb1530308a18ac44ea49254f1494d7a13df4

                                                      SHA512

                                                      95bba7844e36d24d5d7068e6e7e0fd76542fd274b3ac7a9fb19c8299ef70144c9f7293fe9d6ffba47de7e9d4b7a9a0bf6c36105f7d7149ab432475e1eaab1067

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9017e213dba4485e_0

                                                      Filesize

                                                      186KB

                                                      MD5

                                                      ea65831ef89bfb3f09c8ff975b1520ec

                                                      SHA1

                                                      d54f33e5be5829217c8fe5d0bbeb2ed71ff37d33

                                                      SHA256

                                                      72817f7772b2ea8638564754be9d37800a1d89eae275cbdc956810d7fc587c27

                                                      SHA512

                                                      b4fe8016eaffeecf5d5f1c020dd2d5f3a7166c51550723b7140e2b07e2ee6bdfb2a987311e4888a7d23941896b639322ffb9f27eb8e27a3ef707cd83b97abd78

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      136e9096fe2f293f8b4c6a972db28ef2

                                                      SHA1

                                                      2b71c93ec241a392d9e47372ef1af1a1dc4c0203

                                                      SHA256

                                                      dcc1cf248b96b4178fb00b8beab1593ab4f1d24833a46b724d354afdb12f0042

                                                      SHA512

                                                      332590316d4a1e1367811fb2b2026ebd63ff55ee50f714e88d1bbbdfe211f5d4a2bc593cb7f6a5bedcd31973066e7baaee33ff3ee4389b4c95e26eda2090c74e

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      f41edca13490e0a5a174fcfaa9ac54e8

                                                      SHA1

                                                      7ea0525f5a237537020333fbbce3467a81508cc7

                                                      SHA256

                                                      03f03f73b63cb8867b7220dbccc17d11811cdfaea16f4c3535c5eace91d290cf

                                                      SHA512

                                                      95bcc588409d510a1f9b290410d5759503be8faf793c6c0f18e926d48fcd0bea715072d02a5afc7bd68f468253aaf4043710b5fee51659012498c88e51ab3436

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      9af7a7a8564da6fe83858ddb131b88ed

                                                      SHA1

                                                      a19e833b6b53febb95f0692dd5ea082c6f023d0b

                                                      SHA256

                                                      1f1914cd1e7b819c0c00c6d87a1cc9ec975630426d0d80fadd2b550dc756da88

                                                      SHA512

                                                      a7bed1dddd88a21f0271c27dce2b7842b6b0fdf984f7c8d8facfa1d1a9e87c22c6f9a5e83e525a221647e7c35dd0d322a73fafc4cd42805e604a25ea45b61b6d

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_backgrounds.wetransfer.net_0.indexeddb.leveldb\MANIFEST-000001

                                                      Filesize

                                                      23B

                                                      MD5

                                                      3fd11ff447c1ee23538dc4d9724427a3

                                                      SHA1

                                                      1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                      SHA256

                                                      720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                      SHA512

                                                      10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                      Filesize

                                                      4KB

                                                      MD5

                                                      4ae2cfacd9a56fbc233821c47c2fa790

                                                      SHA1

                                                      974902eaf3586e33ea1f6fb7c87f2fa17479d034

                                                      SHA256

                                                      590ecc215951c08a4c81440cd8f26edcc38314589841574a2a9aa73c8e17f8ec

                                                      SHA512

                                                      c97f9b47ecc7ed1db3ce97eee8bc39f958e083f008dc506dc2131ee5983fde75ffb23ca8945302fe43275a5ec040745f50588b676e70021fa76656e629547042

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                      Filesize

                                                      8KB

                                                      MD5

                                                      d9cd2742bc3e9f6f6c325bedb2b43356

                                                      SHA1

                                                      73c0e8dd24ad4cc40333db560945c0ef5c82e609

                                                      SHA256

                                                      52223821a050a8f413469cd46373948075323f42ad7a81bd430412464f43b621

                                                      SHA512

                                                      0e813d6df2623602210998bea8f08e1e0bd01adcf5e49fa2ce74d9229f81af633eec577cd7af605b3b4945477ad4439a2c1a513599257ed0d5287a62381d616f

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                      Filesize

                                                      8KB

                                                      MD5

                                                      81e0c1fa8826e69b27cbb9af0d55ae8b

                                                      SHA1

                                                      d24ff621ae4b8014a4eb603ff5690d5e2a849e90

                                                      SHA256

                                                      575009bc063d40546e7da04315cd7ef9d55308024a133ad8edd4b4f46f0933c7

                                                      SHA512

                                                      b0ced0075f086dcd1dde2cf4dc1874e6f00766f31b1bf759325476f9e8f2f76a0f0d30de7d807d6d9c9df87e952b4c044b4b1557ae112ac61f04a4285fd0236c

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                      Filesize

                                                      7KB

                                                      MD5

                                                      d52cc3f6476f8c739344f12bb0e99dec

                                                      SHA1

                                                      23bacf6ab06189053022c0b1b8d7b34ae321a4f2

                                                      SHA256

                                                      66f07c6277e2b74f7ab27aca140d0fa92026f84ec8a517d4b8fcb16129d2bea1

                                                      SHA512

                                                      b48e7f298ee1f97b470c6052cdfea5d2386f4a9ae9f39d3c22935f98e8b499cc1644fb02b1f2c77ba40d0effeaf6713f6b09913479b22bfe39d29059208963bc

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                      Filesize

                                                      9KB

                                                      MD5

                                                      fea5d2f7d23c238f99fbe0ff4a350679

                                                      SHA1

                                                      035efbae3880c6f8a130eea13c72d2572f63a449

                                                      SHA256

                                                      6cdb66bd29c76175ed7f688fce97806fd2ec6001462c211c8e763ed1a3d4b3a1

                                                      SHA512

                                                      428bbe7c7ebc7fffd69e01550a095399b3a3f71423fe10b18861fcbaac42084870be23a67667dbda90de47a8522c7f92c44d21e2bfdef21a9b6dab491bed58b0

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                      Filesize

                                                      5KB

                                                      MD5

                                                      4017affce1fa1adf8c4432523e43e1ab

                                                      SHA1

                                                      5f4484c3f59116f4d67dcf41aad42adfcd6aa077

                                                      SHA256

                                                      ff8db8f44743b1903703f598e2e63e1f980b44ae888f32284cbff64328cd7b8e

                                                      SHA512

                                                      e544a715bbf731853663f51c17b505f247caf0c25f920e106083902a4d0c5739fa652a590970c057e24c0a87bd2d0f6e69385748143feda37dce6490e37e582b

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                      Filesize

                                                      2KB

                                                      MD5

                                                      b2cfed72304307e7cc052b49511e0c5e

                                                      SHA1

                                                      48bbee9342a622cd18f56220e55cddd50e9fcc05

                                                      SHA256

                                                      1e7d5578078fbf98bee1e79f98dc2cc019539c00d98e3db37ef9282c149cbb29

                                                      SHA512

                                                      add0aa329f3a2b0b4cb2521d96dcca8ffab12b4603dfa3f2d90fead58d73a3bdd359d1f54b5666530b5fed59abb35d71c12a331aa28f8e06c4502095d22a4993

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                      Filesize

                                                      2KB

                                                      MD5

                                                      a3fe8c49b073947c5acbb149cbada6f6

                                                      SHA1

                                                      72d9838164852b1a8d1610d23f29e14171ef6732

                                                      SHA256

                                                      e0bdd68476c0bc4995b6e73ed6667257323086b92e9db20393af62231be919c5

                                                      SHA512

                                                      50cac19fcd840a52ae2dee5b828d0c9ec18e7e7823b41505f1a809ec1217298dd05bb680c605aaef264abca5fd6556d70ce7b9e64b6e08a1089c9e827486d6a6

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                      Filesize

                                                      2KB

                                                      MD5

                                                      c6c4de6b151446d1ebd397b04be5c29d

                                                      SHA1

                                                      10b021ce8953ae9eae747fa956bfa8331cf7645b

                                                      SHA256

                                                      d9aa903dfb0517e1385210873b6bf171322eab36a7d0732c7077f8377a14ba7a

                                                      SHA512

                                                      1aa3950b6f83ee81019c3133cdac350c6428d1102abb9f3a6a935e68703cd9253b961de110c428294dacb80f636d0a2dbfde549beae34e674c2f2f203277ec6d

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                      Filesize

                                                      2KB

                                                      MD5

                                                      0fd4192a238401f38498e814917c5723

                                                      SHA1

                                                      6d4bcab9cda5d6b6787e4eb423986231cd4c4182

                                                      SHA256

                                                      ecd7beabe7d5bf5be91575004aa8dd2dfeef29fa79aefe284a7449b25ab40da7

                                                      SHA512

                                                      d83cd24d2655b3f70b62402cd9b648e871a325f7f044493b661ef739093e9bbfd1c5bbd97632b31d0edce5b485ee84d00bb6cd9524a6ccd836ce968bd59e29df

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      56d555f35651cee2df60c2fab73cc2fd

                                                      SHA1

                                                      7ae409952e8325340b11ff0df162caf369cb12ca

                                                      SHA256

                                                      1a4f5bb539fc15b4f5f386bacaef346d3190eb3a04e3bb863c3bfdc1709d7211

                                                      SHA512

                                                      f44d18d6c70448f1250e439add860d672986748883c034fbb01516cc517c7220fec3af1e141e6769a475710292e01a70172f774585a9c5b95f2b332a00c68e8f

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57de0c.TMP

                                                      Filesize

                                                      1KB

                                                      MD5

                                                      00d9db7f2466d4eb93ce133b2c8df09e

                                                      SHA1

                                                      885b64ac278d6e2826026acecee075e8ee98da45

                                                      SHA256

                                                      6b934105981a360d5d60b0244868955676d5ef3addb07c8673d73d2ad7830cc8

                                                      SHA512

                                                      9ff780ede6f7804185aa000e636df01f28c411c520a702b691a58cf50b2807eb462ef313781bc888f30a14c65f9e960f94c604e79e1c25c613eda6c21fb21f0a

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                      Filesize

                                                      16B

                                                      MD5

                                                      46295cac801e5d4857d09837238a6394

                                                      SHA1

                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                      SHA256

                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                      SHA512

                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                      Filesize

                                                      16B

                                                      MD5

                                                      206702161f94c5cd39fadd03f4014d98

                                                      SHA1

                                                      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                      SHA256

                                                      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                      SHA512

                                                      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\efa38fbe-ed0e-4e9e-adb1-ef1d9543e2a8.tmp

                                                      Filesize

                                                      4KB

                                                      MD5

                                                      1dff3fd2e9de2bbce9711549bbd4ed98

                                                      SHA1

                                                      fde98cbe73c45a8cc7e431800e823f1eb4ec6dc4

                                                      SHA256

                                                      0ef7a4f616bc193d1ef7cf3e4d41110cec18d81c3cb36f028ca442ac6b1af308

                                                      SHA512

                                                      efeb35fea25b4a1cc814cd7050183fe22177056f8026a5b06d4904d3be15ddfc2ecebb98cac96fcae0672e53a6029027e5ee3e9bfbe30b8c037347547150b43d

                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                      Filesize

                                                      10KB

                                                      MD5

                                                      f94dcb02336f213c44802f8a148b2e32

                                                      SHA1

                                                      1fab3b39ed3d47ce0089a60bae052c71e2263d15

                                                      SHA256

                                                      45e4d05a1b7b97ee9fd8cb64660478a68ca49fb426a9391ae01b05a76919081b

                                                      SHA512

                                                      fc3efdcc06a844dd365f0739ea57eb6ccdbd51db277d275ed387e8d5b4adeea63590f58ca80c47299764c163ae4f6c4a746eb584c0a22435cc7ef11c69131755

                                                    • C:\Users\Admin\Downloads\Technical Specs & Data Sheet.pdf

                                                      Filesize

                                                      9.1MB

                                                      MD5

                                                      6b15910bc4e8350c5736aa470b2cab4f

                                                      SHA1

                                                      b3d01f94949473372a3e08c01b233529c25f11ab

                                                      SHA256

                                                      b11ce585495747ce8be5b2d99930eeaa8728074afe1907531fe080ace65d28fa

                                                      SHA512

                                                      b2f4e1812317aa051df8280adac620b07b84a32012ddb0bca96e3238372dbbd62b3f92b6057264f1c38254279cae15de1be8982dbc0a017b302636cce1aed931