Analysis

  • max time kernel
    145s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-12-2024 06:43

General

  • Target

    https://shrt.lat/bOHGc

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://shrt.lat/bOHGc
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3792
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa388d46f8,0x7ffa388d4708,0x7ffa388d4718
      2⤵
        PID:728
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
        2⤵
          PID:4904
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4980
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
          2⤵
            PID:3240
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
            2⤵
              PID:3012
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
              2⤵
                PID:5012
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                2⤵
                  PID:4072
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
                  2⤵
                    PID:4456
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1520
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
                    2⤵
                      PID:4752
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
                      2⤵
                        PID:4412
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                        2⤵
                          PID:3400
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
                          2⤵
                            PID:4380
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1200 /prefetch:1
                            2⤵
                              PID:4492
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
                              2⤵
                                PID:4396
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
                                2⤵
                                  PID:1540
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15207098072113948133,10930701027561957234,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3732 /prefetch:2
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:2052
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:1984
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:4396

                                  Network

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    6960857d16aadfa79d36df8ebbf0e423

                                    SHA1

                                    e1db43bd478274366621a8c6497e270d46c6ed4f

                                    SHA256

                                    f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

                                    SHA512

                                    6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    f426165d1e5f7df1b7a3758c306cd4ae

                                    SHA1

                                    59ef728fbbb5c4197600f61daec48556fec651c1

                                    SHA256

                                    b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

                                    SHA512

                                    8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\73c43473-1ce5-4c66-9867-4d94053931fa.tmp

                                    Filesize

                                    1KB

                                    MD5

                                    0031bc8a904f354a73ee37829a3d76c1

                                    SHA1

                                    16bedff6cec0dfcb099927b9b027c1982446c31d

                                    SHA256

                                    f6e67cdd9df5e0c10e87a13debdd8163c71daffe0f08fa32c8e0981fa3600ced

                                    SHA512

                                    1c984417fcbbf0a8a658e2e44ffe033ada3bfb7b77cdb4b27fd695e4b5d80f9f8fa7b207f6df867c170efbe1f06b8a1c3d6aba7a6b1faac2ced3c013589e7c5e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                    Filesize

                                    103KB

                                    MD5

                                    8dff9fa1c024d95a15d60ab639395548

                                    SHA1

                                    9a2eb2a8704f481004cfc0e16885a70036d846d0

                                    SHA256

                                    bf97efc6d7605f65d682f61770fbce0a8bd66b68dac2fb084ec5ce28907fbbdb

                                    SHA512

                                    23dd9110887b1a9bbdbcc3ae58a9fe0b97b899ad55d9f517ff2386ea7aac481a718be54e6350f8ba29b391cc7b69808c7a7f18931758acce9fbf13b59cee3811

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                    Filesize

                                    44KB

                                    MD5

                                    4670305c7a91dd7d819c49e11aaab673

                                    SHA1

                                    c808a80f512a23d3905909941e4cc9eb02efebf0

                                    SHA256

                                    5043a78776a6f0ebdf75562b965cc86893553f30efc120e5647d8b157629447f

                                    SHA512

                                    05bcece1cd9a592e6a6c9e5a80f4f019d1a4d57c9949db4a5b9296767ad8f7e360a5fed197c068b00156bd43daed98e7cc05ab8e62e13e568bd0bb015134c7cd

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                    Filesize

                                    24KB

                                    MD5

                                    e0210d118b3139c5c77b0a3cdf07240c

                                    SHA1

                                    520912218ff8fb26d188dafe6eb7d53e4a1347b8

                                    SHA256

                                    09afbb320f0230e85ca0b2ad49ca106b3cc9bbacd2e45bb4e8faed3a3fe93444

                                    SHA512

                                    dd11395f2f830af1571beb0293e78a4ef01c252371194bf0e8154d6494d951e44b0e34219ab52ec8cc8ed47eed88b99592e9fbfe2c8d4cd65e26faa257a64550

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                    Filesize

                                    29KB

                                    MD5

                                    ff122ed83c65b35220660f38c2fa26d2

                                    SHA1

                                    f99451f4b2fa18429253c8b80209900bf711e8ca

                                    SHA256

                                    a0b52734f27b7bcdacf0d69789bb34370bfc772019a37ec52a3f62ea60f83dbd

                                    SHA512

                                    482afdf9c42f5277ba8412746ed79d2a9628d1287b53c7ffdf4afa3c71adc3368bdd1731b45104991a3a500451c9f02a29e0d15387fd706ff22ff0dc6869bf1a

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                    Filesize

                                    42KB

                                    MD5

                                    6de364539a9af501b74eabfff2208dd4

                                    SHA1

                                    69e2cd44916c641bf41b993735631429ceb5d38a

                                    SHA256

                                    1b6fdfb416fa4f9a22097bb18854c2eb537099cab843d5f9af6d926ca2983f0e

                                    SHA512

                                    9594134fba6af01946a47c45f1f7177f6d98486e405b0534a205c7fb15e43c9b3837a07c94f65bb62b1608fcd4217a40ae372ba44e895180aa7c1c13fb9bc592

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                    Filesize

                                    28KB

                                    MD5

                                    4822866d4c91b49688d1aa044c61c38b

                                    SHA1

                                    2900419a1825af3cdb1d7c0d535bdbf80db75bf2

                                    SHA256

                                    96ca222cf1dee023f076455b179662edfde1222cd7e78d805a0c013404f773ae

                                    SHA512

                                    d15905afff90097c0fd59bac58b2d02743796cab71af6da9af66666888de932760f21212796320b71aff98c2ff108d5bed20b2a2400926862746a2ab29479102

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                    Filesize

                                    59KB

                                    MD5

                                    99adec199701191fda80529b0506e475

                                    SHA1

                                    ba63a6135825ed9f463762fdb1fe8e4a3cab26e7

                                    SHA256

                                    86301cee42e07c559f6e99eb7e7270015f1b0617d1169feb1310508d4c6e004b

                                    SHA512

                                    c4ae0733870ef45a493685a3871c77dc2f9373d6104b429d38d508b5e6b0263114b0680e46e57ca20dc236cd45a4f6be4a1d1fd54945015f6bcfbd379e911267

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                    Filesize

                                    90KB

                                    MD5

                                    97a09aa4f4b80dece35061510ab8969d

                                    SHA1

                                    e5a6e838772cb4e8b7bbe73a302f71bb972d51c2

                                    SHA256

                                    657caab3365bf04728d83c35c710ed890130a83ed11c20333577eea591a662f4

                                    SHA512

                                    c4e05c200de14ffd86619f1fe99c78ddba58b22acdd61ea0260cd291a6283bd446b54d882b40427366769de76b56714bcb546330e7de96fe10a8ef49bd7e16ed

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                    Filesize

                                    88KB

                                    MD5

                                    52a30eaf6f9171ab42fa2f4e746529a6

                                    SHA1

                                    d25e9ba467ba0c46e4ecc225ccc0b79603a15f3b

                                    SHA256

                                    cd627d2c91ebd8d52e0d75635ca44f653d48fb54c87686c78d698cf73e2f08ec

                                    SHA512

                                    e6459aae6da09e974d4c12e9e3c0eefaf072042cd8f9c0c6168d4a4494212e7ef4f89459b25fd4e4fe60617c91b3b274e09b10326e031ac14611eb86f41e2b08

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                    Filesize

                                    69KB

                                    MD5

                                    8226327996a67b56d47dbca42620a75d

                                    SHA1

                                    d604167574ee91bbf5a6e0aabed7591fee1cb41c

                                    SHA256

                                    70ac272dfb3bf6e7cd5869a4099a12670dd6762e76bd73df23858cde219e6afa

                                    SHA512

                                    959ffda13bd17451bb153225fcd72edea4ba3b0111d0f80d41f46da3e718127bea5f1a1674fe13840d8c0ce3fa5773bb8dee62b64937eacc16248f329424d57e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                    Filesize

                                    75KB

                                    MD5

                                    0049e2c4454a1b88d7e5232ce501274e

                                    SHA1

                                    562dff86ef5302b31a35f3335b94f2120f83c3ea

                                    SHA256

                                    97977d6df3ba89444d76c5a05e1923ab4722e3c4a9c8d04cca207493fd2e5532

                                    SHA512

                                    34addbbd3ebc57bf1b6c39d876211d8756bc74decc658c8a64d253414b93ebb7b394837ccd7b2fca7772794f114443548f7b98c8a023cab3a286150bc8fe7ec6

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                    Filesize

                                    76KB

                                    MD5

                                    eb16410f866b6cf5cc513bf6b819ec48

                                    SHA1

                                    3da5f40612a7fab27bdc7a549c1620d8c9da1c46

                                    SHA256

                                    c3411130f6b8437a380157650c0385dd88e32055c9b3c56a624f768a3f144b71

                                    SHA512

                                    9e616c3d012740168b3f27fd223d6e8c296a3c2707c6b843ccc043aabc5ecbc1f2328296e68435d0fd52da7de3ecd0ba485e233b53c7b762c3c5f15f3df0cf80

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                    Filesize

                                    20KB

                                    MD5

                                    e68c49fd30b218d571e5435773c46d89

                                    SHA1

                                    0107595579b3d17c8cc585b8a3b08ca7ad1814b9

                                    SHA256

                                    d1fc73a52c9ee2f44fe2bb46b0dce37af0a9709bb1c1c2992bf435d3aad7bda6

                                    SHA512

                                    ebf8476180427406119f6760919be8983f1fa322df3982a8fd7d81bd0b26ebc4505048d4e4cc281aafeb5046211c458637f11e8911a8fcd277019ab7e1c9e247

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                    Filesize

                                    30KB

                                    MD5

                                    c3caa237ff99a1e55d7fbdb3f48b10f3

                                    SHA1

                                    a31ee58ddeec33770613cbfb6f7418cd94e07ade

                                    SHA256

                                    13a06d8b3e97713b984a16b8dc8e4e80fe59890bf88791aca961e8a54911fe93

                                    SHA512

                                    ed93ded04db5accef80e0fc3d45197ff8a0e031a23a901ba2cd2611d4ec96bd6208c9ef7f0ba79e3f0b9beaf927b674a7dce1fd1f58b3762fb70476817271230

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                    Filesize

                                    29KB

                                    MD5

                                    8e0f49ff0058ff253f619fbfbf98e1fa

                                    SHA1

                                    c78b6d53070115a4f8857e8da6ff553f7ac4d249

                                    SHA256

                                    124597c56f49af7cffb3ef5af236818517d7f161a0acc7b01ab9ea7c91ffc60a

                                    SHA512

                                    e18e40004505259cc1cce6753d17bd95c4c548484554d5b75183cd7efc52d881516724b2f18854f065b24785ad148bc649ab70264f09285dd9f60b83ee36b718

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                    Filesize

                                    16KB

                                    MD5

                                    98a40c8c470ae90cc0b4a98f6ce1b098

                                    SHA1

                                    1945e33ae2c38f1e9674fedf1ef04be4c38dfb96

                                    SHA256

                                    4ee0281d84d19968f80a64330eea984cbbd7e661ef8afc3c88f644845f16de77

                                    SHA512

                                    a4150fd695f8c585f4a512e3c8b61730f8f278f15e3e2e4826c538e2aeea82c666d80ac78e563393a181376f79f0ff77f2f3f04baf758e824a58fde953a9238c

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                    Filesize

                                    20KB

                                    MD5

                                    58e0653b41ac9a6c6b0c9c1130dbc4f5

                                    SHA1

                                    76e2fd8d83ef892b9e1d7b6499d3c2fbc6636197

                                    SHA256

                                    515ab1ab1fd5d82a897f7c0d7401107f83b91ba3e3fea8c47650d570c4f78663

                                    SHA512

                                    3b04b61e42063a6c2483ca94c737220ae52270579e659980e968a794b5c56d8658e2f0166cee09d3bf6787b0ad271f8efe37fcc68501f5125bafd4be3cf49f84

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

                                    Filesize

                                    18KB

                                    MD5

                                    037f9de0a742704d765a90aa4b58f1af

                                    SHA1

                                    348829c107d3eb3b23bfcf1a7e92832d7aec2ed8

                                    SHA256

                                    253e4a067210ddbfc056bf61229e579d4727a0cda8e89ac373c87a2bff323ec8

                                    SHA512

                                    a7b4bedb88c4791008f663842426e69acf98022b95448f62c8f20babd34a46850569a00bd40d78eab79a50b03f67528c26d70af9b0fd73cf999535db99207e70

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                    Filesize

                                    42KB

                                    MD5

                                    cc7ad65e0558327d8fbe8ade40ab94e8

                                    SHA1

                                    6c153e9bf971f196db25cb2cb3b62f77f0a1299a

                                    SHA256

                                    956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30

                                    SHA512

                                    0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                    Filesize

                                    39KB

                                    MD5

                                    e1f6e032096b2924e561c3928b9dc73d

                                    SHA1

                                    f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad

                                    SHA256

                                    fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8

                                    SHA512

                                    b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

                                    Filesize

                                    40KB

                                    MD5

                                    f1cad4800853bba09a023250de102801

                                    SHA1

                                    76e1a6ae10ac4db2a3e4e8bf6b7edd692c4537f6

                                    SHA256

                                    e73ceb9052ea848498daacd8a9fff37846cce47324b38df12e9dcf0bf25d2e3b

                                    SHA512

                                    4e869ccea434e71f03ab513b3aa6212da3326cb9625c467b782df48367cbf5c69fb8a073d68180877cfde2510dbe74670046b897125b55f013fe595bb7d3595f

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

                                    Filesize

                                    42KB

                                    MD5

                                    b715a5dd019d1b8771a3031ff85c972b

                                    SHA1

                                    5768744eb85d3137d094458e4b7842c1c5c526cd

                                    SHA256

                                    e9ca7a8587bb3674824a28a8a80836e3483dc3bbe97c658bf7c984c5b424920a

                                    SHA512

                                    22e09e48a13ced3a3cd95a5f40b5e9ccbbad8abbd0d6af7dd4e411d63c662b09f1ad2453909a6c7a0d0ce34f250f2fbf0d7f076dced281f133ab7f21d2008d1a

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

                                    Filesize

                                    4KB

                                    MD5

                                    039a7e58f2eb8ff817bb199acea58f85

                                    SHA1

                                    e4e0091eddd50232ccc7e65759efd5f6acc9a04b

                                    SHA256

                                    a9817d48a460fa53e056b336bbac3d1e598f644ac5e774798e244bff6d08326d

                                    SHA512

                                    b0dcaf63c4fc19c804fa981ca590c1e2b62c3f9685a95af44ac2e2c93eb6644221b8fe1249aeed90e885804f12b17cd5ee7c717ec070b9e08a57b79e0ba00504

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    4KB

                                    MD5

                                    65bf8295d4d7f99d34e29d76150c24d1

                                    SHA1

                                    e06f97f47c808616903d32c5ef693e188c938263

                                    SHA256

                                    d8492c75aacfa2790238320e2ad6091c59ccb82019437b5fa8ba762544cc2b4b

                                    SHA512

                                    e52475d1bb8c60a171d8307464ae2268dc2ab50525ff7ef7f40607e07c194b55c121c8c9dd20fe5d603773caf43d04ab0ff32268f96ff4ccf7586e1ace390c4b

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    2KB

                                    MD5

                                    fb79a1b50dddabcbc976bba7f94447bb

                                    SHA1

                                    6d4eec2dd0c9af469abb7d7e5d565e1c745cb0e2

                                    SHA256

                                    8f90155955ea7f455f463fc1ac5abf0b52db8cea7e557a601c027df962b556c2

                                    SHA512

                                    264ee07e334df652003904372150cfb1e759e2a658f86989158096c9026ecac3cf5657491482e1b9b6238547f15fff24f9c5d8f77ef0d8468907f68a729f32c6

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    1KB

                                    MD5

                                    1efd28188bd94b222b85a7e36e9d6cab

                                    SHA1

                                    7266581476da80e6ec8ba4edae6c36cc60195b64

                                    SHA256

                                    77f847b5af5f018ed1879144a903de26144ba2bf12e850102ea5884eefde7039

                                    SHA512

                                    91d77976a493d4d1c3ba4640bfc9e374064f8e4dc2ab098a2e5e44c04d7700bb0c4a080fa37b9b457f8cffeb3218c33b33f36012e190f0635344950a1c9e8c38

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    a523f75c16efaf0f73359d29a4ed1535

                                    SHA1

                                    d6334f97a11ab99022d054fbf2f6f366ee0bbe07

                                    SHA256

                                    f7e3911437076376767fc33678348c5eb38ee58a7a74dbc60d59cd780402c0e5

                                    SHA512

                                    1b491725f441d40a71383dc39a8f1771f56e5f0339763860d2c05b006cbe5621669a09e47427417c27cfabe7fcd7456057050b57215d593f618a064b877db394

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    f9ad296e3ff499477219f8db4731548e

                                    SHA1

                                    52e7920208fa19308c4c98a7c991c02b32a8f4dd

                                    SHA256

                                    58d0248efef6d667a6c23f4be115c5244397bb8e0909e9e9f779f0804fa09d38

                                    SHA512

                                    ac4d76092767350deff7fb2bf4fd0cad931ba0468d33a2d6537569dfd409aa461ddaa2493ccf023d745a35aa7f9fe2f8430bbc7d4e5333b48f2ec216881c5833

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    283086ab0200a23eeac869e2d5acee19

                                    SHA1

                                    79b71924b76c08f1dc31fad53ab7cf09c62182ff

                                    SHA256

                                    917013e0c089ca470de13b50b070aa1f90b37ce0c83cc464e13ab7f7f093b72f

                                    SHA512

                                    4044f84393b686c6f9d4bb4d0ef0382881c2873ede8bd0500ad59661b3d0f60c4359d1075ba720828ec72d6073978290b994886e2a0d1c061bc23d0f1b1ea9c5

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    5KB

                                    MD5

                                    8a603b94f3e00a28711aa92d047a2731

                                    SHA1

                                    f0b98ca0d2f95defed4ac595cc74c0fada31b1da

                                    SHA256

                                    66c3cf9d9b47557cf77b50a94b509965cdcd384674632d4c6ef0694304448983

                                    SHA512

                                    028ff61ead079c8aece5c018aa5a6d492d177696a99ccaeb359c36206efdbfd8f5cce20630c94233a82da72e4e18c912a9cdc03e5abeda62612d2a408692ccd5

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    e19ad4afd1496f32923f4fb9e6d44842

                                    SHA1

                                    1b0ccb6d38c6d466959e00eb35c2dc21d6f799bd

                                    SHA256

                                    789130f1d69aa1efd15abb0f44ca755555f01b6342ec7c3d48ab942b19a7b698

                                    SHA512

                                    8245fb627534b84d4be36870235d263b3999a0b68331fc3146ec8d99b805828bbdb593deb0ee70a2074699c8db50e7b985d702d06358722a65a90f395f8acf8f

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    0df11882f845a30e78f36c47eab2ad59

                                    SHA1

                                    eb45bb88f7109b6361e4993f23009455ff03dd37

                                    SHA256

                                    d1e05cf64b6330b5cd64cc44fc343e6c2b09ad05b2fc751b60ef34ab61901083

                                    SHA512

                                    7defbaccc9d36ad2691dd073e2b5ccf94ad626e0871c514cfc7ca1c3b07727281780add315e39d5a66161a7fbdb6ce8fa3b48266fa110c1776058133cf875b2c

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    11ed1d624c897deb3ad2bf852bfa0c1b

                                    SHA1

                                    6dd925300f35553b294d71ac6385226d1a3f95d9

                                    SHA256

                                    3722d341c6000afc2c82bb4acdc59a714944c68fac0610bcd303c6d1a0dc10c1

                                    SHA512

                                    055be93c6c617a203eb40ffe08f0d6011c5544da8abb9cbdc6ab7adda3efeedeb945933e0b9bbd4c0a933471cf57c5e406b00b06d7dfd76f4ddbada60c2bff57

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    c019bdf5514e79daa6efc331235b007d

                                    SHA1

                                    d603f25c9308e8eab032ece2aa16384091910627

                                    SHA256

                                    245c2848285fecff115f65aa2312620c43ee1cffa0b72e83274f420a9874fe4d

                                    SHA512

                                    9e8e15f7b4129dc19bedf2c6ba75f99acc17c1c64f1c45252f089006187956bcbe400568a7d7bc09d64c0370de7c494a71e724985077f1aae8979706f0822392

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    f6358ffea0e73f00035385481ec21af5

                                    SHA1

                                    dd6f5457396aa20e511548688385aeb9dd4efd5b

                                    SHA256

                                    b21705a9bd9b4609e9c5b1eda549b0143a371e5dd8e82131a8a772f8706e3d84

                                    SHA512

                                    dadd4a451927fec8de6f5665b3818f204060c32b187574725602c20d188678c32fcd6c7ebf3b9dbf3af68542d1b20f447051ec4ffe54830d1ab6d87052ee3455

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    d3387e5f03d256523890088f15d8b892

                                    SHA1

                                    367c9477291d5f0c7d6ce348e56b3dca9ad298f8

                                    SHA256

                                    842ece19a915308fce66389c9c6a09910fe76fe80918f7d9cf5b702aef00112c

                                    SHA512

                                    a96e8560ab5f923743e78a5c79a0431bcdb5126e390f51cb5a0aec747e91e1ebc851bf2593781df89cb0bd68f56725dd2c2b5f3f527655a21778c206065d729f

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581279.TMP

                                    Filesize

                                    1KB

                                    MD5

                                    5b3ce8839f1e561d4c0b3c6dd59447da

                                    SHA1

                                    0459207f3197fce929d428071eea7af642daf9f9

                                    SHA256

                                    07089ea1afb1dec5e11700a32786dae0e1be707f2f9776e7fbf04ef8523a256f

                                    SHA512

                                    27f9e412f02902625d062c9ec45291578a21eb8a6f993f85a79ff72260d19cccf087c8d551fa4ceef0276934d4076f23b9937f6e41ac7ed3fcc5440116a1f6a9

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    46295cac801e5d4857d09837238a6394

                                    SHA1

                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                    SHA256

                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                    SHA512

                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    206702161f94c5cd39fadd03f4014d98

                                    SHA1

                                    bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                    SHA256

                                    1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                    SHA512

                                    0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    10KB

                                    MD5

                                    8d6af0cd04f08cac43616692ef3a1bee

                                    SHA1

                                    a9e2905e72e792265fb2909ead8b72166537bec9

                                    SHA256

                                    0a3dfe9fbc29cbb9816d7ac4f96e2551ecedeed74e1943b6d2f687080dc53264

                                    SHA512

                                    5caa9714cca020e7299d50cfea71d22a2646bbffa8fd8d94ab1d31bf9124e0c3763f06f39226efb76cb80df4e6e46c10c73bbbff28b487494a12a7a498603448