Analysis

  • max time kernel
    171s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-12-2024 07:11

General

  • Target

    https://shrt.lat/AEucq

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://shrt.lat/AEucq
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1276
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce88746f8,0x7ffce8874708,0x7ffce8874718
      2⤵
        PID:3092
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
        2⤵
          PID:1848
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1432
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
          2⤵
            PID:2060
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
            2⤵
              PID:808
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
              2⤵
                PID:1232
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
                2⤵
                  PID:1560
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
                  2⤵
                    PID:1484
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
                    2⤵
                      PID:3480
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
                      2⤵
                        PID:4896
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6124 /prefetch:8
                        2⤵
                          PID:4936
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6124 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3840
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
                          2⤵
                            PID:3820
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
                            2⤵
                              PID:1784
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
                              2⤵
                                PID:3416
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
                                2⤵
                                  PID:4936
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
                                  2⤵
                                    PID:1384
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
                                    2⤵
                                      PID:1232
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
                                      2⤵
                                        PID:1784
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5224 /prefetch:2
                                        2⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:2296
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2196,9632907359637659369,10386612825924330083,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4988 /prefetch:8
                                        2⤵
                                          PID:2348
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:2084
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:1976

                                          Network

                                          MITRE ATT&CK Enterprise v15

                                          Replay Monitor

                                          Loading Replay Monitor...

                                          Downloads

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            dc058ebc0f8181946a312f0be99ed79c

                                            SHA1

                                            0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

                                            SHA256

                                            378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

                                            SHA512

                                            36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                            Filesize

                                            152B

                                            MD5

                                            a0486d6f8406d852dd805b66ff467692

                                            SHA1

                                            77ba1f63142e86b21c951b808f4bc5d8ed89b571

                                            SHA256

                                            c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

                                            SHA512

                                            065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                            Filesize

                                            52KB

                                            MD5

                                            3474a52ca663a53e51c4ea29b770accf

                                            SHA1

                                            1f8d23ccf9ae0941d36f86196c163c2b4ea3b9c8

                                            SHA256

                                            e254b813292531c845539d0b726a38e39c7688a0e22850f6dc61c84d32f584d6

                                            SHA512

                                            139032d42d583ab73f39d3a0ecea2718914623734b87d214028fbb3d0d0f3d73cd43a3d24b289c2ada11f24b1f4606b82f4763532c74a4caaf8dbc6cd8df6e28

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            4KB

                                            MD5

                                            1d066aa18bb1a9a8985f180c1c913977

                                            SHA1

                                            930055f9abd82d087b80c60b108f82ea5a5136a7

                                            SHA256

                                            b7525a6e31ffbab4e3bb023db47ac5f646755631e6bdc27b3bd34ded3fcb3b42

                                            SHA512

                                            fcae1467e592867355a804b8c7625d802851f35b1a999bfaceac6bf52b78aad15b35f3a35ff351a48a787f6836e1fa114b32e1432d7c8c9d14c0f4b3caf969b3

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                            Filesize

                                            5KB

                                            MD5

                                            26c44448cad368d9a2d363b20d5bc7fd

                                            SHA1

                                            a7a1dcd7a53d99a4611291fe8bda1f870de34e28

                                            SHA256

                                            fb50bf50554e2a0432361ffb9ed4c6ca194feea9b45fc64ff91cc2a5f185d5e1

                                            SHA512

                                            26ad6da52fd185ccecf9ead88478b34dfcd6f585ebf7940008cb6b1877fd7d1a3572bf77833548a5b87a5892a545025306c86fb0f4a2da64dea56bcd81d7643f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                            Filesize

                                            3KB

                                            MD5

                                            75802633e5720b602c43528d3ac21c68

                                            SHA1

                                            836030cfa827bcf8de4355d2c95d9c0b8fa07848

                                            SHA256

                                            affbd510e1d944c483f6ab10ffe8b0d211168568caaf7dec510c1784c1834452

                                            SHA512

                                            e98300c9e6ac23ad17a50946512633f8e5effc37180e3117a86752f3dacd49f9430b1dcd4dbbfb15c20433d443a0b76795d8d3614669af48e7742d6caa86500a

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                            Filesize

                                            3KB

                                            MD5

                                            db2c684a774c88dbf5b3939907b6b55e

                                            SHA1

                                            d29dc6da2bef8c5fc4943599ea6b6d7ee5012ccb

                                            SHA256

                                            8fc1aff28c5b608a78de632e7571f80f30c73127db5c1b364db0826f24ab87b7

                                            SHA512

                                            f61199e7eeb5989a98b4a24c80ec15b47f85475ab22de84964cac6c04dd143f6c5fe18207b34561acad9316ce80c29a759553f3962268f49591ca1d8f6fe34c9

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            7KB

                                            MD5

                                            5352ddf6aec83884ee4ace5a97261ad0

                                            SHA1

                                            7e013add37412dedc6a0c68dcd6215e9b3bc6869

                                            SHA256

                                            07e72af63b08a7f57db16e2778b34764f3746fea9cd1197d4b3f1cd1e5f61b0e

                                            SHA512

                                            abcff650f3aacf30ff230e1dd2a68c36cbcb693601c23e5e0b90b2cd89ae29148488fb1cfdc00cbe0e66604f9779e8299c2bf2f168698029bcfa68b3a0d2a142

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            1abc4390ebddd2b4020564982424cd37

                                            SHA1

                                            4acbf19640a5ba7e6d524c667ce1d44801452d56

                                            SHA256

                                            a7ce20ef61cbf7662a1601b344a8f8e571473c98822d7367dbf622c11962d560

                                            SHA512

                                            6ef58bb2815909d5d8699004c97460d4ad44e4625e3723164268d195e163ceaac0339174ece35ea3177734b73d1663817f4b034df22633256c8ef5d9e21d2202

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            5KB

                                            MD5

                                            02db607104f308c8d2a7c44fc74974e1

                                            SHA1

                                            8cdf41ae1cab357a388b4a6177bfc92ca8e5d675

                                            SHA256

                                            82bf8389ee6f48e29ecb925184e9b4ab2e1b6ef4149609f701e7ecc7c15fa2ec

                                            SHA512

                                            933b40206cba46159b6620f20358da79618333bf1c8c85c815e4e7eaf86473d57fb80a04fd760f9ef95071a5cf4699ec9221a2addcf2db2eec327c0ae1b483b2

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                            Filesize

                                            6KB

                                            MD5

                                            3ddea30343b09b87b5c2c0793818874e

                                            SHA1

                                            8186938df8d0d027448d4aabab50bca41d35549d

                                            SHA256

                                            6078af9d844b39e909f923b936307b2b87eeb586b0dc36bb2e0736df712d6221

                                            SHA512

                                            f1e4f43c7281155ef01d09fdacc74a079f4264931ce98f21b5707cadb1b0a7c36eb04d1f5400dcbaa09f3a4961a8f9a383387cc4860c664f7893e508517cc611

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                            Filesize

                                            72B

                                            MD5

                                            0087f239c71d7bcc72d758f0f0a328ee

                                            SHA1

                                            168c3f2527f1b698e3caf8f59b90c4d1482c215d

                                            SHA256

                                            4203289f29cd42cbd676de80ffffb562f2e935d4dd35416d5d639099e9c71dab

                                            SHA512

                                            e4892dd5a980ec1ab714c344df38d74a2807720bac9a7286364aa66896478deef115429311068064f5faafc9a8a598cfd6af7cd9e2faf7122a51e63980f2137e

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d793.TMP

                                            Filesize

                                            48B

                                            MD5

                                            78b6af05cb1deacbaa85210bebd0b898

                                            SHA1

                                            157ec206a6b07578328a78a2317cec2d7e1eabcc

                                            SHA256

                                            475e381610097ca30cdf156678fcca712dcf341a602b3928917418f0d3deeaca

                                            SHA512

                                            26be4a774569f8b3e2c6b7086de35dde69e96abf34165aace3c2a61d60f8a56e8ae18266d08593c4ef24704f2b704456f112e4e1eb2a0c7c136102346c54964d

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            590f7f4bee3a0296f3a9ce074521fb25

                                            SHA1

                                            68f8b5e75d0a7a3be6688c73c82c2efda17361c0

                                            SHA256

                                            9a6f8285f965587fe493d4e7a4c2eb83e15c864998f357fb0e161358a202e522

                                            SHA512

                                            6efbeb81c418779c6da7ae5ca0648a65846f1412ec8f76d705f3980fe71895438ae3e455a2b67ebaacf0ab08347d4e6ff2318b8c1e3a642999225ac70f3efa3d

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            b4da759168b30b50fd0ebf3c760d3aaf

                                            SHA1

                                            6cc9d5b5e282e2ecb23228542ec3e2f6aad02b3c

                                            SHA256

                                            395fc075639049e21fd6d290dbc57c39ec93e8cda7e70907e4675ca78ff34841

                                            SHA512

                                            a5fe4403daf2f013cd6545c76dc7623cd4d9fa30da67641471a08848a48bd79ff3e6ee6eeec310d03bd90ddd569fa89e756e8c56f2768330a79bc00abf4b332f

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            7f24366180b7c79a1066ad55bbca543b

                                            SHA1

                                            29dcd084c1c1e02406d110e9c00c76ba09633c05

                                            SHA256

                                            40aab9d19562ef5f6d1513774ab178222cb82700e0b15157ad596e4658bfc8b0

                                            SHA512

                                            f79fee96c0eef3ea91bf8ee46e21d7892121dffbd51006960f3c8a1cc42e228c838cbf9bb015ff28b9b4bcd50050f35651ece29b93183d5516109c61dee8c44b

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            43b4d650033e1718a9e3cc2a32ca747b

                                            SHA1

                                            14130abb1a89875827661860a501788591367e07

                                            SHA256

                                            d277830c0ba0118f782578b6fe1ad31b11a764e36f071fe25b09355926b9562f

                                            SHA512

                                            83b5bc43c8ee325d50c60328b218d03b8ec3ecc549a52e8308d98bd884be33b053cb6904a79ebff044dec3dfce39a8f842873ddd52df60d92aa75d19185856ac

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                            Filesize

                                            1KB

                                            MD5

                                            f9eae26207c8707bd5ddfda36041a2e4

                                            SHA1

                                            1b55ec78c687304fc3005d16e93f828c42bbb693

                                            SHA256

                                            2eef3f9f387148af82b5f26de5331e0c761019d472ecc2457c317d934645ac57

                                            SHA512

                                            bd2f736b248c2d0b380c4c3b96121112cfa966aa96038862a61470057789268a10d80fe0e34d689cb4abb839af5080b47e3a0617d3bf6136a24dbf809a9b49e1

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cf17.TMP

                                            Filesize

                                            1KB

                                            MD5

                                            8eafc931ff1eac37bdd1f5dbbfb7d39a

                                            SHA1

                                            b295cd7e5cdc04334e21e2d97e4d8624d96abef6

                                            SHA256

                                            a4353efe0fcd26e7c8cfbef1814e727a8c8ceedc50889c860c72413a0d01473e

                                            SHA512

                                            b6142b47c8ab0a5a2b9851523f908721e5ed411e03e11da70701ce21209d18868c326194971caea5a9a4a6f00e7bc697046b0946ac8172fae8605c23a348cdd6

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                            Filesize

                                            16B

                                            MD5

                                            6752a1d65b201c13b62ea44016eb221f

                                            SHA1

                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                            SHA256

                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                            SHA512

                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f2bb47c7-48b5-488b-9b9a-a09e0e62b746.tmp

                                            Filesize

                                            1KB

                                            MD5

                                            5f0a16bc479c814e5d53cc214251ecc1

                                            SHA1

                                            5813f915013099dbd0f6a5209179bebc60b32eb5

                                            SHA256

                                            32e2e22a8421b3f6a5381b30d53196599dd8e860eaee4f2188c8f55ce95e46cb

                                            SHA512

                                            44367294a08e71efd5280fc9311ab718264db4fe0f72b06bcafb0b2e3438fbe6610fd8f31c571e005f49cf2877b9eee1c1008cf29e4f16edd536c34ad543437d

                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                            Filesize

                                            10KB

                                            MD5

                                            9d1353a96c685eabaebf06ce4ae15a81

                                            SHA1

                                            e3a03329a568d24ba16c1bfd8c50c8ae2ef536e4

                                            SHA256

                                            37c00ea8132387bed9aff9a2b7c4327ee9640473f79c685075bad53db8e52933

                                            SHA512

                                            fe446e2151028a02165b908565b0ffe7fcecead4dd79d1b189f6447ca7824d486d5ffee216025e2f069d9311cbd54283651c23c05ba23d89c325071a66465f84