hxxp://steamcommunmutly[.]com/gift/activation=Dor5Fhnm5w

Analysis

max time kernel
90s
max time network
89s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
25-12-2024 02:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunmutly.com/gift/activation=Dor5Fhnm5w

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3144	msedge.exe
3144	msedge.exe
2124	msedge.exe
2124	msedge.exe
2440	identity_helper.exe
2440	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe
2124	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2124 wrote to memory of 3892	2124	msedge.exe	85
PID 2124 wrote to memory of 3892	2124	msedge.exe	85
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 4492	2124	msedge.exe	86
PID 2124 wrote to memory of 3144	2124	msedge.exe	87
PID 2124 wrote to memory of 3144	2124	msedge.exe	87
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88
PID 2124 wrote to memory of 1580	2124	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://steamcommunmutly.com/gift/activation=Dor5Fhnm5w
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff84a846f8,0x7fff84a84708,0x7fff84a84718
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:4300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2796 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  PID:3264
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,11295424625431145042,13523884762076721710,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
  2⤵
  PID:1480

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1408

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8749e21d9d0a17dac32d5aa2027f7a75

SHA1
a5d555f8b035c7938a4a864e89218c0402ab7cde

SHA256
915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304

SHA512
c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
34d2c4f40f47672ecdf6f66fea242f4a

SHA1
4bcad62542aeb44cae38a907d8b5a8604115ada2

SHA256
b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33

SHA512
50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
65d0cb9f87510f38b14e7cb15668505b

SHA1
8306db9b963eb66d6b8ea164eb669241dc7e223f

SHA256
d0aa1db2c33ab7bfedb7e35341ae4d341e6e61d012ae77a95533dd90b7587abd

SHA512
a23963846f42ea48b8621f61456a4260510f35f5574e65a79f2a8a63df62853f1cbc61d0779d8f5bd0fad2e6173d74ac5e12bc5029122b7919d282eeeb7f0d09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
9f2a582dc28b9bbeedea65099afa3f8f

SHA1
45b7dcc9f27cc7d2dc02b7a31708694913cef35a

SHA256
5207b3559ece0e1ec01d01066eb9a3b81d58d520799f6deb068b27a5139e6754

SHA512
54d206158f9cbcc561af43d2c5a0a9ce917f68c436cacd761b5d38fdf288704f833d93a2f1d1df4903174af2701793bce865f72650884af8f0931b2faf0cbcee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
d787c5271d36ec8419052077a3c8c3dd

SHA1
bb7cdd20222c0bc648c784c3a92c2fc7c8b83d8f

SHA256
33f85a1597e6e0e56812a3614304ac61c7ae0e41d5b5db063e6bdf0528ad208c

SHA512
05c1eb145a18a1797c807432971d163d7f4f15554a543077c432aed81250d0355654c197bde74d3c91b09bfc760c74822df2aeba969057bac911164b95b28438

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9276439c5619e73415375c3ca598284c

SHA1
c14b1162cfb2018e3c0189da277d9742e14efe65

SHA256
6e987922c75978af089345c742fbe606bf76724e313dbdf2ffa73a46d039e018

SHA512
50943ca407ce4cdbbe01bfcb0c7f9937bb03a5f51e130bfcb798b86ef9e19e93e45f77f8a0c22499836f7268146d84c1ec505abf89381d1a5a1c4ebaa6d807d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
ed80bdf0d768c23a60ec71660569a20b

SHA1
37a49bbd674a00453f8f5db9bc04a640c279461d

SHA256
7e938d607ad940d4ad5590fc2d94843bf48ed622a3983bb4c6e9f95eca4ad570

SHA512
fa4c6ad5d772206f5e9a1810f180cec47213bdf47b4d7892ba86da0fe0f92ac39759a94e711f65710c30a4674036bdac9a320080de9b407c032f9bb8a70c4641

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
5209c099b932dd3c0214c94165d1fdc2

SHA1
e1f9a0e5ed20beb61bf37c42dc7fc26f42cd220a

SHA256
b70e8088a8df89ed6f3f376cd3956284971101fc49f552dbc9107024c84719af

SHA512
559c7aa6299aac47f01a34a6f44f3881a0f104070ce712542a42af058d3b7b225651a283fdd3454f0f8703f6200c1d0f04b757a892d9d88c62525cb4a27bafcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b56cf67cb74333c8c06c34fc1fad7d98

SHA1
d041beda741e69d2278b543bc8404fba82521b06

SHA256
123e02d445c2d00dee1218defc7830c208eda9cd615a5393677441685e7b27ec

SHA512
81d6501d5e95cbe64a1a9bd02f6fc8799ec4d4f44fe7bbe96d551c60eb6cc0a0364e4eb72bb69aa10a4523e684bef5fe86ef2875b4df1751f4f0a10bcf7464c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
068491d9c527790dddb4a087fd701653

SHA1
e181e0877d08f654b1226bbfd7ee7a18fc1891c1

SHA256
560d3caee36492eea3a06271cea4abbf8cad0bc041334c03645fe0b51346e97d

SHA512
0d5e5e86a1d02bbc1e00b023307fb8b672a2d02559642a751e1c63933a2b09ddd789dd83199347dd230700ef6963fc9c2e3412ffef9a3dc1186b7e064801a178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b4e86d0d32846111a537044d37ecca8f

SHA1
f0936d441aa9433628fae1b331e6b6986124b084

SHA256
fccde9d8158ffa0705673c01c627a95ad46ba8802352986d58686179a2d0ce7d

SHA512
6f5bec158ce4c657624497e043a3fb36a27475dcb5bcdcde83276fbcb89fa9faa0e25af92815fab858511b5e514ccd9ece8b43b0febee32b1f95e7ed15559419

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
238a3fc392613098831b58d88a42af69

SHA1
9876759b2dd79d8ce3e2a5143736c424131961b2

SHA256
a2ad027b687e70b6346af66b62a8d2124885c36c58f032a6c0bdf45f858bd489

SHA512
511231f9d0512770b788286b064d6b39bffc5d74ebd15ef58a55ddd8d4722534161e31bad414b19f2e82ad50d49f3885ec84b070e1afb684a9f83babf15189e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583ef8.TMP

Filesize
876B

MD5
793035a0b39d2a0968472099b4c28702

SHA1
b1013f33e2fc2b3318616c15678dab3c07ebb634

SHA256
4a0fcadd7a69063eb64a106320a2cf79a5c08830bffad45c49d5330198f21c97

SHA512
7cfaf10f3be2de12ac8b498b41af19ab65ea3037c9297ede72b542d9d5a4c6725e4adc2d01f07c87412abac6c24c3779d3174b38546f963c4bc56e34d0f6af88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a92d23e40166934f41314618fd2c335e

SHA1
944786b4f4f3185abb3f50ddde720ee99aaf0648

SHA256
dcfa6c6cc8d946eabc520c31edf443921c8432c48146f95d6178f12857ea0974

SHA512
2f4927097ec0c07b467b607f9fd83da9ca4321165c4e5e2e125efe14e06b4e040d71946491585e8cc44abefbee6d6900c6f35c1a1f2d37ca86e707542e24ebb7

Download Submit