hxxps://www[.]youtube[.]com/redirect?event=video_description&redir_token=QUFFLUhqbVBMS2dfamp4eWprV0trNlM3aXJfblUxV2hEQXxBQ3Jtc0trSHRuaVozb2w2XzZ6ZHBHS0U5M05KQmVaMnRWcVVlVjMyM01XV0tnSVkxTXBfRzlpd0NvSllVMjFWV3RyZjVSblFKYURjTVdtSmkxaEZjQVdSYW5xcjBnVHJxczBoZE5OSjhJQlBiTDlIU0ZodHlVMA&q=https%3A%2F%2Fwww[.]mediafire[.]com%2Ffolder%2Fwasa2zzzzqz3g%2FLauncher_x64&v=laLTBDG_YQw

Resubmissions

30/12/2024, 01:16

241230-bm1tfasrcq 10

29/12/2024, 20:56

241229-zq7yxsxlcr 10

29/12/2024, 20:46

241229-zkc7csxkel 3

29/12/2024, 20:14

241229-y1a69swqcz 10

Analysis

max time kernel
110s
max time network
112s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2024, 20:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbVBMS2dfamp4eWprV0trNlM3aXJfblUxV2hEQXxBQ3Jtc0trSHRuaVozb2w2XzZ6ZHBHS0U5M05KQmVaMnRWcVVlVjMyM01XV0tnSVkxTXBfRzlpd0NvSllVMjFWV3RyZjVSblFKYURjTVdtSmkxaEZjQVdSYW5xcjBnVHJxczBoZE5OSjhJQlBiTDlIU0ZodHlVMA&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fwasa2zzzzqz3g%2FLauncher_x64&v=laLTBDG_YQw

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000_Classes\Local Settings	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1508	msedge.exe
1508	msedge.exe
3672	msedge.exe
3672	msedge.exe
3756	identity_helper.exe
3756	identity_helper.exe
4620	msedge.exe
4620	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of FindShellTrayWindow 58 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe
3672	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3672 wrote to memory of 1588	3672	msedge.exe	83
PID 3672 wrote to memory of 1588	3672	msedge.exe	83
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 880	3672	msedge.exe	84
PID 3672 wrote to memory of 1508	3672	msedge.exe	85
PID 3672 wrote to memory of 1508	3672	msedge.exe	85
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86
PID 3672 wrote to memory of 1852	3672	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbVBMS2dfamp4eWprV0trNlM3aXJfblUxV2hEQXxBQ3Jtc0trSHRuaVozb2w2XzZ6ZHBHS0U5M05KQmVaMnRWcVVlVjMyM01XV0tnSVkxTXBfRzlpd0NvSllVMjFWV3RyZjVSblFKYURjTVdtSmkxaEZjQVdSYW5xcjBnVHJxczBoZE5OSjhJQlBiTDlIU0ZodHlVMA&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fwasa2zzzzqz3g%2FLauncher_x64&v=laLTBDG_YQw
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfcd946f8,0x7ffcfcd94708,0x7ffcfcd94718
  2⤵
  PID:1588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
  2⤵
  PID:1852
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4052
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 /prefetch:8
  2⤵
  PID:1044
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4904 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:3588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6436 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6648 /prefetch:8
  2⤵
  PID:4008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:2972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2092,6437686321978083268,2577227542677258094,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6176 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4620

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4460

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4796

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2992

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
260a9e8a6cfb7b82d494a07038351423

SHA1
aa467f09d8831601b890cb7307c833edc61cc585

SHA256
dbfe6379b5ddf8b6123d52fe7bd7978baf3d82064e8ecf75f086bc9da77dd860

SHA512
315195f2e26dfa383d01a0748b435d6f893c56ce01c7dba3a12c4378783c0965852ec4fdb7555f78e477c99836da0fb4adbbf5576dbcfb0695740165b4a00d94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7e13354892457ba4f410d86a70407bc7

SHA1
0d39e768b1ed1c83e72c91429d1642862b84e042

SHA256
091699309b3d7b532bc669591189e228a34a4d6c5cf246cc3d27dd5cd77e65fb

SHA512
7e38da6c0b60a16f9cf73ae3545a79811e1cccc13ba615c53b1d71df776b81875c2baa95af4710ed6621eabbbb0114678ab45c404c730da845d1307ba13dc669

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1552b35610c7f0a73fb77ce0d85007d0

SHA1
4276133ea6d60d9ef97bdd1f4ff7caf419ce1360

SHA256
ae264cf0db05b65419b807024061d58b0c6c4e34daa481f0c07a71bab045b8cb

SHA512
0b014db4c84384bef0a21a0b0ba0b7a42630d79d80d56d9bbeb223fd93dc7de632a0f47d7858ba7caf168d7d0346bcd02f4eaebaac6cfcfab69f5e615443f3da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
a1672d63de5c8a3f4ab83fc6c58701a4

SHA1
900f71cacdc7fcb7c725c20d7be95dee6c011165

SHA256
d7d7616e671045abd978d55900542908806d93384034bbdbf83b5252fa3e45a2

SHA512
6738e1ab8658427b15e727f36948e617977e7528737e15059af2281e66c9c301b3f291d3376d648423e13731f32009cb7ec34d1c9fba98fc3fd5bf0abf2dee7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
340c89b36d8dfef522e35c34a0017a2b

SHA1
8572f7d8dbfedbdd13a2001530d29b6c920f8dae

SHA256
9d05bff9a850e973e8c565cc2900068d3b18d07eee91d39f472c11bdc237dcdf

SHA512
e7e6e3e1e8ced5cb28fc50df0df9f41c259a580860c4adbf99cd36b9e3ea8f7d7ea6aeb8b990366f6db3da3da1073854be958ecccbbe70139f55af192790f7d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b01e2c7cfe0c51f562e7c1c438e44e01

SHA1
15407183d50f93cfcf09f664232b109cfc914458

SHA256
b1bfd8b891b65309a518538021c748ef2401c52767d445e2aa96831f48210b64

SHA512
a6dd552dc33d1ea1fb3c4672e7af82a8f84772180ba422bccd6963818a6a4c383bfcd9e0a86c9574e5a9491d36d744ca8795b4905415a8e49ff4923d1514df97

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2636638480313f38e0b079fdc14e358c

SHA1
d773993e112e8e1987f5bb14f4cd9239a5a1492b

SHA256
83c0f050d0938b6356eef4164cbf9fd57b33459d3d24394633a6226e4a51a46f

SHA512
e5b5b5e5b9bd1c85bc29e77c5535f0cf470d1d1569e24101e14dce370435763e430188c55a301937662365dcd86c481971d33feee6bd4f8a9f37ebb4d285736b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ce360af402a5f203b0d32dacd7693395

SHA1
a265ebb0001e44fc50ac4c1459df2652266d89c6

SHA256
e02ae4f7fb0c964021a8c59b66f0770d04e8646cccb9de83883b52649bb7430e

SHA512
50bfe6f9c64100eb9c7fb6b38d54cd4ec0cfdf22f5d0544553a0032129dc25a6b721824e95bfc518f9a004c7447471b1c348ba100c8e35dcbf1a414ed5dde421

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581cba.TMP

Filesize
1KB

MD5
06aeb04ba5fe941c8bface80378b6656

SHA1
2769ed60bb35f2e7c74cd3bd11892a598823de78

SHA256
2a45c832b9cae5a1fa041634f8adaa02bdc639ce3c019141e651174ddeccc7de

SHA512
26dfb733d82715fa0d19c2cb1ace0b92e51a7c60c496b65710a40b7a6149e67de4d9ac3a7c81154228d79a0bc6c260fb02e38fbe0f4e8c74a65b6fa2755304d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0f26df78a9b33d77bda2d135db1cdae2

SHA1
295e2d29674779ab510f64a93f6bfb4f9cff9f89

SHA256
447ed4d482821344b5c8c95c8b5d8a84fd022c8c4c9c07f495a55c7aa3e104d6

SHA512
b79eee9fbb7404b8b0a49afcf4d7b3d894158c6dc137137880e2f0593e54bd8ee7e730182de02d5e5a3757e0d8ec2d84e6557d14d424911e2deff2030f621263

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
011c787d5c223e754944b237145f7136

SHA1
c10e98330834b8b3b3749dca0f1562ca1f142a9e

SHA256
b60e103ac439230ad0bd643c0164351c1184209220fe5d0cc61cb0c1cef17776

SHA512
248412e824b5dee2e1532598457b1d0cb2398e1c19a859406cfdca8a10560ef0772d8cc42cffa295418d0b9accea6de6f0200c32d3db8017b1b97cf1013496f6

Download Submit