hxxp://moltoclix[.]com

Analysis

max time kernel
83s
max time network
83s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
03/01/2025, 21:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://moltoclix.com

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: Manropewght@700
phishing
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
3168	msedge.exe
3168	msedge.exe
5316	msedge.exe
5316	msedge.exe
1388	msedge.exe
1388	msedge.exe
5636	identity_helper.exe
5636	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 27 IoCs

pid	Process
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5316 wrote to memory of 788	5316	msedge.exe	77
PID 5316 wrote to memory of 788	5316	msedge.exe	77
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 1932	5316	msedge.exe	78
PID 5316 wrote to memory of 3168	5316	msedge.exe	79
PID 5316 wrote to memory of 3168	5316	msedge.exe	79
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80
PID 5316 wrote to memory of 444	5316	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://moltoclix.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc69d23cb8,0x7ffc69d23cc8,0x7ffc69d23cd8
  2⤵
  PID:788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1992 /prefetch:2
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
  2⤵
  PID:444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2644 /prefetch:1
  2⤵
  PID:5924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1900 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1904 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7028 /prefetch:1
  2⤵
  PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:4636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
  2⤵
  PID:1588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,8963847157211866537,12997520184296995721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
  2⤵
  PID:4768

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fdee96b970080ef7f5bfa5964075575e

SHA1
2c821998dc2674d291bfa83a4df46814f0c29ab4

SHA256
a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0

SHA512
20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
46e6ad711a84b5dc7b30b75297d64875

SHA1
8ca343bfab1e2c04e67b9b16b8e06ba463b4f485

SHA256
77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f

SHA512
8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
32KB

MD5
5baf258faa6178dfab1702edef67a178

SHA1
b5b43eaf8d385d9151d33b660bf54b4476987c48

SHA256
19e6df0ea7d2ed5a10f5f83005bd478f8f1d460b143df758642c807396fe935f

SHA512
25ad1c9b4c53607d1181751e85267d5eb590d04539f4c9601a7da0c20602eb73691e55fcb1df2424a7d0a305612361deb7e8c59e05bcb3c12cd2eb12ff24a3a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
102KB

MD5
5350024207f8fb6be9a2df51ea9eba47

SHA1
bc7af65084ca12b78d1f323d3d77b1e854f54a15

SHA256
21de07384d7895b55bc604a79141d7c0e5ec149d80064d1c4fb9a23d7a5076d9

SHA512
fcb5372181f55e805d7b4ebeeb442562c92d949f1be073f75876e2db675755ad4d65fe6d7972e1eaa2c31b938d8ccbfb1bf114c85a01cf27e42d0629ffc51dbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
27KB

MD5
bc7321f62fec1792b4b4b06eb70b55ed

SHA1
1ec07a8dea6ba3e7cfbcfa03fd41e4fbcab88d80

SHA256
4568f3217ad7eca8b87555678b82e4fe003aa5df2c4dd7cd27f469961b3bf303

SHA512
6fb01025e6d815f26047d4f2c0eee18a992ed550b73b4d23733b2d00c70827e1407828986c2fe13f2f08a991dc45e555177199c7f226ac5aed5323bf5436fdd3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
153KB

MD5
1b2731006f2b2597b02859e501bc2d4c

SHA1
118d27a703cef3fb083593a56bbc93e62420f30a

SHA256
59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd

SHA512
f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
133KB

MD5
04a89a61770435946fabc85040e0e94f

SHA1
a0d9585afd7348e984f8318e1312a5635241b993

SHA256
fe31f29f057e20dbb2aebb021cf1a37fa40c9dc84dffdfe3806e390c06d1f1d2

SHA512
7e117e0aff40552463497d48b8a7529975ab9ba9b6e8c29247ff02e63d1482ac60b08b5c29c95064dd6916e907a8fc5a6235344752f125e6a86c68711d42a833

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
133KB

MD5
3dc9dc52ba7305ab7d8dbed673c99f02

SHA1
97697fb9ea88938e334f23b1ea8fe7a91dfc50ea

SHA256
638e84f9ece49b03bbca7e22d769305b6f8155051aac9b9cdf6ed0d0c0e23839

SHA512
322c90421bc1fbb7bea0a1978ed328651d030a0253830ebbb9fe22cbc3f49cd33d212dd017a66f800f8b84c7a38bd04c776567dbd3437394d5f047d67ec2c836

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
33KB

MD5
91c1f68a488585410a4064f9868a3351

SHA1
34c43c41d9bb9f87c13e34e38da712da1a6bb29c

SHA256
12bb6c31511e274d77180165818f10a929748c2e46344e6681b84d656d821e97

SHA512
dd6e71a1a6ec78d19236897d29c4bd5bc544607346d55f2b5565f8ca9cf788cf78dc647b9b33861aef18f443334af72322756bdb5eeca8e0a46e67a5643b6d69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
85KB

MD5
783b3be509531758ad38bacd606bac09

SHA1
68c05e888d3a0497b8024ede223bb4a556ce2f8e

SHA256
20873f208f636794808b86a0781f60f9e9bf582796774769805828bcf51b5beb

SHA512
745f7f25a5ae94793c7a7055b34d091d17351947289cfefd44a46f2141a739b9e10089fa7a7f64a4c39f32e360df05f3be9ef872efa7dad8bee86f58cabd6312

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
62KB

MD5
35fe37e08d59a3191e5937bbf348e528

SHA1
64555d7ba585935ad7031b1dcd85e32d665c5e19

SHA256
e0050b274222e7bbe0d963be219a27e4a47fddcf1a72da32f744a04eccf91615

SHA512
ef3b2acc746dc86ce4e9d075c133e0b65277c14c6347526e25ad5ede7a0f9403478a5fc6a2a19babea02012b5770de1b7484e68c1dec64502d362f8197289f93

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
20KB

MD5
efb9f6a1680c9d3ce3abe4d5a75c7c6c

SHA1
a454374b7f43f129d4245e73c2048849a78768c9

SHA256
96919908509422207d3fe3dbdf26a7bf0da651dae2b8481c4dce4ef0812add18

SHA512
1d6fa00634b899162a4e97adf05cdb97ca1eeaec3f43bdef4412ccbe4ae560ee19073817aab38508b724f177e7942b07982acbf918750fad0385d3b5db3d124a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
19KB

MD5
0a99d52188baa798809503f2107241d3

SHA1
4ead7b0a3c413dc4a47d1685b907401b7940d27e

SHA256
4b2daff29df9a2fa76437807ca606197fdf23a4104319110361daa97a67519c4

SHA512
92f706b01f3b33478e7c399f0c7fa34a6ffa7d77e978118fa355969c0735cd10ebb3dee94f22fc786fc64901d54996cb2525e50d91999e2a77e64524cb9a3296

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

Filesize
35KB

MD5
7c702451150c376ff54a34249bceb819

SHA1
3ab4dc2f57c0fd141456c1cbe24f112adf3710e2

SHA256
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

SHA512
9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\07c38f090ffad980_0

Filesize
344KB

MD5
56aa5f66b8d3bf91c7fd9a5ccb8bd351

SHA1
15e015e945350287212c41eded751e21c4231564

SHA256
3e0c9a0ba75a5f07a7cc81dd9479ab0d5046cfc177d8fce510e5536ab741581e

SHA512
8ae616e9b510eb022eae78a138b8f944c2e2ee670d1f4c2dda311d1affcf7d035d656cf9afbeb0ea72c6aae0128d1fbc0cc06cdc49345b37dd0a3554e924b65d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\71135c8fe63bd798_0

Filesize
55KB

MD5
9b1fd61a2857cada1ee3ff6935079151

SHA1
b3fd4c054573ee7e42ffdd004f10565c4df4d27e

SHA256
ae5235407d03f42e610478df413a1dd8384f30ca34b158edeaac7d2cd418cfeb

SHA512
bde2b0ff44fd4f2382264200ae1dcab4e2d1a8856c4b67f95411ad37a9355a71007eecc317d98cdb1bde0ae847400a8659276799de8d705b4919d23a3a27058b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b92aea2846e2160a_0

Filesize
161KB

MD5
bb55c07f9b691b0df903a20cf1003211

SHA1
349dd9f5d327af459a076f308fa4389b3da4fe5d

SHA256
af2a4b7261d3cb65ece31989c0792402e686fb11ecf5b96cad491ecae73d7afa

SHA512
06af16e6b1c5a71c1f98a1090745178ffa2be30f245fbdc2175669e21f9811c8d8603c25ab811aec07b86907b62f432d8d768fa58958e4250ab69215243efa7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c7b409841530a985_0

Filesize
268B

MD5
49eb3183cf59587397a20bb3b4d24fc8

SHA1
6f64ffa7dbd278d217a87f7485aefd364a4f583e

SHA256
c991282329f5af5e4cb488910ae9eb115ca901e5b156fa6af721ab3564f2c2e7

SHA512
2732068a4ad40ebdca0bdb089cd03c77f42590a5145204ee59a94b13834b307c09e979c6f12c5b7392335233fbf6303add9039a3cadbcb73cc56e0d3a46dff47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c8e094f9274fea88_0

Filesize
23KB

MD5
ee167b50967b8bc79a774993f7dbc887

SHA1
acedddaa0c602b698283697a46551b1b20824c75

SHA256
4f80947802d797c8b9e42d61b76994df33d251b902853c7625142b0358bd209c

SHA512
38adf71b61e3cfe491573abcc5fd988ef6479b2ce8aec6caf2e01b79620ddb9f95e362809b78a6170c88bd7df44a5501f340869c7ff8dde3e8529eb7892238f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d9f763120f826c4f_0

Filesize
14KB

MD5
768d744d54e602b726380cacdd67a7f9

SHA1
f5a0661d5274db394ed149172d94980a35ffda43

SHA256
0099ca366cb43e17951fc463144849cb24426b6db1a205a1aa74c8f926eaec67

SHA512
6d43c23b3c4db5d40d69855b0b5b9e63f92cd2ae127bd714945761195759e56e66568c5042907851fb32d5cbc1e4294e10b8f52f763304da2ea1037b05b49d38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f34ef171984e2c86_0

Filesize
278B

MD5
276e3596640cd353d81f079ad6c67a46

SHA1
5be6c2e8f3b64218c0bbdef7190a8156280b8ae7

SHA256
9a562b5ddad9c3750d82333e5c14503c6e72ef147398cf933a501aff17770d83

SHA512
a0658ffa34413708ca621cc7a7e6ba87ccff70feb11593bbaf897d7450512bca4b0daded095d2b462160d71b7cd08d01ffd29265128aba87b51506183f7112a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
71ac469de772b643b7ee2f0b458d1829

SHA1
166a9219971df47baa2dd3017a13224a416df0d4

SHA256
fd7ea65fcac9cc1db5ea399063c940160e62355fb14aacd69122f4da1d3c329e

SHA512
c23c7e47a23f498fcd0ba9cda5288dba1891f5213e73fa4121a449bee51b1d4aaab119644d344e3d9b741c24dd58557cfc984d0523a34c08f9890ca17648c474

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
0ec1750beb902043ced0b782736c97ec

SHA1
858a99d0d5b67a739bc835571cf726cf6a384efd

SHA256
b477fe6fb0f32b6d7c0591128a6a1a133b4a46b691fc7e78ca7b5a6d320cb48b

SHA512
8899e9d14ca1d473bca4ddc7570db11783495a4cc54d34a9a4c97ed9ab0361d449e816244c44464211a2e251b5a4273f805cc3797e19ab7ee20380015ad3dba9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
734c1b5cbecd01e523f9f4342d520143

SHA1
b8d0c8163f35cafbe58fdceba9b7cd2804031316

SHA256
1b022d1b4e287a7caabc0a123e04fb8fd8ece007d73608892e17ecff0965ebdd

SHA512
eb19260681175a8b4cde4a1cbacf1bc5b9b6b3629a29dd0170b622bde18935d2d7d5a8ee3a3b79614ac4c801da2c1916b26018301bad655b06205587aa4e5d6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cc8b56d17c23d4654f54cafe647080d7

SHA1
49d6db2e6416b4fca81e410304f2a67d0f9599da

SHA256
b22516b6bc9a4febc65f77760f4f5082a7f99d4423b313c0bc2c48e2d7d516a3

SHA512
563c8d6e418a06297cddb0c75c4ba9f10024903a2c591014bf1e17ad86048900024a9a7abef6fc4f07e91ebc6d5aaa7795c8e8c808c13b5b179a1c7681760be2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
7d9713187098ec244583afb9e721a136

SHA1
d80af0b2732b74074773f3f0208617cc0e3ab673

SHA256
e809f15d8aa850a97e2d1a76529056e82fc14f50c4eb2f963746ca47daa7ee52

SHA512
6abc0148b39aa94d4b1cb73c7120fe29084711fff74d0c76c41adb15dc396d3e003239e57ae5ad1d39aab4609966691b1b9a0f9b8da2499272a937ffbfc4bb40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
862309677b2332aa609b819d9c49d519

SHA1
a37e462939a6b154a0ba617592012cddad593f91

SHA256
3ecaa888a6f877c3748feb51a25e641742c0b40fbb7565633b3b8bfa23ec2ca1

SHA512
b76db7ec3ab43e805649518846102ff513aa472faa38582d2b8f313abcf333271096766fa447f18a9892dea77cca59bb5ec5e1fac42d0877ac6aac6266fd5816

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c000c2542facb9b84ad1a2d10708147a

SHA1
543771bbfc6ad83e8bb5201ca0db822ee4f5c653

SHA256
0fe4e14d5531fdbf88ea5d373de0497e2b703d26537e2a749265ff3bf418a481

SHA512
f457325c3081de3c143329d0f9a2e95ca439a89fd795034d9b42c21530fbf8160ca104265e03502aa6023a2173426837b8acf8f60ef3f537b5c64446bbf5f5e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
52d0ce9da9a2e88b7a3a18fcf679faab

SHA1
293c7c6dea1cbc5db69720d1df2db68ea12d0c3c

SHA256
97a9d23ef8c8392a00c4bb7933eafcb5e032baa897ffbe2a572fcd3dc6b2ca05

SHA512
21332d112d554c8a419bee297f4ca83f73ae70902f570a1b6e109607c6cf241bc0eb011db299a05eb9d263e83471f26f3a9a3b0f3022723e4338f0acc1567d16

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f424.TMP

Filesize
48B

MD5
5d267bf9152482458b65fdf27ebd1be2

SHA1
0b3648b8097a795abd35b00414a96aadca720760

SHA256
8b781cdd28146eccf0f42a27443123dde2583ad028d631d4e11cc8d6b83adc14

SHA512
96f00435948f3d6b6d05e928b517d7f0d23f81c6ab8938759ded4f268c072bf0d5be7f8ba204e194bafcd2961cf5d3c95899a1a634a66f9bdf93f973f6a5a19d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
e4a374480b8e779d7fafcb2f673da8ae

SHA1
58633d450c0b639c51c5dfc157fd3abfa08a9dc9

SHA256
05e684debdd2fab3d095b27a986879ca4352f114d420710cda78828da66e4034

SHA512
fe39d5cae86e34908485ef53d1b02298611638bbafb76b6741cfad318df1403ade5d62f47bc2344d29110349b2e483291a234ddfdac555141fb99a6a38fd1f29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3c64984b3fe18fa6939ae3afba81f0a1

SHA1
18e220440d8cee10ce30738dbad5cbc2edf9c439

SHA256
ad29b8d24025dd69f869680dce344e9b9497cae16de1bd230a436469eb3f62b4

SHA512
fadb1315d90fc5e2085277d65d6620c26a63251dcd75e983d24c390f5be81de849fc85060fc8ca326ad95b722ff62ef2e114975d6ded14335be3e9cf927f4abb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
872B

MD5
ae37276b84bfaf6ceecea458d35ec6cf

SHA1
bdb58da2bcb0f81296bde057d4bd17ad269931db

SHA256
e6eec3fb313507cbe0b249f0c07b5b96f73e72d792b9375b89b142ad906f99df

SHA512
e5af7595db918fcae45a16543196ad6d4e28ac94312e0ec69c36d635e162662a4627da06be70ff5c1b70b5f9f15b60e9d985dae488e74a83e08a7a0f141f9198

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584c66.TMP

Filesize
538B

MD5
8b59ad7976d893b6ce2fe966905a5f7b

SHA1
8b2229f41bb9b4333d0ece78dd6f506f80b2042b

SHA256
796012d2fd187b2dc74bdc4fc9e205eb96722eae8318d7f98e433d9c83400d8d

SHA512
d43166a58efb3e280f23dd68e73f404c3ea110f70b02fb24831095ff13dbafbc5069fc89e1ae82ea19333ae49a7f8ed05cf4026b7ca1f3a15a4fe3fb2b9982b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
b8429f35bdb06a72e7762bd9e34017ed

SHA1
be70764cad60a5711cc1952228d39af2d463d4ca

SHA256
5c52e91e81584900fb381e421a5d1bc23fd3e88857ca2d035ea115b6cbbf6c73

SHA512
15f17ddc6db30368a4bfb97bf8bb6e19f0c8228e1f322fccfb22c0f44ed040a33ef1e7c66c22086596d305157299ad2769b7613a17c702407ce507a3b61b7d1a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit