f7d62833740de28c3a0b3cfeebd32413a1fb6cb772bb3de2ad63b8ae554fbf6f

Analysis

max time kernel
899s
max time network
901s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
03-01-2025 03:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

43KB
MD5

f670ff6cd6fbf828607e283bb8b3e286
SHA1

d4331c7dd6030bd217b892234921f9605300677d
SHA256

f7d62833740de28c3a0b3cfeebd32413a1fb6cb772bb3de2ad63b8ae554fbf6f
SHA512

d68bc8dfd26571a694832dc5232df89e3907f3f7da49c43798a89e5fd2720ead28c77cc460d25bee40767fbd485ee98f0421f698a900c3c6f031b5f222c5dd75
SSDEEP

768:D3BpqhYGM4evT3x8gAts0s719TFXWt7aXfsW9l+X9hJYFnzOMD5QBdxaXfsW9l+4:jB8hYGM4evT3x8gAts0s719RC7aXfsWB

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4516	msedge.exe
4516	msedge.exe
580	msedge.exe
580	msedge.exe
4824	msedge.exe
4824	msedge.exe
3696	identity_helper.exe
3696	identity_helper.exe
1396	msedge.exe
1396	msedge.exe
1396	msedge.exe
1396	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe
580	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 580 wrote to memory of 4244	580	msedge.exe	77
PID 580 wrote to memory of 4244	580	msedge.exe	77
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4240	580	msedge.exe	78
PID 580 wrote to memory of 4516	580	msedge.exe	79
PID 580 wrote to memory of 4516	580	msedge.exe	79
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80
PID 580 wrote to memory of 1276	580	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffefa833cb8,0x7ffefa833cc8,0x7ffefa833cd8
  2⤵
  PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5856 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2480 /prefetch:1
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1664 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,1878981402022961936,8003423387651918690,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3052 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1396

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3096

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1012

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
826c7cac03e3ae47bfe2a7e50281605e

SHA1
100fbea3e078edec43db48c3312fbbf83f11fca0

SHA256
239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab

SHA512
a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
02a4b762e84a74f9ee8a7d8ddd34fedb

SHA1
4a870e3bd7fd56235062789d780610f95e3b8785

SHA256
366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da

SHA512
19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
19KB

MD5
176441e4bea94956830acbd90b5812b7

SHA1
6bfd6949de08b74c4b7c85af9f0fa17151bff924

SHA256
ddd26dcec1a2ea861b2870bd6023f95ae8ee92b85f8757bce02b97205b62a74a

SHA512
abca2d7b7463351278f41843429f61df2471c631631546c6ef6a748a3813391edfb0268c17651c132fc932d7e6452cfb95af4be8883c149086ff46865b83a94a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
43KB

MD5
bdb6986bf5be8e8074fca7fbcb306630

SHA1
dda00e0e38ad449a2a440d92c90bded3570b31af

SHA256
9b93749c9f941efc90496b374b3473a712a877f856a79b739a4423fab61a68e9

SHA512
ddeda642636d555d302bbd4bab41241ab2c67736b91eee2aaa618c04f18007573f5e19ef165d3b2bd57136cea02edef3ea1aa3acdbadf224bd3b3d65a70a4c22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
32KB

MD5
ad6a2101f96364c2d3ee3c271b3964c0

SHA1
1e26ed208a7aa4f2f5740cef06feb2c13d719938

SHA256
f579e2672bb674ccbca8b5393432b3e19ae0bd162e812f8d59e15467a993ab67

SHA512
09cf9880c1dff13410e0537b6ea6f9f346315ca1dd3858f90a00bb01d541513e42af9a175887bfe414090ca612fdc8fc407bea3e7e2950d50f40a97ef2cbf66d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
23KB

MD5
d48bf65711456911cf327c18ca2fb6a5

SHA1
3ed0ca9d1f469f5fdfc9f51612b0ae3071907533

SHA256
e56c441accbc0c0f8ca8554a77a32b0cd0bb9612cde3cdd73b1c89bbaf29b112

SHA512
83bf2f44ed404b078f8d3acebeaecb76b0780ad3954d07781694493a01c7464f0eec92b0f14cbccc90c5111a8058b7e1ff81bdc7090871f6bb6047239d3d80ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
27KB

MD5
1b426a95ceb50d255df9458733818c61

SHA1
7af69a7e2c5bd92650e794942d9398614b502fc9

SHA256
8b37c74dad1ba4db120faeffbdb3fe0c405bf9d8b2b488b81332cd564f88ac1b

SHA512
40f9d2c1f86474a951b5dffea502b2366b2cca4276dba18183f36b33ce9b72557020a7de2f0f467da7b2063445807c3724bb43b4a069d98e7b2b17c832d289b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
246KB

MD5
fa73d5bce0db3cd9ed91c61093b1e9db

SHA1
4edb4171dd2fe29575b5fbc1ef9c9dca68d76f26

SHA256
f6465bc4426e2107696900d6a7f40498d4bd6244783864463bf976db3ba604ff

SHA512
5e4e29c8a68855846bfd9821c43d3fb6c7e81d0a9b696d1a8922a194f45d8c9966a7544f5d7869c60ddea82b1970dfa7b56660dc79b29976cd0b946856805668

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
263KB

MD5
fb97f1f298025616d422578bd18462f4

SHA1
91a4efb031abd687c03c096109aa7d5f1fd7e0a3

SHA256
d3c24cab2320a57e27586c3b3e7bba98e6e83124370fbda0d51319b314f75e45

SHA512
6e5237655f3d20dc8285b20acc7336aa1b917111b8ea0b2fdc9fdea79b9d4c8dbae104876973adcba8a4352ad3cdd866eaa4e93fc0edb9e8dc973cdb78535078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
216KB

MD5
ae2d932695ac896441ca237b11e9fae1

SHA1
768b6b214380f7581d8cb427031dca35a939cefc

SHA256
3eddc880174734b897ed68e507e0b3d77b319a02b99e0ef626a42bf75c002883

SHA512
ac04dc9f55de1d1804ba1cc09a98f6817cc53380570b6cdeb40b8de5fa4c4fe578a5390080f0657da2b14e48b3ad8db6fd7811fac2adaab395f4faa3e0950f9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
205KB

MD5
b85074fa4f869286b5a9c6989a6fe99e

SHA1
42cd6fd540a5cbd03f48daffca09c4f77424673d

SHA256
5680c783736e90392a192fc31316db26179688b92eab774ae4f8e5c1208d8202

SHA512
b24c84a50c1e9c719e85bdda7e549860528d3a3b358ce66fcbd5be026c48b88b17a1b22315e4d9126901c2b6e2a45b7934e06bf4b584ccedb8876e872ec3a700

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
228KB

MD5
3e374dda2f9d78d6aab7c08a507160ac

SHA1
5f5c347581d0d1301dfc4da9550ab4bb0b75061e

SHA256
0a6f672cf82106287dd3a60bb70f78f66a2c179bca6d60be1157a395df3ae58f

SHA512
1cfafd28bbbaed72204c0088dba737de9c336af0341422275c33205b8958bc71e450c926b82c7519fb5b8ce9559b36f4f8e2993d766d5dcaffee174a1c191893

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
61KB

MD5
f9e8384de2aad66e0a727cfc026bf79e

SHA1
012d04a12c9bd075412815fc7c346deb76ef55e0

SHA256
ff6863cca113fdfb4cc148735d39e9507534568c11ffb634ad7c71a72814f715

SHA512
4d3e217c2592156da76dc3e4c777e2462516a4b61d4d5ce93d09de7858810db5d199e8ea44e63b7b9832d63e9e71ba7fd90fa7cede33fae5524258977b6ccecb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
25KB

MD5
21a3035e4db54d5cffe69a1fa276bd3c

SHA1
fc2d58cb2616e0491d58ee55fad16a53d617ef00

SHA256
c348a5356dd8066525beaa7ed341636b483aefa011008e3138a413918e48dd90

SHA512
171d06bd61038353736f40e6befdec02a8624bf11995f9d40b56a0cf723d348953301bdb51f66a166f5ff701232e487e188c49e0d77fcdbcab8bc3b60309364c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
17KB

MD5
d7f20e7973c054a1f9b6889b0d6c32b9

SHA1
5f7cd72f492ed2d6d5f7b325ca4a27588c35c3d4

SHA256
518bd81a163e773988a481b6a364dea4ec9963cd666a12833064bb6879f79619

SHA512
f26a0a45cb7072bde26cbaa9e18cdb72407cefb2f00c3b3b6e4d738544ddba2d48adc78dbd6f6ce3c3262da261c1d71b383f8653da6ec262da5770e150527aeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
49KB

MD5
3032d4a6ef9c485b4508f01a2e932e5d

SHA1
19011bc6d5b73ba0086f385f5ce382049015c057

SHA256
eee684b1c254ad0458f2ec4dc64727d52b6527b158549a4cd0b09f4f3743055f

SHA512
5f43bd02cb146fa18fa90262e6b0cbc89470f3c00cf90e7dfbfff47d95b8eaa187fa0466bede9750d0327b87a2c6300f45257b00741b09e5418456c76a318e03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
34KB

MD5
f21cc452ab79c7d9d6e96585d302d33a

SHA1
7e941462733396f1b708a6f357e0fea7ccac8c11

SHA256
a34c90ae704ec587f4655d4db571989edc40e1d9bda3f4950dd420714df27f61

SHA512
f9c032ba1e8fbed8e041d340605eaf2524970bba9914560714f756bd8aa07d9c339d8a96d978294619ee39b95c2c292d8e792910f7f517c1c379da753d9ed1f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
17KB

MD5
ff9874fd858faeb26b729eced0656260

SHA1
d21a1be977518aefbdfbff8166d2c0a1502ec5ce

SHA256
80d84732905c9a06e9515e65d2191c2b5b0cda97ce2765950a93f869607e66a7

SHA512
ac24cdeb68b70db87615d678b3e1baae32b15be0d82ecc93030cf031485f6a8d7ccb42af2c6a404582c7ab202cbb8c700d29f6e71373a069dbcbed9ac6da4cf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
82KB

MD5
05ecabf63a15a6dd0c169c036d7d0de1

SHA1
9f4650519a86afc34fec4cc5102b5fd6a46758cc

SHA256
86c67c526eafa80394d4a3931d6b2dd4b080a1aa1bd53ff6efde9292a11729fb

SHA512
cb436fe597c724f39e0066b8e17e6122e270f59069e41a1f573c4bae71e9ab75101a6b2f7a3d689473bb9ca4665478ca326cb3b6b8d7d729528f97a9b2a6c7b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

Filesize
36KB

MD5
80c484a058ca2ae0f9bc62a38223d496

SHA1
8315360b781e7161b79df6bc8def9a66db7530a9

SHA256
d7530b224b4842c08b3bd6e33a059d33cff50653f06b3080504785c6c3997c7a

SHA512
5b3aa4494da9bed0fc7e7fefe00e8343e3e63322b7923bbb959a0d274716da283cbea5ebc4b59f4e508b8167c32479ffa3ce8b36465c6563bc20101aad9f8608

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
36KB

MD5
21f4955f4e7a07d5cae4a46fc74ab263

SHA1
3e3e25ca71bb03ce2c9b2a495b346b9653568b1d

SHA256
0870954849b1ccc0e6a9754cfbd3ce33f791cde77156d1f84519713ac47c37c5

SHA512
ec857db1522f15d6b769dc775550eb0023e27c080de45f6c091bae25b8524ed17fba0ca84af38459bb1d772bf479327b031e5ef677d3eb7f65c703c03fc70b84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
e92a76815200c7b8f813af5d3ef9259a

SHA1
b36581591307faaf719027f83830156311c1a8a8

SHA256
2561e96e425930b1696ef826fdfb4331fd2d5196300944d95954ec3824903bb2

SHA512
ce5e17f603afbec4bc16c3117f7f00ff8e1d9f0e5e247da036ab58e28299c8b13e45827e2f845512e45bb1fad5879851dece100bbb87400536126784479965fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
616B

MD5
35975985d5b81b200bbecb92ada87e2b

SHA1
ada7d3565c56fac08ad63eab26df0f3f940d0a20

SHA256
26376086dc98a4ad9d3fe8a5280d55f1cbcd7c7e0b5ddb3dc9fd67b1ca573ffb

SHA512
10a3a656e829346fc71621b455eb6cbe29e1c5d6223aa99290549a5d495929762de36f001d3cfcecd86fa35358cc0592339ca7bd3f9e91c5c16a955a54dd5440

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f1cda2a0b4ca76b9390369756602d361

SHA1
cd6c5c1fb0158706b0c7930baa2c873f0e6c99ad

SHA256
9c38622bfa65570e87fa16f782bf889e66b4dfe5827d89b87c3a1f688aafd251

SHA512
738303dabc8376a4a535ecdfdeeb7dfffcf3179a25e7ece4a64be853dd33b866d35da1ebfa30f62f638a750f41b645f2bedc697f795d443008a33b43baa8aff6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b0656f8224b613a105a635c83a0847b3

SHA1
d5666b5f8992aab93b491eda68849f05982172a8

SHA256
71b2d7002f871789dc75c3f395788eb8d165d75e6e982761e0d946adf17c8661

SHA512
a2d778aa4280f1989872444f1ed78b78594c46b8fd2d0e305c702ed8d5b51fc1bf1bec07ee60dea19c0bd06f7a8c4f7e39191dec7f318a45cc143838c941185c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f526cb5dd330e3eba9f54618cae37469

SHA1
083b24801ee098cc32f100ab8923b9a03d3653b5

SHA256
124b3e834145069a7ff94e9e406e6c0c18a67fb703828331e07a0538d5525164

SHA512
a28a35d1559016dcf9e5a7ed86d4ee9ea91dd590a8b94e70baa58c46a6d7e2d7cc192c2f597f80232337db47aa0b2e64b9163cf58a56a44958368b38af75d307

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ebf982a154215bc858a2d130f0ef51d1

SHA1
c2f808f31781f878d72cc52c22e109a02f22d2da

SHA256
3d9447427b41c4c0382ae1c8bac431cbbf7bcbf308a9848eb8c5bb13441fd544

SHA512
34f994cbc5f859a09346d86674e1d94db2b7aece4b5973270032fc21a172a574c03554a3bc90f58b0012993aaa0ec210f1ef3b494fdab26e74a5fbeaf75d09b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4fbf029bdb4d684a5c48eeb204304d6b

SHA1
fbbf7379afde0f923308547df85b3d73618a1da2

SHA256
d9b1f899988e8dce77d8922b43e2433b9f14380b4c125e1554b4258d93036ffd

SHA512
5bd724c2fd801673f90e8e378b4b4944ef5349864187c1a56a6c23de61ec24972b3b20e1e407b50a0e47cd1ea69b23505d2f9efd61bc0d0cb2606398d54e6774

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
f1788751dd450a99d6ee4076182f70a2

SHA1
fb85a5666f5c7ccd9506cf54a491ed84a37d8700

SHA256
353d4107371b98b43d500efccb65e7cfa02d8837ec0ab29e2f9d635a56cd62e2

SHA512
0e6ee9b2284cab2a8ce1476af16f3b4da466c2dbe3d466e715411a319262f7508d90b84cfbd01dcf929a18359cadeae0789d5956a6db55cc65eca5924fbfee04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5840cd.TMP

Filesize
372B

MD5
5c0c981b1fc1931049cdaaadbfd5e39d

SHA1
d6e7792058527668c8061917d3b9da485581fbab

SHA256
eb819fcc76ce2eb4e9f2900ce4258d8ad57163749e245efca21d7f47db38439c

SHA512
cfbf0711fa12058570b9c01db968d74896deb67e06b033bb90db0a5aaf0126563408176c840b2f4169bd9f752a520f379056c741acdec62471aad69bfe4c9b62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4f5e8a397d7fb86a9be0bbfb8c6717ee

SHA1
4a6049c22e2430a543b102192d0f38fa73290342

SHA256
07c8381719a4a778427131dffa217e16e226af907e3040de07206e577e3e9eab

SHA512
5da4fe4b5a70e63fe0410a57c91e755465eb7585b3ba77ea147ad633ea0bb38bb3444af618d82c298327196c94ecd0b771920eca20f584bf739da2bffc398794

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9fb12f97b831f29d3c8059ee2adb0b9c

SHA1
4cd9c96380778799e29f3e9d33b89e0588b6d976

SHA256
2fa587c05df609d72368fa4b19fd6e1f28e841320aadc7389b22fe44c47faa6a

SHA512
95c23ab2847b6dbbb0ca29416d9acfa7e98f9c7c128eb0e3ee4306eb96a2aa872b3b565cec12ba8a7dbb87d66da42a44ee3b0035fa58ba130e60e2005a0651ae

Download Submit