hxxp://steamcommunmutty[.]com/gift/activation=Dor5Fhnm9w

Analysis

max time kernel
75s
max time network
76s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 02:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunmutty.com/gift/activation=Dor5Fhnm9w

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1496	msedge.exe
1496	msedge.exe
112	msedge.exe
112	msedge.exe
3536	identity_helper.exe
3536	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe
112	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 112 wrote to memory of 1700	112	msedge.exe	83
PID 112 wrote to memory of 1700	112	msedge.exe	83
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 3212	112	msedge.exe	84
PID 112 wrote to memory of 1496	112	msedge.exe	85
PID 112 wrote to memory of 1496	112	msedge.exe	85
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86
PID 112 wrote to memory of 1340	112	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://steamcommunmutty.com/gift/activation=Dor5Fhnm9w
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce88746f8,0x7ffce8874708,0x7ffce8874718
  2⤵
  PID:1700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
  2⤵
  PID:3212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:1340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3556 /prefetch:8
  2⤵
  PID:3352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
  2⤵
  PID:632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,14030256088976752646,10522884799556360530,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2332 /prefetch:8
  2⤵
  PID:4808

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:736

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3992

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
c7e729f6122af369ea5e243976f62d39

SHA1
5b5652d2d20f6dc3d212e59643a3dd0c575fb91c

SHA256
3794957cb981fc24e3aede7badbc734ac9b5457a829415c694ebc911b4bccc42

SHA512
fe69e61c1220e4f86052eddf490dcff2f106140e0405155fc597e93af381fef487695faad6121a4a0c347edc004d7fd151b7824f3235842f946ed4b1de68c4f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
769B

MD5
17010b108689898d53658cf137350a8c

SHA1
b859f54d8aae8f5381ce22d5ad1df6a967915508

SHA256
341258fb13635112de7207800f7bee9aa8bfc1ae8f3f84472aa651cf650a68db

SHA512
0bbb41927a06556275f3b33d5cacbc49281ef02cb1e0bcc817f392e620c440cdc7364540d2d09593b07fdab24a7df05b31bf6cb59e5d29da4b037af4ada54ce3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
839B

MD5
032565f9e3f66b23b50afd98d8637595

SHA1
3024ed63d60d362116b388dbaea4c1a933de48d2

SHA256
7135ef43a4e244705e472297abce2aa17c62b2b35b96b4b5bb822f8650a33ebe

SHA512
ea95b51f463b01b3cfad9985b0fb2e56c5337c043da30a65c8ba116d661f1d6c781eb7202aa80fa87abd342490ae556f8db0a77063660907e978923651f00365

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
4f6e7493217ab4846fc061d525a2ac7d

SHA1
44eca1af76870488e904e135c7d5763d73c93c4b

SHA256
982f6f866a2f7f7cb3f5fd53d0c03b28355b4c2ed8e43471f62812e62dd80cc5

SHA512
9951ca62e800a28f8866e195d53883887f3f4dfd65aa340d21aa414b8410728e5a1289a205e91b11599fe7713053e764cd1ecb5cd2280ba2192218dba2123607

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
bc6b7f7472b7459a596b4a657ebe59ff

SHA1
03cb29aec3a5bf434a7d62fcee5219789011a682

SHA256
5df26f83da9b22e8db6f639fc975e0180c5f189173e49ac8775b151e901ca9b4

SHA512
b834ccef7bd754f3ef3b3c361554f1dfc08bfc881bc5b7b1c6f06d2cd98a62f9029c66ea3f3985dffbfd9b764a36b082f9b5a4d2c429120a005fb071e6dd3d7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
73a6443d97ec85facd73f080b586f47f

SHA1
73bc3eaa1abdfcf96deac7506cd05c2416ebb00c

SHA256
22eed88d9aeb89c9caffc7b759288584308dbdb9414f8c971d267bf3ee32ea69

SHA512
85913d08efcd6d0c93d4d9bd2a35d35bc7b68dc89df8cdfb910cf27dd67febf73a39cae5edf4bd88fe6c76c38140840290d3d588c392c48365db60e1d1676ada

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
f92c71b05f786f78bef347b4abdd3764

SHA1
8641d323f240a6ce029d1f06034ae29067d86ec2

SHA256
8f54c017a3f71ff18b91b2620e1bcb5e89cfddddc95a04cdd4a9c048bce2a3b7

SHA512
41f03deccca9e55cd4639a29102f1381da9f771fd464bdad945618ca3b33a453c496796c7dbbd16a4d6c2d0b9b0e7f7279686a909d1f4b02a6fdb24fa76445f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
28e894587574f93e5f59f57e509a1d8a

SHA1
07298c086e2a3e62968ebbfe7f9ceadd5ab0e8a9

SHA256
f0b484055fe78c2c1e65d4662b088e272ab8128fb951dc2c008ddc57ec7784e3

SHA512
217a524b34e46f4b6ca2705eb5f160050483d0f753fbcc28021eb5e502c7fa835c1276522917998e143697279d11500364b8233d4868092216019f484715e666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57fbf4.TMP

Filesize
1KB

MD5
badf8f931ade14f7ac8fe6ededc2c8ff

SHA1
636a6930311f5126112d95f0a1353be53b2f26cb

SHA256
37dfee4fca6d9ca360b6b80fb74f5072c82e2b2f0b1a22e28267c0cc6fcadf65

SHA512
9364d6ed6cbbac4a3a71f649821fc7b12c4d50b21982f7a82441e8e0275814b3e1cc51999fe28d01b78e20d7e4a49f6fa845672f731254d4c8d62d47d53dddff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
765ee4dc06f55d1d6636230520f0197d

SHA1
288e18f5165672e5b2084b512dae9549a3b7cd4f

SHA256
11acf86efcf7e553642c7e4e139c3c87c0a8a5d6abf9c3a46dfa2180ac038968

SHA512
d883fc9995d67c4a09ef46f7bf57bfee90ee4769b929b3b921ea09b0793fa95aa524962b1290c6e54f70997473ccd129a9197426ec8b78eff5c7e20df34ce1f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
4500dc8f7e0dcbb40ee2d7cdb38bfa32

SHA1
d471c89265a924b90e5b43d84b1305b236ad6d4d

SHA256
4b4e44a0065c63d3b7e83ae8ff69e083baa742ec8d6bad55a68d30299c564467

SHA512
b3b07f96df45c190c31fa95b4e278a1f0f4101ed9073099e5ab435908c64373d9a7638e00b46ea194a4d20cc6c49819f17a0bde7d1340162794078d05964b582

Download Submit