hxxps://drive[.]google[.]com/file/d/1ldv1i3zSFXXG3-60l3SI5AsDxT7FIH_L/view?usp=drive_link

Resubmissions

06-01-2025 12:30

250106-ppkf5awnhz 6

06-01-2025 12:27

250106-pmywqsymgl 6

Analysis

max time kernel
646s
max time network
691s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241211-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
06-01-2025 12:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.google.com/file/d/1ldv1i3zSFXXG3-60l3SI5AsDxT7FIH_L/view?usp=drive_link

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
4	drive.google.com
8	drive.google.com
9	drive.google.com

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\c02374e2-15c2-42aa-a274-c4220d11cbd7.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20250106123028.pma	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
848	msedge.exe
848	msedge.exe
4500	msedge.exe
4500	msedge.exe
348	identity_helper.exe
348	identity_helper.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe
1284	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe

Suspicious use of FindShellTrayWindow 32 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe

Suspicious use of SendNotifyMessage 30 IoCs

pid	Process
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe
4500	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4500 wrote to memory of 2748	4500	msedge.exe	81
PID 4500 wrote to memory of 2748	4500	msedge.exe	81
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 4580	4500	msedge.exe	83
PID 4500 wrote to memory of 848	4500	msedge.exe	84
PID 4500 wrote to memory of 848	4500	msedge.exe	84
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85
PID 4500 wrote to memory of 2740	4500	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://drive.google.com/file/d/1ldv1i3zSFXXG3-60l3SI5AsDxT7FIH_L/view?usp=drive_link
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffdd3b746f8,0x7ffdd3b74708,0x7ffdd3b74718
  2⤵
  PID:2748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
  2⤵
  - Drops file in Program Files directory
  PID:3684
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff7e14c5460,0x7ff7e14c5470,0x7ff7e14c5480
    3⤵
    PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5784 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:2624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:1784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6240 /prefetch:8
  2⤵
  PID:3200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
  2⤵
  PID:2472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6524 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4160 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6432 /prefetch:8
  2⤵
  PID:5984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1876 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7148 /prefetch:8
  2⤵
  PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7028 /prefetch:8
  2⤵
  PID:400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1976 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,10876768548906151147,17500188017040683793,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
  2⤵
  PID:5848

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4788

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4644

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e8978379b8b4dac705f196c82cddb401

SHA1
873169c69e4aaa8c3e1da1c95f3fc6b005f63112

SHA256
83528bc9af5e037e40f14bece26788301e4555a6164b31e6010d93d7d18f0afa

SHA512
2d73194d03ea51d4154ee9556950dee1e666720c4b53fe671cf2e7647889d480c2941757d6b9b4c60a29a6799478450136f4847b0bec5d4b6aa630d9ca856308

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c8c74ab5c035388c9f8ca42d04225ed8

SHA1
1bb47394d88b472e3f163c39261a20b7a4aa3dc0

SHA256
ea821d15371cdfef9f4c01c71fbe39f9db7bfd61e6a83e09b14886c5756cd9d9

SHA512
88922af80d561b3cf10963160d245044554f9011e4aec4fd40c740b06e5e87e9bc16ed309e296f549d9244b6cc93f627d6dd010eb2d325b38cbb1d43d8b95157

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
47KB

MD5
2bbb6e1cbade9a534747c3b0ddf11e21

SHA1
a0a1190787109ae5b6f97907584ee64183ac7dd5

SHA256
5694ef0044eb39fe4f79055ec5cab35c6a36a45b0f044d7e60f892e9e36430c9

SHA512
3cb1c25a43156199d632f87569d30a4b6db9827906a2312e07aa6f79bb8475a115481aa0ff6d8e68199d035c437163c7e876d76db8c317d8bdf07f6a770668f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
67KB

MD5
69df804d05f8b29a88278b7d582dd279

SHA1
d9560905612cf656d5dd0e741172fb4cd9c60688

SHA256
b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608

SHA512
0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
19KB

MD5
1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5

SHA1
6dd8803e59949c985d6a9df2f26c833041a5178c

SHA256
af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725

SHA512
b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
26KB

MD5
5dea626a3a08cc0f2676427e427eb467

SHA1
ad21ac31d0bbdee76eb909484277421630ea2dbd

SHA256
b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6

SHA512
118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
40KB

MD5
3051c1e179d84292d3f84a1a0a112c80

SHA1
c11a63236373abfe574f2935a0e7024688b71ccb

SHA256
992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3

SHA512
df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
53KB

MD5
68f0a51fa86985999964ee43de12cdd5

SHA1
bbfc7666be00c560b7394fa0b82b864237a99d8c

SHA256
f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f

SHA512
3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a4259a0181983ba_0

Filesize
6KB

MD5
b4065941755d86b43c671ea2adc0502f

SHA1
ddaa8fd4124f3a5f2b535ba23ba1f11d9af40983

SHA256
46e2818c708db22fa12c705525f94e22af26fc48e2568fec1c744359eb51ef1f

SHA512
140366970ce34392315d92e7ed2697d7c6e7082f853c5460f58c584e731ec2f23c732dd29be205bb2c54037b462a802755278be0933a9e30f92ea5cf2576a7ad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

Filesize
2KB

MD5
3294001b667f9ab32fa3ac3bb588f5ca

SHA1
57e6a76cf0f77226216e90cc0c18567b7a4da06d

SHA256
3120f6b25dd423a068dfdf5d68d2b902d5f42c987463ce43e18c81641157a387

SHA512
f52142f7e9d19921be77b85d5a0d1409b9c494b218e89a444a498824874ef6ae55ea3639a68d8eaa0c863e3db5525f9f1fa47d74e195688dcbaa42ab07e87a44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

Filesize
1KB

MD5
ddbddaec82ee0b4a2a10611e3965249b

SHA1
f2ab9dbb6e632ef34a3878660bf00205d896d3d1

SHA256
dba3d8510254bb1ddf7a7e5c007073b5a0eb1c41f109adb91673ed89a4f84083

SHA512
7e627e5067be4582bb5bdd2d3c527810c23af295d3c153f57f8040bc415336e0d7fa99e5f6be9001225f748d8045e0b2862530dda80b521fbe8e2c7086efe226

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
ad18cc7fe5c6dce95cd1ea7aa66d4086

SHA1
591b78897f7e9ead33f14b4916cde9a011c1148b

SHA256
289be8fb6f163e676f193a4c4b021f106140f7a05eb8519117f513048bc2e824

SHA512
c15375f9eb32c7d42041b9a47f1c9b64bb3d6237937db98a82cbb64ea200f2276e41cb2b9d3f2649e5ff58cb3ae9416c5eaf65ea28060fd3259c174b0a998574

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
053951c7d47dc3f6e45820a1dd2a8f86

SHA1
5d866f4565d2895b4fc2be226f92d8250858bc97

SHA256
280c6f91d2e211e43860046f246874f7a9f003194a4d26ff2a07664cc83b6f03

SHA512
45892d58cb746df59de3251bf3605dbe0b8d3bba6fc9785cd146bcd93ecf5333c067193c30fc26e811d3c4b7f2b91b06d0d87cdd5548c271640ca8d1b40bb595

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
e55d23135d47e5b14d89f7b776b82c31

SHA1
77aad7ad19e906e61e411532bfdc72100eeb636d

SHA256
3200904a6e5c913f7da2374ae811675f357fe461cbb2bbfdfb60526ec5cd1071

SHA512
6237726686bf0899568cd071f2c67c5c95baa890fbd1b0faa31f1a3edaa2f39ffde18123f45acfe7c2f08fd0f73284e19d59a1dbafb51876998e80700e2e33ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8c4b6968f3000db40d0f7d2f1d16bb97

SHA1
f5cc92b6b6a43883722fd980c3fad1031b7c9259

SHA256
55bd0bcf86e7df0bac1b6a99b74612e7866b1880bbc1e152c84fec2cda67b4b6

SHA512
baa7579f757a53146ac3dcfa835000a814b7e3a111f6ad779ea605d377e2d18c4040a73188f011ec137853afda94c92e3afffe99980201a39d9c56801c1a1d5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
a696e02b92251b1ee4447e25cc6679b2

SHA1
ae7dc390997aa39c085253d29d3e5933e2a75b91

SHA256
6d9da3025efc1486f3e28e1025e1990a415941cf609ef87760be34df3c56d5ef

SHA512
cbe09b6cbdd891e03cc41b4a917729a61b3bd5a31079bda14bbfc9bf39fb2c316265a72749fc8d027660cc533f25d9f111100d5162152af77292a156ab1467ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1913d47e8602b757c1c2cb92362fd85a

SHA1
6dd7b34f2e1916cb1772ecbfa48027e9fd233539

SHA256
f3bab6d4216f495adb03ab5ff5eb04c967fc2f3330acf85ab91fcad356183ec2

SHA512
225da4349017615abaf20f994d5e36389c06e5cd2239a81c2f0b311f1785ced8e9c0a1bb3829c4abd7c3afebb45d157f92224bac84e34f751b8f339e94c6b330

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
b5b10c376f14d8bd4892b13feb17bbed

SHA1
a9111ea199a6f1438dcfbd5ed049777a6ac1d54b

SHA256
9ed86123922ffd09bae8aa075e000def5617917491616c4017257782bfd6fab3

SHA512
4a4a5bd8d242e65c36c0063e0bb80b11b36e3505ac8103cc3d3004cd6e2b225311f1a8be6ae3e4b09d0aed048693c43953d6af8a8d3daf92fbb2edb933a8d8aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1a076750c630a7b74f470022f0a30ccf

SHA1
1bbf473be36bdd83254205b97112a65a073bc8de

SHA256
49bb05edb609aa3f1b1a1224a042b2867d665a1225522b2dd8f11fdd67295647

SHA512
334cebdf56d8d996a151ffd08a1049ae244e19f59336ea0243daf1ef1c41c12d3f74ffca33298d9067a99d79f2b74393e4188301c39ea75a9dce95806bb4f541

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
b2621fd26f75e2d8ee23f43bc596d940

SHA1
c02a9bf6ed6ea8caae0c5909cf6ec8a749a73753

SHA256
ea092fbaff28acc9e994126db31b26e561e60b7244ee2c9920bd5022d2a442b3

SHA512
0d3c2ccd2235644ba2d9f0d1fb3fb56491dae8c368444b0adf1459d484e01b7019e37a5a1b0f73f9c12225fb5d270167f9c263795db056ab1fa35c6c680f40df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
a4e4ce6163fe0ecde1015f68c1072895

SHA1
d8e7cd1360148d19ed74210044e94f2c7c2d4140

SHA256
b1f4044269624f3404d90efdaf71f89512426dfda32f5b438b90c418a0ea8152

SHA512
34be1270d8522e04f3606d4574ab7eadccfc5c554f4fb4e6c65b17d37e7bab2a4b89d189bed1170fa7c461dd33657463a59e4f950df6a2f7aa5b3432f0873f83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
ba2ba203f6faf79a3e1b38ee076c297c

SHA1
d9da4a7410c1919ea3cb03184b3b9af326032c00

SHA256
442cfeb08c3a162a4cc530ac0b8e29169e60d2f6f014e73df7361e765dea7c3a

SHA512
49a11aa88ae13d41bde59cc42cfe36a3dfc366c9cffb58c125fcce61fd7519c779b56de65e17a1cf7efccb3275445d425d27c9829d6f519c39e285e52f956e32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
dc881f2bf4e5fc450d5341f63ad58a0f

SHA1
e1c97e4efa203e9791605eae18acd7becfd7f05a

SHA256
3015c62abea13906fb303ae7b098c47527fa532d0d632f4bc6b9004bdcba838f

SHA512
ded828c4df00af1916d32e9d6c4c6583e195e245f92ae9ee6ae22c633d265e6d234f724a9d6e336a087900d1671efc068b15732b3dac27e64cda9f23de47767d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
4c3a96ebd869ee35aa01fd477bcdb544

SHA1
03b7c598997384efa60135c0cfc6fa3747cf4781

SHA256
17e6f152f99e0d76cc25b74837349f9c67d68b4a86fad251ae6717ea017dce94

SHA512
8f9925739023285976523bf7969f6977ba71c0556d036148eaf47aebd0293cfd25deaa6ab424ca1fff5ced7667cbfb2dcc0869d8c98d3cd4a246f6014baa5737

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
89df5b537d197bca1d081d2a5afb4abe

SHA1
5a494aa454e955b6746ce18a2f45aa3af4cc4911

SHA256
492a182e0804d60bd5b2c1135e1392200ec72bdd339abbd7de1589d57fad5b84

SHA512
b61044bbc903b04407b4f55d66842cf4df4b8c8e45495a23108853d1d874f755188996f1ac968bcf45caabfe33460606987396aa6b6da28d3569d48f0c2681a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e8b73dff910431ed12b211c897c41fc9

SHA1
8218f5cdde9d870f9be52424bc71a7e114acd783

SHA256
6832f1fdf9ea395719c94fc6951e6d2bfdc7507870ecb48b326b638d9c11789a

SHA512
caa51df593f5107ba0f6892ffe76645b44380f7947e6a06aa263e80868dff4a1dae84b186d7f0d1dfd3378caafdfbb55613aa928eb8a47bca5bb9183775dd2c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b8b8ec30a7145c816aaf0f73e3dc2b70

SHA1
2b33c883f71fe301a331a7ede2a2552d71bed34f

SHA256
2be6b13e63ef9227df236e682610b1628b7381648a318ee9692610e53848563e

SHA512
5f92708c8d9f9f35919fe53c85a9cce5190c2c487efd0bc04e2226344bcb83290eed6f9d25d8c73fca0c5286aa69eb32074f07de990e89d5a3b2d71d18ed9a4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
e10ad4a795ef6713cf4f2c4c4191b100

SHA1
fe0f590a0ba8d0d9d4fa618512d08db84b04d136

SHA256
e8c8e4c24a3b9fa34b4ef73f0cf387beed09655306a419cf18b051a1cf28890b

SHA512
a0ea8eeb65cf8f6b1ed3248eb0b354fbbd12c0ef8800509169c94f565e20ac6728f4b997eee21ff4e4ce624317ba591647ac6618380ef9fab7e3db3bbbcee689

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
b5a795e4dd42dc309e903ba89482daad

SHA1
997fabcdb92aed66ce9c5d12f6096cd10ecefde7

SHA256
02101eb5b148bb4cd3b4d06c26764edfe585caeffaefe61e5971d22a6baf27fa

SHA512
e9271ae31bb6169f345347881a0ab5138087a9ed73613af4600ecef7988e55ab35f817053b74378b7edf253709a300400210b63ad7c2682a41e181430addeb63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe5893a0.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
13305fae53560432fc668e86eee176fc

SHA1
0d5c95cf39bee4e2b1ed3c3935c6a9769d50a079

SHA256
1df1e8cbb5f2a9aef538f3c84bc3674d199c7d539898b689c148c06616c12577

SHA512
e9d1972d69f617b8e9616f1d28efd10317a8aa76d27f7355db5158b68e6f6506a3f9c53c62820ebd06fc75db1c464a3d467068e669a1a03c732105d189f5bd28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cbb8219d09606818e8faaf813b1846d5

SHA1
2e9c44394d4c7f7cca15ee6b14d8f3acd1f94e32

SHA256
2280822d59d9cfbb16a2988edacc7e0af510e5fb9b5baac514e4878e970f7c22

SHA512
6cf370dc0037d176432f5be9991d7df1b881478636122917e462fbbcf972943d0275a39f505778d0fa9061381745ba0f01c0c13e85ae8270ef1712badbc10a7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0792d3de530c1b54fc4e8726d356ed08

SHA1
1510dc846fb9217912267dc20643f19ba7eeba73

SHA256
2b349b409b5e6aae2e79641eedc546cebe02e8d78e851acb71c2b64c30cf0aad

SHA512
7e5945bd5aa8e3ce74225af6863e5d63b7f8d3838a9e7b324fb97e31c7259603cedb10d0c12d7e34e3b601035fd3225e1d728ae9d94d100144d2776286f78302

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
db4f894cc44c3392d7336e9aec5bc922

SHA1
83a9558231c7a73c3686f6d4220aa43adeee912e

SHA256
277ae11f3daf887272d7fc49f267e0219607eca955aa6857ea3b6546ab2564d7

SHA512
9712033a21d39879a26a944aa150aeaf0838ff0a4675926ccdd21abfca2762aeac25806669b400ce4271617887242a099dfd0b84f521f6081182122585df59b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2d6d4ed65bd0efee29b4ca820c832db4

SHA1
177361b7ace48b483ab7ef20118cb021ee0423a6

SHA256
bb9ccc0f6630aeef0d3a4dd3be6ec77c995465f7f1f426aa17494be7c82f6161

SHA512
4096c773a7f4d001df24080ec4d9d10adb65f5f4a780ee0c194eb7b0be7e11d89a2df54477b7751f8e0865d63dcb9e25153a7b5a2d46b8b3ce7d26d66dd83112

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
03e78060b2d982e51efe43d344a90bb2

SHA1
d6d16fe5e47365dfb44a8aa5959b66b85c98169f

SHA256
88d4f82bc9c84be2b253bfe22345551f93f0468db328d71c1bee79a5d785fb08

SHA512
1d9994e0b084383d44ca24adb5dc02434aa384c8bcec85146d6fd06d30daadf690580b0aa0985b831bb50d23fc3f58e1084c84ad3b673d541b0059b226c7a8d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
aec6185df3befad0c6efe6d354c60f40

SHA1
d6b889a226a361c711a1e7ecf87884552e32849a

SHA256
9a41f23717958cfffb670b111476fe5057d594cf65d99bf2886232d0580c1dc7

SHA512
071aaaef77e0b776c485bcea087e709431817bba5eac4093fa430f41f8fbce76b8ca734fcfa07f8d710bac35190257225914dbd5b246d544c2658491329c8a6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
44e42ba4850c44a39a4bf34768f29ec7

SHA1
6cd286f0b0f1f0e0efb3166200bd8de9a432d88e

SHA256
238322890cece554c974cdded80e45efbb163bf70a49861b9379152293f8d9be

SHA512
b1e11c3153cc389ebe90f973d990161c491531f5dde9a734a2ad195ecf599445cf4f12afcab479905cfc390172369102d0c59b99a3a75e23a02f986d23d25e38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
119736e72738b76523747a8e0c21b0ba

SHA1
1c8c1d7463431260ea788cab7a3f993df30c2c51

SHA256
25f9a37c3dbb17a2e74d688c6e9a05e7c0d72caa12bb9aba2a8dd6e14f8bbeb1

SHA512
2f6676e46427110cbd879ad6cb3d0d11c25ab288962462edca1af291b47540a24795a1fd14a4831627bd93b0757158bc4d38accdf7b7c9c59f880a9f0b244b55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
74a2ad22cf9bf40fe86f5ee1b48ffb0d

SHA1
50fb69c3a1a6d5b6a83d993a595db8e2b02fd030

SHA256
a5d70f5d1ae4804ca1c7f3d061fb9be97bcbf05af4ffd03fe64892e714f66cda

SHA512
17378c6dd40745f750b258d76a98e0dda461d1ac3d83cff70e11d80f09933153c5f2385f6949799eaa1bcf4842c4d9563121f6debd26448839ba495a134dc6f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
2600fa080ec0af3dbdef48a9e73548cb

SHA1
ace90967e3cd02a1482ee25fd327198f4634834c

SHA256
f7b7268d6caef0f429e9a121e9158996e3c0b8c31f84bc08434ed17526b42276

SHA512
64e89358689d21a775cde474d017a96e4f105047c76fccb8c6fca5389831c80fe69fe9bc446f2ce3ff4bfe49f1d3409442bc01fd09dbacce466f8fcda17a5068

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7b80f6ba58fdc97afbfb64055dfe42c0

SHA1
82268057394a172f2d41a296a498d05e1eae7aee

SHA256
ae7ebef0256767a964dc31a6f0cce9d42c7adcb7d90e600e771bdf2d37ecf1a8

SHA512
fe16310ab0fa045c47d94a0c91e8ca5da31a7f4c976cbd080d628be3dc64a1e51002ac377a58c0562c00ac93982cfbc18c9e0fe43d04d51081c1dda6eed4082e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5b500e670a8938988288cb6cce7e44fe

SHA1
419ce87ab3d4102a7f49626b9e61dcd545efa53c

SHA256
cdf04962927f23711c603bcd65d9d4bf97b4047083590635ea1da8e9798910c1

SHA512
d5d63309309be0d0c0cd0519d1b87feb31f40bd8874ea8dd46062645c2a388e2e29e0e817817749fb6208695797047e070d090554737fb99c23ccbb5bc4a8b72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
584145ef7224a29035f2f16031d1ea23

SHA1
2005535bddb40934ee172fba7c895254ea07e8b3

SHA256
3d1fc09501b83b40db69e874d7f1a7c3483ae518ca031cf23a024467461100fd

SHA512
9c85a44f6ee446980f5c585b10820c6343952b9c720f1153a51c93db3fb092ae26b030d8b5a8f2a3801d55916c5790822c880655625d577d99bd20c13a61817b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
671cfbd0275770e681ef4ede37140969

SHA1
ac145dd046e86ab6aff6340664c509c4fd5f1746

SHA256
dfafdb318c177ff96d9b85ed518f229398c3f5161f0ca48ff427516292b9d823

SHA512
d76a8d3a91d1e5e84b35cfa815736c1d0bd7252381f4e540a8d7102385224167b995f698559c95fa18ed3a50e14a58fb0a96bcedb57d4770df50f98c6d331faf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
55182d891d98ec9d988cec04bac8752d

SHA1
e18a06e1498ff69c1c2697df7e195cf922a92e01

SHA256
08dc082566b36f693f93e341a5eb4e93a95d5bfed35b952f5ddcf4a5d51e963d

SHA512
35b9bf0c05da26bcebb4e259deca27c84e28521aff5a27af8205624581d1b0a7da6350ee7de0a2329c9cbc1d8cf205c1487638196232cbe794aaa91b0d86d0f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
f0a7c78f7087dd4ae360ab850dc224b2

SHA1
da5287c9301da795b59b40d885b99cde38cdb5e2

SHA256
db421492eeadb4b95b7d510b88a3043a905205b6e101edb99530183362209315

SHA512
8dce35169b9b4bf78d6f8d56c3241486db46b0d61cda9492697beaecf668159b03b848763f5ac869937babc66fe41f66c26a38354f906b9fc2ca258b3391806d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5ce5321906e3fac84b9abb13fd0b9cb5

SHA1
2a5d2bd6108e55d0753974bc1e8031be26d2d299

SHA256
ce843b875a786bb59a0f228a33cc0aba7b779cd16eface0bc024610117cf8036

SHA512
766690fced3dbeb85d1d5fcc3d80efbc49442b3611b9e139aae146cee0ec3c1fca58180ae9889bf186c176abbd9c572d938a88f7149c0ecb987ddb41b44c48a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
86d5341a76b77045ecc893ef48d69784

SHA1
4c859489af4e6f3cb5f67f54c80c2a1e77815063

SHA256
8affe440bc8cf43ef23f30cb8faf5ad10451dffcebd28808c8b2cc80d50e819c

SHA512
dbce6476169703c132d1276c10d2f4a2da1f96d7811267d6f2c16439cc3f4da6bb661087ce7f73556d1a14419bb75aed19e894cf4c757061016989b2226046ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5cdcdf2519a07d05fe945664a4c8a08d

SHA1
d010f9fd4eadca0e30197a5ca8230b06a9bfbdc8

SHA256
6c8c27d4c19cd6bf59b0698c9cf54f382caf1bfe4cb0b838c4f901883328f866

SHA512
62e0127e6495b4f62ea16ccbdbac0e6015097106b14ba959c9814e7d748dcd932abaa88e16e8040daf250a7096fb7262cf1eef896fb5040a6ad3c45aa6b35053

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
dec09d2379aa290da790fefb377d166b

SHA1
2ddcdb28b37c15410e461a3fc059e0fdf9358329

SHA256
f881382dc03297a5730d1e0c76407c335d9d6abc1eea857bd827e4b9184b853e

SHA512
83624be5d4173d8f2065ccf66ebe8707a035d69fb8237b746829ffa232b1b38702601e599360c1e7e1e8cd300caf6c24a2890f0a37b834ece43a73e98a2ff419

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
adf48133769257e20c3f221261efc21f

SHA1
d7c9fc93580facad0ff5342e1a42c15bab8c58ba

SHA256
8bc6c9d797f0020d88fb1734825b3cc4a598fbaf1c079f7747a8d7c1db578cf5

SHA512
9cd4f1d30151a7e52b468bd26a5ed604071cc0c802b723911906dd853da59a0dc40823aa6e7184b7a356b1a8f43b3a91ae91536902f5d8a79ab25f62cf8b0aab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
06bd6f599b55e68a6037e2290bc76c23

SHA1
8e61960b420d9f92faf16b2bb4a3cf73d275cb77

SHA256
6c6152c4a998409cd58643fac9b268290adb8761f56a1096244b2e51fc65a037

SHA512
a028b460ade887a3a9f4253e474a75fecba8b1541b031a1ffee3cd03d0d091e827aab8bbb99862e8571cb4f4011a84585ecfb88304e7a3648cc4b1963b8aa349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
ffcddde6409f3eade77a897b64ccf93d

SHA1
ec7e4996c36ea36f2fb61367a35652bf37ed7992

SHA256
002f061887608dd7c1e00704a29dc8138278f75c7521cbe34b5980037582036d

SHA512
3182813022b0938ab1b3ce6f6206f47a4a18d4bd77ea2a04642936e1244376c5684bd300af5104468676af3dcfc2443e4f6f03c7f260a74c6fcf5beba25a0e18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
ea3381f8378db8f4c6e2bd3857e76f67

SHA1
c462ee0a09df38d2cdc3db57135b2015525ff33e

SHA256
6691b27dd4e0734e9b0c4f99a1607dce2c60214663fb8a16eebdb655d4247290

SHA512
027f0d7f637cac354a03e9ee63dc8f553888a4bff2ec660f12a5b37fc3d58d00599518fd65308350bd386c422ade76824ab06c412b3ea490c672a86361dd8184

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
058905d0e61b3c37a5852ee4ad284d5a

SHA1
32693731789016cb26769f34943387096a4cffef

SHA256
ea33d6d1e7e020710d3082879992560d88ac2aa5d632d2e3f9fc07e8a5ac5330

SHA512
5853c2faa09edd7ac3862697e402505051b8701c89c2e8a4a4b878f16112707a6584ff2cbc63257a6a525d3d0b6b8fc7820a39208e9a77507f5fcd9abf6354b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
54dbffbcaf223e6d959ee543a9fc4177

SHA1
9066ab122432130be8ab28fdc1d9908a63ee1428

SHA256
d6d7bc6049def35dfd1eb82e917dbb5384865a24b1537cd1f31725f1a48838db

SHA512
407e03d1688ddc793a799cc635c57676150a0329e4fc5bcbc42b2a7b62c03ca24d89158941f188ab66300bca2f08e6bf0b766df6c6cbda26baaa7ccab5c6203a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5803e8ef7ec5b5346d5afd25fa1506e8

SHA1
0fbe4aee9b350b2772846a6c012aedcd59f6fa0f

SHA256
8589fc559878859b6e2945f81a50e62b48c12c982cc60b74cdd6e2bdf5b66bfc

SHA512
e1c6736cb0e0b6cf85ce4d5dc94d7ed18cded7a231fc08f9c3c8dbbb381167b7bfe33bac609b3848876f3a93e3fe8e975f010c569435568951a3d9add11c3206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
05afc0d5988cf2e887ff8905a9fb4ebd

SHA1
17d637aa4303084f8863a61ee6962637853aa36b

SHA256
6495f518bfd4426bc443e67efb9fa7248a294fc3b6e77c0dbff207d5ef0ccae4

SHA512
6e0932f282dc16cd7268eeba4fa20f6b21202f6ac379c1d40818c6a15ba5ac4e1336eabbaddf46359587b12ac87057dfb53c1586f7ee911000d92dd073872585

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
68afb267fad482e31d9d525a756dd2a9

SHA1
c8450a051fe3aa7a5c5f65833dff2581ac6e807e

SHA256
6e2225a440ea730f70bc0ab6de179843295e0b7cd7556950aacc7492879980d8

SHA512
ca3be8469ea0142f235f23119ec1e0b686476a9c6df12320c5fdda3ccffc95ffebb499dfa3d69afcaade2b1d06a2ed349747be4270a4f5f7cd3aa395a3863f7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4355568bb0cea0cbde7f68d3b66f7f44

SHA1
df20fedafadb5978bc54b06c66103bf8b63b1a8f

SHA256
6050a7a9e616b485de0347d4ebb91a7765f6342977dffba94d84c621a871e4ee

SHA512
a3083f057b434005cf1a61ac3541f780cf7d6e410a5fe4b9e84dbac786b25fd70b8d62d424359e677720b5d741e18c17fafd0d8f9357e538d3c71ef2ebdc8466

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
61c6eee28cbb490578d9f242e00e13d9

SHA1
3a6fc79948d07be0116e5a39ce9eaa701c620477

SHA256
f879caa4aa45663a3614df4e0e8b0bfd27fdc6dd88314a8ed063ad829422e51b

SHA512
cfa5f88d135e3a1886d98b2d8ade27fa9f6d8c16a6fe1d1402cbb9ff7543939bb0ee1fdf42e075ad9dd8bb2428d41fc1cd765c162c68c02d23d76decd1768290

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
357daa396a7a6e586ff1dad03afeea1d

SHA1
ebc9c0b79b43d18d2198c177dec7e7024f7be38f

SHA256
79dd30521f6b9f33c40922daefba7952656bb2345ab962d198990cca306f4e53

SHA512
f30b4301e66e60c16d43c756ad6e0a21420c8f306a43c337ba2c935f577e7b46e932670d6fee0d391b0763118e09c08ed3549b8d944b873074c1d6f7afd8bd8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0069513a451e398d21717f3fda537b9e

SHA1
21e82ffa388603080a1fe9849dd9ccb496d8338a

SHA256
bf4c663fd9ebf163af92bf7026cbe5217e4629705b986cfae3abb53ebcc75034

SHA512
bc700819e18f67ac0ff5a59f6c732966f0bd525fddf149e433b0c21d21ae626c3632606ec20e25c68b72d1d8d188666e23da6abb5ff0251a3e322a5d427105bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a541ff1f9d720b8e9a43be62e8d63e71

SHA1
b9f5e103b4e80ddb4b839d1f74e00dae662ab6c7

SHA256
3a2f98c98bc161f32c15d760ee58e829c844dd01fee5d7dd44d87151b6821b4f

SHA512
33635fd00adc79b361e196ebdcec73b14bb00a23197c133eac8c02c5476b98143373deaa52a72587a47a98b1f6ee9ac5fd43ae7a33557da8f4c36d1d2cf91f9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
703B

MD5
12f0384b3760fa820f3b22a84540ea48

SHA1
f05e03811686dee77140c3c943bddd7427d06a93

SHA256
5952324238a933f1c67a80ec961f87120ee2195808330e8eb68af6ac59e12707

SHA512
a001effe8cf2c2ec1e5d0e4a384a8b0e4d61563ae370ffa9107da130315ca932f760014d0647f1cef43e3322dde85429a7566f366c8a1225fd2a94189146d991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
90c1a8e007206ced6d6e7b6601282ba6

SHA1
582a98304fd8bd45bf60fe97f6a77c0fbf1802e4

SHA256
a928090f17d7e8f59be65361d6d67d0f47ec238f2b888631e06a5b9c16bf382e

SHA512
a0c8dfc8b91fc1d6eab992fbbf84b2debc2b3969aa98c517a5fb7e0c3ccdd7958fb56062a0389d2d807d5331f71f667584a89c9d639b742e2840c00fc96dfad2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fb059317dcf59b092c582182d6e3a9f4

SHA1
c485002293c8696a21036d6ea2ca18388dfacc48

SHA256
e0ada94a2d2d7adf6f371e6327d4bba554048454635fdccb2a7a62744ae5169f

SHA512
492909341abc180cfc0c9780e9b8e4adbf2f81622222e33873d14a976fb2608930915a57cb47cc03ab181bef26869378b7e18d920623ee3a483aee249f71fd13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4fe0b113607941fd76387a329c6b461a

SHA1
dbf9d273f08eb10fb651d5ff588481af03a4fc4f

SHA256
9b1f39ac44c15ea3114e2f3248623cccc40b25b0b453486ef2e88b193a11ce86

SHA512
1a8747bc017520c24397e84da44d93bc4277af8353515101b612255c134e7ca6332bde4baf7dc10cfeac24c579c5481353680c242bb0393580f905d989fd66b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5802ca.TMP

Filesize
203B

MD5
680a1b68a9b683cb2e16b540dbb89375

SHA1
a75de4aa8a7a253d8733ff90463da9e617f3e0d2

SHA256
d9c2ee41a22fc0da33679889fc8f9eb1286c103b734ede15edecc51a54fa2cc4

SHA512
223bb457cb4b6782fa288771f9171a6aa189722a965a524af6e2f3df890717120ee4b6e46a58c10134302330baf96d877221ca189c2d5b3258d08aa2ba0bf789

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
8031d3e0c017e02b594eebbb7b38ecfb

SHA1
9ab79f887f4023d009fc7ee5d84ba2886bdcfff1

SHA256
8c8100f2dbf512dc94704c1521e94d3da20cfeb9c7e4fa6dbf3a82a8d99e3880

SHA512
b5ab0ea9612446aafdf2388037dd63a1718bf05d39f716c719e7d0e4a8c18dfde6184a831e627821dc6809aca2906af589cfe152e577f4f9797a21e0a5dc3d0b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
13d1911ad3892e1d4b6f568e7722cc9c

SHA1
dc937388e3e79e443d535cd8c198a4ad748d5ae1

SHA256
bd53fb5c0b334d950379d7082a23f8a8a7e8aae8bda719ff3cb69a08d37009b5

SHA512
a44ba6b8ea54843aca61bc64dfe5eef595e36ccadb1c065d53790042db94e24bd4d64f54e1a351eda1c06d887df2aad0cd2282094b8f48a07affc6645869ccae

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
f4bb5eb5057494a01364e45afdcee700

SHA1
fa5f86e8497ba912ebce705e42bb303f09aea695

SHA256
ee914cec11d8fbc241fb4b9fab613e5cf844424b5c03447c3990f8e3baeae617

SHA512
9efe8649ec1a5f553a7df9010f8a4e63b968d2e16d2a63f8093cc3daab9c8f9484806f73f41216bbe46bb5e47a4d9c9c099bb00ca3ef39e68f9d1dbec91d2bea

Download Submit