fc16aca65e569048e1b768dc59093f9737f6d32f5a1db75182468f804f9c45d4

Resubmissions

12/01/2025, 16:22

250112-tt83hazjbx 5

12/01/2025, 16:18

250112-tr73essjgl 3

Analysis

max time kernel
289s
max time network
281s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
12/01/2025, 16:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

nunyt.html
Size

21KB
MD5

01b1cb3f786b3b2e00ccef5623228148
SHA1

dc7ad30c6f5c5d495f68eb247a7a33a902df4151
SHA256

fc16aca65e569048e1b768dc59093f9737f6d32f5a1db75182468f804f9c45d4
SHA512

453614e9d39156a1292a476ea2c58fad05edef6b58eb7d5c4c42430d74530d3f314679388c94ac0193bbb71b669c76a5c5a381ee2b40f748735ff61f5c36b05d
SSDEEP

384:EIbRBaATO0ZDgVKiHuKKzzN28j4Npa7go:EIbRkAlZEVKiHuKi53jmsv

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2064	msedge.exe
2064	msedge.exe
4588	msedge.exe
4588	msedge.exe
1108	identity_helper.exe
1108	identity_helper.exe
3220	msedge.exe
3220	msedge.exe
3220	msedge.exe
3220	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of FindShellTrayWindow 29 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of SendNotifyMessage 28 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4588 wrote to memory of 3960	4588	msedge.exe	84
PID 4588 wrote to memory of 3960	4588	msedge.exe	84
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 3440	4588	msedge.exe	85
PID 4588 wrote to memory of 2064	4588	msedge.exe	86
PID 4588 wrote to memory of 2064	4588	msedge.exe	86
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87
PID 4588 wrote to memory of 4012	4588	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\nunyt.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefb2f46f8,0x7ffefb2f4708,0x7ffefb2f4718
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
  2⤵
  PID:4012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8
  2⤵
  PID:2744
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1108
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:2408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
  2⤵
  PID:376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1148 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:1176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2856 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:1252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3116 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,137607803138906594,198924586540832231,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:4312

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4800

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8b752d71-d05f-425b-a492-155030460ef0.tmp

Filesize
5KB

MD5
3f763169e907656fd5221e18130e91e3

SHA1
deec4ca141d312449c40fdfc60c05de7c9cab24b

SHA256
c824d162ebedebaf2181e80e0985417f21f9420f31a5afd55fae3210b26abe3c

SHA512
2162df65b9b9a18172fae662fc16aeab2772115dbaf17165c099c7b17bc4c45f1b6df246bda7fe4c4da84a9458369eff24b15cd69cc4bf8ec6c9117d43e481ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
fe5835ecdb27935d57961afdc78876a7

SHA1
3d901f6fc05284ee484359a9903ebf250e14b7fa

SHA256
fe7a34de546f9e998d4f07fdbcc5fcbe291b10e532f4c7110fcb695d5af0c779

SHA512
39f2f488f1413c819896c7f817aaf4e641b178c3aff6c0411d5a74d51c78230a477938ad529feff6ea9d1ac814022f027a47719a67520cd99fe1f2b9d67ccaf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
395b54638779b9fe4232dab59e64c1e9

SHA1
7b9d0307309ca24eb3b787602cab01f763aab3ee

SHA256
ecd32dfc6854cf7903ef2b4c7aeae6f06e802b393a8ad19052e9cbd19e0bba0f

SHA512
90919806508bd4850cc6d8b46eb58a2b5c32e3f3d55b8823078cf5b49258e33f99647d5de712b45b2c0d0e2dcd3f0e4c18b41c8a0e67e0b20d9b315767d9a643

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
fd56e7063640b007f057ac3cae3188d5

SHA1
25a4169bd11429e7e9f8102e49d306ad29e928cc

SHA256
1a93d587a2c63f97ffa727bc1e87b2197b6744afad8efa9e0430c6b9a5c10a8b

SHA512
89be57f903797b114413aab0e3b007d01cb3ba7a5c3153bf9728d05c213da38b0d12d5796af696ae5d35ed26ce112a3dc5ca56045327286ee5f95ab0a9c9b561

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
0e63e3b4ff1a5495b232d487d4188c2c

SHA1
6bc657f7b2ebb0cb3284af7dad1e1454b8ad48e3

SHA256
9bf205883075a33c9fac95e7dc05ae75bc9200bbd181e047d9db242034279491

SHA512
3b30570cb84bdcefd23e72784473d773a7b2c36dedd8b93960cd4f9d7b215274d2d20e396467d403e345255c132a30c6b77a6c9b40f83b15b95793a4f25f8e39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
888B

MD5
8714a85c225b7cb6a13f0c2a6a82ff11

SHA1
bdee368fa641df807170e7625f8d3232f525a286

SHA256
931df0c14de979c58a56eb6aca911abbd622ff07f39211a397cb783a05695c2f

SHA512
a36f562d50f1f2642bf4d2b7f011e6b5a670ba155613f3e9db75b3ceb48ac68b84e1424d822f45ef6afdd1124b95704111f1b5f7b7cf112993cd7fdd9d0b3c66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
1e9417c97125a20f89ec78a03af3a091

SHA1
b3af26390012cb51524082f8c9e65d62e481e812

SHA256
db4740a111b237156fdf3aae4e3aa437077d21d49916719602b5f09d44036c8a

SHA512
4397a1b91bc9259ebd9ffea6ef0f2c410742197f5d87aae16f54a78ab3e6a92c164ea7232391c137cf64d10e0adf6ea4b0da97c215fba8a95550e0417c14c640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
2381a2d4e2a5090248ac2093caecca0f

SHA1
a2dc014acf5b77db9cc43cb03b64fff578704205

SHA256
9bd272a2f5a946fd61ac4976534320e43dbd1e7fb82a0641035f5504fbdae874

SHA512
a64127a949f97a6fcf6fe2603c7de3eba0606a56947c5bd0bf6ea233df491e03cfd83445db3ccc6685929b633859bc98528e11089500d4950b949aa72411f03a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
49cf377d68c56bbca67f7a7c58741990

SHA1
b31ccf8dabd4213cd0e895e837512d2dfd8d75a3

SHA256
d5ae5839649a98a5d7dadc06179a6440927e7bdcb24bbe8557b28102b56dd010

SHA512
57109d4deaa2a785c8df40f69983c6d6db027377ae2e1d7fcc367ceb57faab4a82279944c71ef62bc0ecea6cad559f8862c04180fe843625e805bec483c34778

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ba0d899ec68f0a733e5b7cfe2e7cb53b

SHA1
464ef3f35eb282c00ea1805be29ce7edff72a377

SHA256
b807602191520e3e651359ac04478de882851329790041075a890c770a79e0d8

SHA512
4b3f6321a98b3dd856cd86759534ba3001638c9a3ed6600283c84c2f37358c335edac175ea4c501e569721f70734502ba8457dbacf4852b0410304e87a5d5907

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9d2ea6d056a1ef05e016f87c0f832852

SHA1
baddf712557ec65d4c363d70e0c6b0cf6b736db2

SHA256
7ef96b2e1e271b38bc2664bc34a919ecb5463bd420ce36d65ff3d388680811d1

SHA512
fd0cc2f19549e732dcc5fbf09204484ce785a87cf09a9d6c09cf59e99677a203bc5d46ecebd443e448f7e3c12e48c36060280e45a7aee389473d5cf1c97cabc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d92be1ec92fc1ad69e03e69edff988e2

SHA1
bcec0fedb28ac6dcc9ad1a8ec68662fb26f44b95

SHA256
97da6474289bdb23aa5059461869facac24eaae5a3b9056c5024ae72cddd0871

SHA512
bd8b5294ab7654174d3bd1a82435623ce435d2000c51d7a16251bddd52c89460239814e415f8cad08db5337e7e462a717c14e7b1cc7819a4303b6d172c4af594

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
628c4eb97f8baa8e05761c6a6c22a45c

SHA1
d322028bd7063b22eba86f1af722dcf56d393bc4

SHA256
78e9b3a4c2e95d33c9d915ca7b2a6903521dfd3d92f8a88fc6c65ceb324f6c96

SHA512
46faf3cfdc7eb940f867197d3b761d0e044811bb8cea4dc25eb365cb63225c1d549d32163d43fafb7e1067db8f87b45d90bdef957fe91cbe8cb63c4883f548f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
05a9d6476119cd1a7ff59f9822ef1d1a

SHA1
34ff2732ebe5adbb3c4d33f2596fc2b21a8e9b18

SHA256
e89473c754fd3910bde3acea48691211c02e2a8b336d46d0b7af6f4b9ca492a5

SHA512
079be2aac531f7c9963d07618b17a96b1e4a19aaed62f2366955422cd909c5b59453855fdaadce19448d0c4495e2dc22a4aecec2d7a85bebffdd66c4faf4c025

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d5601c7d238115eb89c3dba7785b7a84

SHA1
7d41b727cb2d6daf97d975a5b30fbbca3520b24c

SHA256
eb17eb8796ea1a0b5d15a6931b517cc05e8c1dc3ab8b8360480682762c87ba59

SHA512
d885396817571c5b956c69be1885f3ce8c9da3e2be9d3225f1931922480d656559a3db0d22358ea616fa06fdcdfb129d86a26c667ae9b2ce3f2e2ee0dfa63b36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7b612434f796a7ff8ed8c432dfd19f9d

SHA1
31d10dac774517d9ddeebf815537efe28419c2c3

SHA256
b458b49b7c16bcd264e5cc7085c9561c9753aa7572ca1697c88f00738567d6a1

SHA512
64d37eea1e187810702b92b9dafe36000ae2b8a7d8c058481a8fdd93db8906501a77231248f20df8afeb8fa44ec81495f50c6c75e2d67dca76b3bf0fd480acd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1f81772b4f8cb6b4418704d79f01e16f

SHA1
60d2c1b2ba7d09143549351f64d6fa2f26d7faef

SHA256
ac264a76cea7c07335290c0ab2175f9abfccbe615b048a69f183ee60b4936ed7

SHA512
8831e5747f279798fc55145509fba28fee2fe0243a244ea1203530e1f2c8e440effe376bedfeb5828c460477cf33fd45bd8068664dd5d56e68282f4735b386bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe598b2f.TMP

Filesize
1KB

MD5
e6b6472ab13f2703fbfb03d21e06e771

SHA1
23a615455a4f79457ce555b01bc1dad98f6f43de

SHA256
887ab5278f9b4f070318cdeaa6c3844dffbaf16f1710eda465559b4518f99a48

SHA512
cf3922e4161d33dda04c78341519da4178afe4179c85da5c78da0bba82e50ffd0b2983c5ead5507484caf887d74e7b2ad2a1c4786c37cc4a53bdfe5029482077

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
2c0b33c18e6cbee55abddc728078be19

SHA1
abeffeed970f973baff33ab871cc52cee911f77c

SHA256
524aefb5eb223d0d5e6baef493083929bf39f3f1b6f85d4ea2256a319ea3eda9

SHA512
1b70530220dc78afe23aa93bf2d1119963cc0da9cd184ce47d32dc8d99d80760ef5d38cb2e3d0a5f97d9e5316ce91dbe5835fa97e01e504a8edc13a4b3bf0d3a

Download Submit