38df6a2b5a58884cfdc1ad6f6c2d644a85af9171abd8cd64cfe568c29988a300

Analysis

max time kernel
83s
max time network
85s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
17-01-2025 03:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DEVG3SWyqKpJcgd9q4.html
Size

39KB
MD5

f41b82718cdaa9248e40191eeab8a78b
SHA1

96af473f0ee1d6473aba290b8aeea715af6c5873
SHA256

38df6a2b5a58884cfdc1ad6f6c2d644a85af9171abd8cd64cfe568c29988a300
SHA512

cfc5aef9ce1633726058e6fd467a31e708e2d5a831792da3f9619cfc4544b55c12d0082ec63ef51231f2ea7fd3f9aee453b1ac2ca332cc42b427cf1af926dba3
SSDEEP

768:mOIfRIKQFP+o6e47J/bj0OvqSvIePeffUS9+3oV3AY8iwY2dGJbtXDtebqLHIZ26:mOIfRIKQFP+o6e47J/bj0OvqSvIePeX+

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4020	msedge.exe
4020	msedge.exe
4440	msedge.exe
4440	msedge.exe
4168	identity_helper.exe
4168	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of FindShellTrayWindow 42 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of SendNotifyMessage 40 IoCs

pid	Process
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe
4440	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4440 wrote to memory of 5088	4440	msedge.exe	82
PID 4440 wrote to memory of 5088	4440	msedge.exe	82
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 3896	4440	msedge.exe	83
PID 4440 wrote to memory of 4020	4440	msedge.exe	84
PID 4440 wrote to memory of 4020	4440	msedge.exe	84
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85
PID 4440 wrote to memory of 2676	4440	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\DEVG3SWyqKpJcgd9q4.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f3e046f8,0x7ff8f3e04708,0x7ff8f3e04718
  2⤵
  PID:5088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1988 /prefetch:2
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2548 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
  2⤵
  PID:3112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:3724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:4304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1956,786582354963641114,6319112711144761372,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:1752

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3328

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3228

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
19KB

MD5
8f661b8c2dc08d06a2992b1006fbf95d

SHA1
51f7614ee218ca027670a3bb0d7cfe1f23869602

SHA256
8bb39a6f700638d352b26ee0cb86fe5fd1127397dbc18d50a5bf37eb9ef6519a

SHA512
80789cf71769f1c03910535c610c942aa4be684433bcdff360ba309a6c15b3878920a49d1d1303c322de64f200b8e5d316b428b66668d51f9ddffaac0aa5f80f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
24KB

MD5
b201e8da90ef456598b8b3bb0e31bf53

SHA1
8bb524c8e9b17920c83d9a06c0b305e41cfca560

SHA256
2c8b630d1edafb8cc8c8cd73fff10c8ab6d06232929a4d458ec34628920f1665

SHA512
50126ac5b7800f5a848ef49ebc8e71d78cb5ee9c1602486b30e697ce57af32c868e46795ac2c157cdfd7fe65c03133c7a752813d520a9106adc3e50620b473f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
36KB

MD5
80c484a058ca2ae0f9bc62a38223d496

SHA1
8315360b781e7161b79df6bc8def9a66db7530a9

SHA256
d7530b224b4842c08b3bd6e33a059d33cff50653f06b3080504785c6c3997c7a

SHA512
5b3aa4494da9bed0fc7e7fefe00e8343e3e63322b7923bbb959a0d274716da283cbea5ebc4b59f4e508b8167c32479ffa3ce8b36465c6563bc20101aad9f8608

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
32KB

MD5
31b05e57c066452d73ab005bb42865f7

SHA1
2a8efd5d7753dd756c539ad66831b01f603fb13c

SHA256
84d0be622ddeef6d0793df5d274965d6d13a756979b4b484185dc7a051eb4071

SHA512
f793863cec23493b58311d37720fe7d48e21c92da5cbc9c5d4562e47a046e33be4584d58a1c031513298c55a9c33f5e591fd5ce831c9c33af9c2594bb071c277

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
19KB

MD5
4d01e326592ce2f559ff1613a10a00f1

SHA1
fb1c762040ee1e36bcb7c44674638b32040fb74c

SHA256
56c9ff85451fcbe3d0c8a80051d5cc690d9731fbdedb6549b4386c6010519078

SHA512
e8f9cb416f7ef90613812861ac6033d712526dc3fa11ef59a1b5929f649a063c176024d2e3e3cffc5ec33e7f516e5fb3d082947b059ef812f701eabaff17b16e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
19KB

MD5
48ffef4fc267c7350a37339001bd1a02

SHA1
9379041d4d542c116b420d014c7ebb68137a008a

SHA256
254467e453cf3cae3c70085b41462cd71b233c247b5e212f444347537b4c4873

SHA512
34b459dde39b3056e2f0a4c593b342d32829c9eebb2b01f146aefa0d54f0b52ecf4954873cf76b424abb25f84370d0b5ac06fdac734b397a7444b4b64b4d52f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
20KB

MD5
307995822b6180404d5c15a99e454b41

SHA1
d09f078273ad5983dad28f93d96b9ce6bcfb37de

SHA256
c4d772bff99d6b6b9622c7290cf1f4b3e47c9decbd57a510ff08a115f5a5a12d

SHA512
a1fc6d68c63ec1d77fc99c7a62a56c124427cbbdd5c1e0c67d7d762b062e847dd145c8b125fff96b1d714edb308bdbc6d0b07d97f050b7efbaab0b5d67fa1381

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
37KB

MD5
e0a659af3f58c496e96cfb5a0b47e95a

SHA1
acf9427e8e1bc0acd30bc88aee0b08584de553be

SHA256
c67df0f5e1fab5671c576555f6ed6595a585c9c7d8712eff72301aae3b688ea9

SHA512
34b01ba5b7af67ad8eecf660d8c6e5d099cf46d1947791583ec94cf2e0e970ddb43af66831b42ad5f29c07dd3cbb31f576b726e39bf6d16dee0e527d87a28b10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
150KB

MD5
52344bfd16b4f6d1dc61922468458ce0

SHA1
142e9ec2e44f56e7e97f243624655decd4ee75ca

SHA256
d4636d2d08503bfd82c4e2a614efaac77ed9aaa38793703e16cf8f73b445aefa

SHA512
4bdf08a37c220abdb1ff30a30b10573082960ea9ad4118d3a9abe3e0334aefbcbe07eb60cf17d9f8f4539c5f719a67c803a452a4e79ab64e71e7c7b83c0de172

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
39KB

MD5
5b135e3f07ff212f2288816e3d63b214

SHA1
6bf646155f61e67a6b9bb54b82d8a8da6818f6ce

SHA256
123051000de95fcc266d5a821986327c32f5ed9f53fab04515974e31f5b83d32

SHA512
b47e871ee534375eca8fd3c30da3fd245b08f9d39453092db55d2843ce8a549cc953a2c159b39fa1ea870a56c8f46e506773d12d7f5e7db7df94231879472339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
44KB

MD5
c8ee2b8a6090ef0a8e5a5ded8934bff8

SHA1
49e13dcf31b15ce6511f0d16723b6b761f31daa1

SHA256
f630e6ac06b05c3d195c735d777a7453611e3740e5fc22349a443cd15268e0b4

SHA512
3d607777937ca07f722006a0a22e714d03b42c284dcf7d090e35096edb5a1a3484316af5f511d6486b93946c90619a4fcdfe852896a4776fba2a29b686e2cb67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
300KB

MD5
00b9b30aba747494c57799e0dc1da84f

SHA1
8cc9ebdf36434064aff2c3b7e1e10fdde5e84d7b

SHA256
a2b9865467c1ff379d78b2a04ef6fa467ea8dde7675d146848507332064e89a8

SHA512
789818abc08d16a17384930a33ac9deedffc32921fde2174d9dd82351dc793270d8957d53e483126cba5d48fad4891faef7316832ae81d2929214eca47602305

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
17KB

MD5
78009b0bcd5f695070babef7964ce279

SHA1
817fb69778754c2d5976909a48525ea46136992a

SHA256
a179f5a994b7974aec4a54c2af8d07d1d0d9d2cfc66c81246e1299a5a0b1ad19

SHA512
922be73fde8d54afead642c60b480f7c2d54fda6c840cb6976b02f10d12d67df749b5af21b7e441342c2007a17287b1ed55a9dc894638ff8fe21454be171b42d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
120KB

MD5
6168553bef8c73ba623d6fe16b25e3e9

SHA1
4a31273b6f37f1f39b855edd0b764ec1b7b051e0

SHA256
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

SHA512
0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
218KB

MD5
f4632004aca8e2a6eb277454f5c12c8c

SHA1
0f8f7426a7593fa18e5efdcf24201e67db1733b5

SHA256
1c313ece8fcabd385dba9b37a873a4485065de9e7f2208606c23690473df995c

SHA512
d0ca7e534e8af82b0a7720a4ccbd7665827127543d97532d31d8257eda54cb62707589af3b1061eb0c3af654f6b280f796bc173a2376723b0372a271ec0f8bbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
205KB

MD5
c9c9e7a0321c20a8faea53cb744f62a5

SHA1
a4f7964d6df916c63bc019879e15dfd8a010c9e8

SHA256
9dc45a4308a94cc765a3fe2409e6998871eadf786e01bd0fdcbc5e354ced331d

SHA512
12bfb41ca0dffe67448d2ca50e44432d60f150b588e168efcebe37ce4f030da3161936d443735587b9833eaf506d6448bce92985c16456caa6b2b94b48b7896e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
22KB

MD5
9d53309ac2415ed6efe77b43a5a2b2b6

SHA1
31d26e32f551242c037116da7fe1f039bd1c4b41

SHA256
31e667f7d809056c4199b4204f46dbc6cd118a97530308229bbb9d450c42f89f

SHA512
25510c4cd3ac3388a1c91b5011e12a34c409f272d8f7fbec1a89cbff45f2553f7061c1f63d1a2c06f8773b885bcabd9c96501434b8905778132fffef80989476

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
66KB

MD5
100655c23b1e2cbdadf8919bf6f14f50

SHA1
1b535aa013148bcf8dbae70f31064ed03380f97b

SHA256
9de4c1063286a2bcfe2c2b232e45bd8947e70d941f4685a50fd9d99cc6b74fe9

SHA512
9904ae2ea00d092f4d2cad4969d26e08b1840373e6869b358f11686d109b09eebe25fbb6a45671a918e1be53130a4ca20cb5e217348a855811cc4fdc32808f67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
b2106da957d771e29e04f1237d3a645b

SHA1
88bdf3cb07ad17c494259331a6f50d0adc60d357

SHA256
724ddf5fdbfd49283ef789c2e5a4e64bb55ff71a3fdc1b3b201f7662d9c7971d

SHA512
a0eb2fba86754f710b780deb7acc41d1740ab8a147e3b748c0fc3d0ea8a6343c72b5b9c08a95a65fc0fb259853e94bd82c19d08fac31ce6712f5defb72fed5a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
283B

MD5
ec221ef65ee8e5261a69ce3ad35d2c68

SHA1
c1a875d72e9c6a7514eb2c4c165809422797e682

SHA256
82a073a0fe2a92cec0ed2b54407264ece724013a067a55031abc936be63d47dc

SHA512
8f16ef8a96c751c2c6912ad6895db05449d4692247367fedb4937199b00ba2927734f9549f6e709a9e84b7622d63d32049f222c4b43d40d4256052d2c0892ca6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
361B

MD5
020e49c6b4d940cf81af3b44792a8dff

SHA1
d2107f3501e1c6f79417f516f3c7387c49b4d720

SHA256
27067c82634d0b053244278d64281fa1de7ea1a582fa0da84a45711f099a6723

SHA512
fb11efd47b1bae68584c5e734ce2dd4207dc8dcbe60b9a53677bee0eb95a3bd81a63c449fd8e2422eebb8b9c9d319aaa5510dc9bfbbb1934c1f555864e719d52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fb8869bea1c845468054a790847ad00b

SHA1
1529ab9e76f231ea58242da001898e4c1570df35

SHA256
4c7a4546e0d69194d29f709ec18c5bbd58fa4228d0ba602604e23c50b407b99f

SHA512
66591927c35a51a3b7b85abf2b91dc0f6d010f420c93dfd4f68e85a40a45bbe111da4b049e5e0c418d0087890ac55bacf1f8397f57933a1373bde2f31d2c31c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4f721cfd65327a942b5b9f4426911416

SHA1
648f5ecd94ea3161381fe5f5c90e74e03fd0af4c

SHA256
1613aedea1aba24178ba2a4ad07d38e3d756ec90f714fc4390aca66292eff3f9

SHA512
697a675e3484935d15d427a4401374fb3cddf5121bfcf95cfca5d3299d07d7961d0836b6bbd6200b8af8df6046d460451cebb75eb92cd865b42861a9eace79d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fb0a1e39977af8e5345de165043824f6

SHA1
799495c5e5358035d782232d39d5ba1f5d825b31

SHA256
a705db3e0627d6dceb921cdc0109c09ebd9f4cc248a8a0e323c7293dce0a541f

SHA512
9859fc4813e1cd6d8e2679d50615f530231d62b3c971892befb8c6550f66754441baaf9caa1b4b052ab6480425386e0ac876fdcd9273039359e6e6b10001a115

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
7871b207942d7cfd7cf0ac790d0fff6b

SHA1
c32f15f086bb0045478ef1d8ac68228c308cd60f

SHA256
e716c43301529e8dc83242564b8bef385131ad04852156b68c120e78dbba7e1e

SHA512
96dcd60a4370f456db184900c3499a36ffb6a408340bc1f83e15795a46ab09ac2f20d705121375170eb582f42536a77c86a753f3e52860985d40665002dc284a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
7a1342a93bad30b8d30174c6e9cb48ed

SHA1
3478f02cf7d784257cb97216d5c0b91ff5ced673

SHA256
e69e1f2de2d07b83b63571d33fb92bb6eaf3052b2d8c260221c2e8ef9ea05093

SHA512
dbf4b9eabdfa3d496134a14ab15f1ebde09437ee8d5b5c2ed24fe1af9fde962b834e0ce59de21adb737c3054e8a6895f9a7faa95110db63584e95552a127e4be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
79ad8de7057b72594f6ebf8940735d70

SHA1
d33f850f82946e8c7ded854be0997d1011fe3bac

SHA256
10e70a858e162c6de7b2e440f0c8c2443c0a5501c221e1f83ca9b004838b132b

SHA512
da9578b511625e9421e059cf04421a956c98ec1dd59131c5c00f3cf58256ecb343db4ececf4a237335c01902f916c24376f94e755de8e1155936a812224433cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
037cd845ed02231467b6166029609107

SHA1
500c03b5fd96e465811c7fa7eaf5d631d7db13c4

SHA256
40eeb5cd813d9565a3ca6728ca4a9b59bc3508c715b74839155476b21452c55f

SHA512
d9c019b045d3efbb96007950822a515b4931378331ee75b15cd2d5552ccb60e08bf448dda56d96f504e81c6ec7b56a0c5a79ba6956b70b1c083586e72db2083c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
898a8f8900fc59d3fb31cfbb593fb6a4

SHA1
603609da0fa68f2b9e58b182833011746d0d9579

SHA256
57338a58fc47a8f285c3da4d108a63cd0ab7269a85c7b227795abf85aa1bebd2

SHA512
ab05c4ebf3924512ad0be3194970824a4bb134620efa6d3df1b3af1673e0b7596243fc677ddd0ce9ff143c82618d251fe1e5cf529f6c76649cf6c783e361a657

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
539B

MD5
94b258ff4bfae9acedaa9548b36e46b4

SHA1
172cdbb9a3de81a99606f7f3f5f7db4e5e166ac3

SHA256
438d70b7807dfa0a9d3eca8fe080940ec334799983458279d9844735c80c028e

SHA512
260803c047a440a365c4d06d6453ba90162e428d8ea8fc2dc84ea8d2d3767ec4730fda9706d3cd0fd08f0a059444fe416433615a3a89d4eaef8099b0aabd38bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ed3e.TMP

Filesize
372B

MD5
fc2e3a521f8734727803c4fd3cc61388

SHA1
08028557da6d7b87364af166654cec4c38acce32

SHA256
af290a26766335cc52811231586c00fa33604576e1d3247125322c288a5a5383

SHA512
80f0bc46b08ef6ee9189910d74efcbc126692ccb9e90fa0f6379c43d1f9caf8efbafd8a0304f03af2a90ac0ab229bff0f212155c433fdbabcc651a5b1ae666a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
8a4cc6eb588f0dcc99c6b1cc9bbb581c

SHA1
e75b26f6ed082bcbee60863784e53a45aabf32b0

SHA256
b7eeec6de06bedc66cd5589c0ad744f893d5fb340cb0bd6bd559d6e7c1ccd101

SHA512
c7480c567a94dca6cdddf78223ae5f1845b5b0d07c87b80e55506e7fcd02af89a34aeaa2e858b8ffb039197b8e65107b50d602ddd37a303267bc07cffef96b14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
3c6b53a92791111d24f51665542147f2

SHA1
8c26cfe80b9c6e64f212d481ef5db2bdda70b0a1

SHA256
61537be45008047a4d3830fe9db90b906cc05c0144fce0847ff75ce4cf2038f8

SHA512
ca4a31bbc4d55810118ee877a56c32b2a08add01280791631b5b464285eac20fb35d292d862c2b2535ba47b2acf776ebd32f21f278afde1203400e93f822d425

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\bc9a9d4b-cda3-4f44-8f46-0b5b86f24177.tmp

Filesize
10KB

MD5
90438fee27b8185c6dab2b44443ee917

SHA1
f4e5f1e9adf2c7874d922e4019a18e7017de168b

SHA256
43132f56d4beb47ddc925fc656fe96b9d41de532debebc9e168e6f7a07f4993e

SHA512
a9c80880fb5bf80f578d299e182b2d0be3af1211435901e97880c5cb262970af20da420ab8102e80b3f81e9152ede21366a38bad561f34384168116c49503d95

Download Submit