hxxps://steamcommunity[.]com/profiles/76561199269628747

Resubmissions

19-01-2025 14:48

250119-r6nwzs1rgw 5

Analysis

max time kernel
32s
max time network
36s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
19-01-2025 14:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcommunity.com/profiles/76561199269628747

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2516	msedge.exe
2516	msedge.exe
4588	msedge.exe
4588	msedge.exe
1140	identity_helper.exe
1140	identity_helper.exe
4280	msedge.exe
4280	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe
4588	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4588 wrote to memory of 1500	4588	msedge.exe	77
PID 4588 wrote to memory of 1500	4588	msedge.exe	77
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2960	4588	msedge.exe	78
PID 4588 wrote to memory of 2516	4588	msedge.exe	79
PID 4588 wrote to memory of 2516	4588	msedge.exe	79
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80
PID 4588 wrote to memory of 2936	4588	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://steamcommunity.com/profiles/76561199269628747
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8feab3cb8,0x7ff8feab3cc8,0x7ff8feab3cd8
  2⤵
  PID:1500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
  2⤵
  PID:2960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2496 /prefetch:8
  2⤵
  PID:2936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
  2⤵
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2824 /prefetch:1
  2⤵
  PID:232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,15029791872309384011,17565007836733468749,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
  2⤵
  PID:4640

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2060

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4644

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7145ec3fa29a4f2df900d1418974538

SHA1
1368d579635ba1a53d7af0ed89bf0b001f149f9d

SHA256
efc56eb46cf3352bf706c0309d5d740bca6ac06142f9bdc5e8344b81d4d83d59

SHA512
5bb663ede88f8b7c96b09c1214aac68eda99bc09525ac383baa96914ff7d553ea1aed09e3c9d16893d791c81ddb164c682dfbb4759ac0bc751221f3e36558a91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d91478312beae099b8ed57e547611ba2

SHA1
4b927559aedbde267a6193e3e480fb18e75c43d7

SHA256
df43cd7779d9fc91fd0416155d6771bc81565e98be38689cb17caece256bf043

SHA512
4086c4ebe410a37d0124fc8bd00c58775e70ab2b7b5a39b4e49b332ce5b4866c6775707436395467aff9596507c96fb4896f3bf0249c5b9c99a927f31dcc1a96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
19KB

MD5
3e7e1e400d14e56197fd989b2f2e1365

SHA1
8323a4e76e7f67a7a250b64f03aecd5eedb8bc48

SHA256
174a5fd4947101492926a9547cb568a9827807bc61dbf73ba3624a7c07a41152

SHA512
f3632feced2de0286419d29d99d59084de8fc48a76140ae255d029b29fddbdf9aa33f97b7cb403e4d26e13573cacbc4a1da1bde48009da5fb8db0f178043c85a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
16KB

MD5
8d76a94fa5dd196c8841484b51b55a6a

SHA1
c10f10abcb7cbbe1569a7fcaa0735d0c7162edd3

SHA256
fc7e54587eae1e220b419f2e2b4c0ffdfcdbb777edf67441e01ecb1032c8049c

SHA512
04da8db8734475fe4e0ae572751955b90f5340e66904b6dbe7c530f27b930a1d21b69c72611a1128ac85b4cba19c78d5da745e552b08d4bdeb0bfbe9042d4cfc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
32KB

MD5
ad6a2101f96364c2d3ee3c271b3964c0

SHA1
1e26ed208a7aa4f2f5740cef06feb2c13d719938

SHA256
f579e2672bb674ccbca8b5393432b3e19ae0bd162e812f8d59e15467a993ab67

SHA512
09cf9880c1dff13410e0537b6ea6f9f346315ca1dd3858f90a00bb01d541513e42af9a175887bfe414090ca612fdc8fc407bea3e7e2950d50f40a97ef2cbf66d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
27KB

MD5
1b426a95ceb50d255df9458733818c61

SHA1
7af69a7e2c5bd92650e794942d9398614b502fc9

SHA256
8b37c74dad1ba4db120faeffbdb3fe0c405bf9d8b2b488b81332cd564f88ac1b

SHA512
40f9d2c1f86474a951b5dffea502b2366b2cca4276dba18183f36b33ce9b72557020a7de2f0f467da7b2063445807c3724bb43b4a069d98e7b2b17c832d289b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
23KB

MD5
d48bf65711456911cf327c18ca2fb6a5

SHA1
3ed0ca9d1f469f5fdfc9f51612b0ae3071907533

SHA256
e56c441accbc0c0f8ca8554a77a32b0cd0bb9612cde3cdd73b1c89bbaf29b112

SHA512
83bf2f44ed404b078f8d3acebeaecb76b0780ad3954d07781694493a01c7464f0eec92b0f14cbccc90c5111a8058b7e1ff81bdc7090871f6bb6047239d3d80ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
36KB

MD5
4769554431a2506afde025561880c118

SHA1
e6823fd9fc77c5a4edfbc755075a43f207e9ac20

SHA256
b2a1e4754dbc123b4bb5aab6863d17b917f11e28f6cd82746cda511e0fd104eb

SHA512
5cb53b1a90d7b16ba89c5512b25af49b57c55c7aad4c4d84b0144f43249dc736d95f39af7f81cff6c0d5dbebd807261e7e142c8299fb0279266cd9ab057bd912

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
43KB

MD5
da712d48f53b91d5023d35df566173eb

SHA1
65d8691c543133f28a9905db5487dded997fc812

SHA256
34fce0ef5b23b259c3affad2ecb59396a83e43d5b414ca4a31b3d67143b16623

SHA512
7d723cca56ca544a2741c235e815c21403120d650538aff17b45a783f5e75898d29c090f623404b85ab7aa9929be81e0c6f481efd2d3634c31cfd0d899f74faf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
35KB

MD5
1fbd32e9f20ede9a107bca889ef59d74

SHA1
62e7aae7a2f940fd61f9a57bdc4cecf5b402b299

SHA256
c270f660ee700a6ea93978e80f16c803675f268810fc3857fe1a13565e7cf0bb

SHA512
6bf5b3b91dad7ed118507746552d3e2eeda00c5502c587dfeba17b089ff84f729e45b36e291d8107844735edc765a87d0573d00ed3275599a8a7e5f20ee41894

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
263KB

MD5
fb97f1f298025616d422578bd18462f4

SHA1
91a4efb031abd687c03c096109aa7d5f1fd7e0a3

SHA256
d3c24cab2320a57e27586c3b3e7bba98e6e83124370fbda0d51319b314f75e45

SHA512
6e5237655f3d20dc8285b20acc7336aa1b917111b8ea0b2fdc9fdea79b9d4c8dbae104876973adcba8a4352ad3cdd866eaa4e93fc0edb9e8dc973cdb78535078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
248KB

MD5
53a4ad3686eaaace9761aee3c25341e5

SHA1
995cb4c621195ae4ccf1606a46c173ef6f095418

SHA256
f726a2c056595b6bcc5df4976f5f0df0a96f3938b16926b660c6616874830743

SHA512
e59725c9c6b7e166f3dace4ba909d0275d83074ca71ba87e5f50e9384f90876965560f80570742d5491bc702f040e52d2eb143cd9750fbb081249c91e25be49f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
23KB

MD5
7fd5fab0e7895e8447f23a8f4108532c

SHA1
0e2c267a7f73173534e0a56756d7ae2e166f8050

SHA256
156e55cdb4611f78e920eed948f3c62b7091bc57da127305cb0573cfd11013ba

SHA512
a4596edc71ca187ca75a7115c7fa1014ae38712d5c36e0bc02a1c6dee0a16df87d1883513e7e3cbec07a4a53b8238a7a29d91cea63205e726beda0df6efa5074

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
25KB

MD5
65ed20fda15ed0ff8a90c36e5b1e8b53

SHA1
3f57e101c13e1fd9bcfbaf8da2c847248577a8c6

SHA256
9dfee61abb17e41d967b8bf7c4bf616d09df69e4c86814c21006bca3b540b2df

SHA512
7e755fa4cb420bfbbdd8da4bb78e88e2099dec5027889139fb9be511e3784fd3b3c8339ef3263990e66a967d52edf6b31cb4c6d8885c2db597c459eb7dfcb52e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
205KB

MD5
4a34d2b44120b8b518dbae030c15fb5c

SHA1
69e747723f2a9f14d4a0ff6a859043d7509e0325

SHA256
6f324daf146cd0dcc2c99ccaa8f5bcd6d0a3e52e5fdde560295cf2d7ba6324c7

SHA512
48c539b0cf4790f5c764285a8f23af3c3196eab7e4ec34c609ae4c1a41b4cc6d013b24d5db53e4fbf1c56c8c283debc9d275e78133fafd22bc69734e3086ea72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

Filesize
218KB

MD5
5c1ff8ba2ceaa9857a600c1591faf166

SHA1
30295716604b8c824421091be0a3e57a5948dd4a

SHA256
c8258908062d1933079e6a759953d2e4dd2baced2080e98b1106e16166cb2e40

SHA512
f02788216632c90cf60ba418fb97a6963680a83234b2d6138be6679711a2776eb05c4498c87048782d25a4b5f7c2b0442c4e388db417d46d396306d6562a383d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
229KB

MD5
aa7a2e2fa5fc160dd404f8c214506c83

SHA1
71bcade3236bb0c84efb41ca0ca16757b9a3b21c

SHA256
759cbf9b002a4b7649478bd8eb1dac3bd4790103ddc01e558e6990370061254b

SHA512
a93a8c6fd752caaeac324caeccdde3279ba64e0bc5f957d34c8d293d7fc9c06b74ba0953953bea920e5c8fc0948cdfefdbdf9441668c4f170aca7766772bee0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
1.1MB

MD5
131d06731c3d240f5985b12e67d6f374

SHA1
297eedc5a98687ac1413c397a68ef2acb80d1137

SHA256
7ee0714a0ffa443dfaf8a6f680d8218d02d89a5855f90b04ae20647387810319

SHA512
df9968395e43d1a632ad91ce2ab7299fc35ae84e15e7fc44d38b3fbcefdae910e89a26a67289459430bab9b6d2aa32e03edc599c6bce7a71899cd8907bc5e9eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
1.9MB

MD5
5ae880b4e8dd12a7289d7f4c6e4ea617

SHA1
18ec71cb7da1182d32164890bac8411a09e26e46

SHA256
517bb13f59987311c4565929dc119a6febbb3ef71505ed92aa08e0a09124e045

SHA512
39a6d954672307159f112df1230a0805c4a4752aab451e654be4a6fa2a3941572a611c11250f580bcea6516f76ecf70002b2661788564143a85999be225a081d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
25KB

MD5
21a3035e4db54d5cffe69a1fa276bd3c

SHA1
fc2d58cb2616e0491d58ee55fad16a53d617ef00

SHA256
c348a5356dd8066525beaa7ed341636b483aefa011008e3138a413918e48dd90

SHA512
171d06bd61038353736f40e6befdec02a8624bf11995f9d40b56a0cf723d348953301bdb51f66a166f5ff701232e487e188c49e0d77fcdbcab8bc3b60309364c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
17KB

MD5
d7f20e7973c054a1f9b6889b0d6c32b9

SHA1
5f7cd72f492ed2d6d5f7b325ca4a27588c35c3d4

SHA256
518bd81a163e773988a481b6a364dea4ec9963cd666a12833064bb6879f79619

SHA512
f26a0a45cb7072bde26cbaa9e18cdb72407cefb2f00c3b3b6e4d738544ddba2d48adc78dbd6f6ce3c3262da261c1d71b383f8653da6ec262da5770e150527aeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
59KB

MD5
8652059bc437134befc61ada70888b85

SHA1
1e312f2e43a2fcd9c0592aba6ff3e1a1d12dc78b

SHA256
4cdef741d3929b546cab793f2a671616e7f11eeee4908a0806836fb52e54bd5d

SHA512
dc105c757de70f495fddad3bfb6ade6995051096c71fde38531450a331386961383c4c19263e88c19d08ebecc346d61c754d6e3294674640c30764601794d069

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
30KB

MD5
8dd0f80de826bc2fe213d526eff65b76

SHA1
96d5b411fd81e734d53ef30d0c1d41ae05fa5092

SHA256
6dea7254f903a2b4dc7aa6a8e82920e68a5688d88ba840dfd2a71d5fea8e541f

SHA512
0414d4f2aa92420debad51fbc8a6fff4ac040bab42cf4feab461806559436bbbec5f36b839ab7a65b5aa4a68786176e7eef2f2935d649a16dc0ececea0271aef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
17KB

MD5
bb3ccde929720f9fb7558829ab478b09

SHA1
f3d8481f040320288f9c704628624f73e9366e43

SHA256
1b3a25788831e484632998cef62aa38696298235a21207cb2df0184608aadb67

SHA512
52e2693b817587dfae79debbd04b2b5926c5b594bcb02d6be7f9529d7e0c7028422866eb578f8538111e6703d7fa82adb868fb8d34efc59ee8309cc40ee0b11a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
25KB

MD5
29e3740c1147cad6ce9db06614520bc8

SHA1
c39485d8375bd281a372f01cd4ee0fdd68e9b987

SHA256
1e333df7f5a021191e724a67c5edad907a8f34b5a11faee79828778892f01243

SHA512
d65fcf4fbb5d7a6b3e1a663843ce2373fa33a71a8fa49012c67fc5966c3d6a2b9deb3d6cf9ce0361d493c828800cbf3efd482b87e56d47673c2f6e99326fcd0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
49KB

MD5
3032d4a6ef9c485b4508f01a2e932e5d

SHA1
19011bc6d5b73ba0086f385f5ce382049015c057

SHA256
eee684b1c254ad0458f2ec4dc64727d52b6527b158549a4cd0b09f4f3743055f

SHA512
5f43bd02cb146fa18fa90262e6b0cbc89470f3c00cf90e7dfbfff47d95b8eaa187fa0466bede9750d0327b87a2c6300f45257b00741b09e5418456c76a318e03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

Filesize
53KB

MD5
f73652072b5b3dac1b2a6e7ffe3be2ed

SHA1
474116acada166f19052cfa69bccafde5962ebcf

SHA256
a50a4125760eb09a6e7980652b3890ce9ffcdae37812a4d4bee9deb7610327bc

SHA512
37e46282a9286ab3b1b3ed58cc0ac70d04ada565a0404ec92df865774264cc285ebfe40a7848bf8083bcbc53136cb80c99c4d8dd7d710dae63333722363072ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

Filesize
34KB

MD5
f21cc452ab79c7d9d6e96585d302d33a

SHA1
7e941462733396f1b708a6f357e0fea7ccac8c11

SHA256
a34c90ae704ec587f4655d4db571989edc40e1d9bda3f4950dd420714df27f61

SHA512
f9c032ba1e8fbed8e041d340605eaf2524970bba9914560714f756bd8aa07d9c339d8a96d978294619ee39b95c2c292d8e792910f7f517c1c379da753d9ed1f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
20KB

MD5
368954b7720bd5902b36395382e9d78f

SHA1
2963b7993797eb95de1a2936d1c201f5c96344b9

SHA256
43900524f5e4aa2b4521872878efb58e01f1e826c8e8f360d2203700d0594cc4

SHA512
bb78f0fdabb614b260187e9ee7aabbad1479c12c53b07282c4c518de657cc63f3ceb665c7701c48736513ef035e5d1c5f905b934ea15a7b4427a414824446e51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
82KB

MD5
16ca19bfc96256c494111c29912d7dcd

SHA1
313c406189e9e12a557d7f9336c25a4fb3738ee8

SHA256
4bca85b48b8a7d55e7367da06da326a11ea80bc6c1367c578312de78be044de1

SHA512
605728480fa750cc0c350784faaf06378928c3667accb5c3d48bda6b2881bb4faf9ce8341b6e4159c66595af83ca2463149da3e879cb7c505b635403e2df6163

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
168KB

MD5
909db60ddefe384431731949a868575d

SHA1
08c0573061d9ad1b5c0a52c614828eecdb9e77fe

SHA256
a1f14553a9f2ad07312fa88ba4734f5364f331e537552ef574543beef1ed3fe0

SHA512
178df0009910f8a3044343e9575a9e5efc3584328de7ddc5d8dcb608ccc775dd85eafb6ca256f91981eafa7762b2e8610bc35e8791c435a3ecb7a5de9f8a0b39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

Filesize
255KB

MD5
6382ecf3182300083c472f015d71c594

SHA1
0c8f884fdd0fc3e61544d196fa29a93b918786c6

SHA256
7d4028e514e68ac2117264464e03250c3217b30e45f57401fbc21abb02a44653

SHA512
81f790081069e8377d1444dab8fb2715111717eac189818dd79edcc1df71a5c43d91651e93a9c2f0b2a4b1080f7765eb4ecb5ddb71555f514a9a6853e241a018

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
75KB

MD5
43815e60432cff3bc2a5b91f2e809820

SHA1
b1c6b4b849a7a9e32142467d1757248d78b2d52c

SHA256
96a2fe49e892b1fd7e56ca6a294cc1765abc5332ddc84154c2f666d4bcf25a44

SHA512
cb4e4fc7e0a9a2c471b89af536690a9dde5ff894201a64a7cea79a45a8f69663c03647de4546babaae02be97f9c225c6fb86a35b9b9c5bf6a697c684ca53757e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
135KB

MD5
07ade49a9e2cb966bad03fa3d8228cbb

SHA1
4465b36b897bd9c847674490433d3b4892097155

SHA256
52c29945ba826fdc71b7e9f16385f1d2cff2e47e27f514a687b7d3bc3d458da2

SHA512
e5f64c8c96f273a0699be1eb965b2782723a20338382f74fef3cd53cb90bf3250cea4dee6cfc49c5999f09590ef549aba52961af43a09929e7932143b360023a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025

Filesize
17KB

MD5
75861a1c2cb732737275b01b8a3d1b2a

SHA1
6245567080ccff551add437dc1317b93e3251dd9

SHA256
2e68cc5d72e3b533db9eeb76e79c5d0bd83fb78663782c34533580054651e20a

SHA512
a9c33af5664b73ff73b21894e564d4d4ee1b54c56ca8f8fe3db502b87176c281ca6b682d3c199771effda46bc4e46219c046f7918dc2f829eb1b0532c95ee3e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

Filesize
36KB

MD5
21f4955f4e7a07d5cae4a46fc74ab263

SHA1
3e3e25ca71bb03ce2c9b2a495b346b9653568b1d

SHA256
0870954849b1ccc0e6a9754cfbd3ce33f791cde77156d1f84519713ac47c37c5

SHA512
ec857db1522f15d6b769dc775550eb0023e27c080de45f6c091bae25b8524ed17fba0ca84af38459bb1d772bf479327b031e5ef677d3eb7f65c703c03fc70b84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
69600c157d99923cffe5c358d1d77b88

SHA1
af869f4a27b38c45c911c29fb2f0581e7758918d

SHA256
44657016bffed44f0596714b4df000990a7e61c7d546e0d61c91b95cf3a6a54d

SHA512
1472c7c24799686cfc4d5342302efc6b53d96a9ea0df38eb664b24a4618c35934a8f505e5ba08d7caab19e0c12cc0abeeec238dcec27220dd2aff249659d7034

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4c5e2e4a21fd4490d5908580f396ccf6

SHA1
81e3234a32b5e1554970f4af9073319f64ac61c2

SHA256
524e4fd8bb37c6f27a701fed79deeca15b158e45ed3901bfee0ff08f569677b1

SHA512
e6ad25402e0e07fb0ccc1761e15ac6e6cea0ccdafbb15064f598c0f8df26b73ff3b8150c753ebfc0b984b80e7b2635ba0dcb6d07e034d455745bada39668db54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
f4e2e60a1ad4237f9762de7a32a3f14a

SHA1
52bb8888f17fcddafec3e79a38e385d514f99cf8

SHA256
ba9270ce3fb38fa77ed34fe65c26d207e6590e523cad20eddc106b6eee8ff3f0

SHA512
5419490c49d4e3800ce5db4d38dc425924cac208c576e372e97b56c589f04b574ae308112d685eac8b22b68dc0f5dc1421a9b49f2303f056fad8bb01934b055c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
60814f4d27e6410aab62c58d0ef79914

SHA1
7695ce0094b03ec9a2c75bc391c998f5bbf71a28

SHA256
8a2a312d08997ffa0b587549fff338b1a400a1abd36fb4cdd671f6b2e6a10503

SHA512
cdf4def44d15c70f30f261ce90643dffafc70554686b8b61d99875c13e0664530790eff5c9cc84b95f2718c3d1e7759b2a6171de95c2e15a00a79516f879fca8

Download Submit