hxxps://in[.]mt/8pQ

Analysis

max time kernel
90s
max time network
92s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19-01-2025 19:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://in.mt/8pQ

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1300	msedge.exe
1300	msedge.exe
116	msedge.exe
116	msedge.exe
4016	identity_helper.exe
4016	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe
116	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 116 wrote to memory of 3484	116	msedge.exe	82
PID 116 wrote to memory of 3484	116	msedge.exe	82
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 2328	116	msedge.exe	83
PID 116 wrote to memory of 1300	116	msedge.exe	84
PID 116 wrote to memory of 1300	116	msedge.exe	84
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85
PID 116 wrote to memory of 3572	116	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://in.mt/8pQ
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd480846f8,0x7ffd48084708,0x7ffd48084718
  2⤵
  PID:3484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  PID:4664
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:1664
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,1560133208450939281,8193006233742830791,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:4456

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
dc058ebc0f8181946a312f0be99ed79c

SHA1
0c6f376ed8f2d4c275336048c7c9ef9edf18bff0

SHA256
378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a

SHA512
36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a0486d6f8406d852dd805b66ff467692

SHA1
77ba1f63142e86b21c951b808f4bc5d8ed89b571

SHA256
c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be

SHA512
065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
43KB

MD5
7f2c172ca810d85c0596390b4ab21df3

SHA1
d4acb412e626e744609aa326247bd7eeec469bec

SHA256
4ccac6b00b8d6b7bec9886d8a23d84131bed955d995a37b5017196b03d1edab6

SHA512
961fd847cdc7b7c54dcb5ec19e3446701de454e9d06e1e2025360a1d0b426d204fb8aec90b854c7b2dbe3153aa66b5d90ba56f8ac6a8bc996177642d6f55c263

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064

Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
936B

MD5
da691df809acff4c5b08d367c67f2cde

SHA1
5bce1080e46768213c7b1f33779f79924384d276

SHA256
5d1a35795975c914fec197f2a96d2be20e5919e3864061b2433acc1415152855

SHA512
93a910f9a61c6f9b2b2e4fe4b4e6f2408a250541db3ae7bdc36a8dc5697aff92d6b385212fcdd76295b49e916e1ca5405750a6d2bc814d2709e1a20db5a2fbdf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
fe9930a5c34cb0bd2c32a2c0fc4f9444

SHA1
7b5152c6cde2fdb4d43e00a036290f7f5af75c25

SHA256
f8a81b553931a5db131949fcc1896e9eff0ffc8a8c3f8a0fd25d480686d5de76

SHA512
2746d15a80e22230599a64e76262dd0c0e4dbb8ea5f7bf5aaea8c188542400267006f62121c699f09a2ae78d79603b705e287e450b949fce6524af384b906e19

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
ee0703ea5a921b57245af13135fce826

SHA1
89c991694045d0f59354e816c4f7e919cd23984c

SHA256
1c716e6c4390e9648d449ccded9086b8f55689805bec394f3db1fbb952f22247

SHA512
27878ea05a50b55c77cc044d894d4ed1bd4e6bf67ebf2f10d71e952009f54457453f69dc0915deb7b174125be0cf3faa397f6ff75975cd63448682a927d065ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8facb6337be204f6acc3f0f88547b5ac

SHA1
d77dc37e5c15d6fd611cccb77d197c44518f8f9f

SHA256
3d0d155ee24a6ff972978c498961e5816b8cbfde76ace3e12ea03bdb8da8cf15

SHA512
61cb54590f9fce619a8bff55d761df82139c4f17bda7f770ee4ba9f2402b293240ba4f7061fb4ed04c7fc281dbb2171fe6dee2dfb157ecaac1c0cb642b6b8d06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
947e3dc68dd900d63e5f2fea9c1eabe4

SHA1
69bf60027d91ec7d4830298b401c218209c30c65

SHA256
a74b9446beb49a4c19434f7c7e49ba9c16a3c4ad8adaea25f22feb67877714e8

SHA512
248abcb417f5395e3809d8b3710818daf9f02b16d5c58e7dc3040973f9e860bdda4e45f9443ddeb089a4f0991712528b938af202cc0fd23b819872856c3738bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
3bf89aeceb941a0a2690e54ef88eab43

SHA1
94aaef0572f84b83c51d572d83771495bfb08985

SHA256
a7a08ec317fbf01aec49972b0b80b21857ff22066803493d967b4ee69521dc02

SHA512
23ac22f8a634c3a66d6a9b2fa80c878965bfca47936ab39274bc0176a3cfd4c5264f44ec59146ee9a915a7247ba90d58004a175ddc7fb517ef8a9c027662f899

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6dbd7bc4086aee3d04d69328bb09a849

SHA1
916383b23eeca58afd454b88405b7ed3c357161d

SHA256
268e88800a5b1f08f9cb728d99b358198ab6755d25452d1ac2fbca56b480e3ed

SHA512
577f3c0b4fa66a45653237e8261d050e7f5363d37f0ffca13f285620b884214dd1edf00df463d3414793e6bbe5c5a6461f762069b397352837c45fb788e22e0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
5f5c307f568d072a670b32311ed7ee8b

SHA1
95309e3beb29267a37f6808505681500ada0811c

SHA256
90e9dcaaea8970b604ea212186c0c2fd9d72d97beefe129078eb2353ea050f00

SHA512
caa9104403f99a9e45aaed289a763d2fafb58f84858501179605e3376c7ded1ecce3847fb7e2eca52c7210eb3db3ca031510c7d98a0dbff9c8623747e6cc928a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
39e52c67d1b9cb0f7eb049b8bbad2b66

SHA1
c73d74684717f91fd7b060d5be5f32f60bc8d742

SHA256
4d49b82a4d7ec60ff6b4ced46515c38bfd65ace2ef717c92e5c2e8eb62f85efb

SHA512
87f93f9f2cad2366663ab9c8a774e642b90937b3a4ff59d664c3e50acb403b713b0dd03cc7414ba12ad913bd6edbae9ba331770564f5ba474b6f49b9b68c3202

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581354.TMP

Filesize
1KB

MD5
54b61e5aa2414a56cdda1be9f7d2fe43

SHA1
aa56daf72ee5078489e89c979cdbcc88da46b32e

SHA256
97c40f20764aea8f770f385e09cf9cc861ddac1bc6501d378871e0f18bf655fb

SHA512
a18b3f2a46ff13f01a3cd9ea07e9a8fb5fdac6968362923c62f21627c33cf3cf5775da55476084538e638ba211f2b64a1d78b6cad9e87e2a1166e3532aec0db1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
140628a776af8d59515cc6635524ff29

SHA1
4ae809af9e4aa1b31ea4b9298eac3ce6281908f3

SHA256
a93867b6b1f1480297663220944c9d634dfaf87229a8e092523de13cff16bede

SHA512
29a3c825c51c6d8087cd2d2a6b3758003d7177bc8e70158314f36a4097db604d9bc4a57baeafb8761276b2a54cc921f5497ff0fb4860dfa544310aefb68502d2

Download Submit