Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    27/01/2025, 14:58

General

  • Target

    https://www.virustotal.com/gui/file/836d5b632aa1b5dfeba5ace979797635a036812692555494ccc13d8a27866701/behavior

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.virustotal.com/gui/file/836d5b632aa1b5dfeba5ace979797635a036812692555494ccc13d8a27866701/behavior
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4120
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff983b13cb8,0x7ff983b13cc8,0x7ff983b13cd8
      2⤵
        PID:2864
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
        2⤵
          PID:412
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3348
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
          2⤵
            PID:3320
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
            2⤵
              PID:688
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
              2⤵
                PID:2056
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1
                2⤵
                  PID:2608
                • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:5008
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4584
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4608 /prefetch:1
                  2⤵
                    PID:3564
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
                    2⤵
                      PID:2848
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
                      2⤵
                        PID:3404
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
                        2⤵
                          PID:988
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
                          2⤵
                            PID:2524
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
                            2⤵
                              PID:3468
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
                              2⤵
                                PID:2244
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,5069264250384327725,9181924950815378780,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1188 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:4448
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:1792
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2296

                                Network

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                        Filesize

                                        152B

                                        MD5

                                        554d6d27186fa7d6762d95dde7a17584

                                        SHA1

                                        93ea7b20b8fae384cf0be0d65e4295097112fdca

                                        SHA256

                                        2fa6145571e1f1ece9850a1ac94661213d3e0d82f1cef7ac1286ff6b2c2017cb

                                        SHA512

                                        57d9008ccabc315bd0e829b19fe91e24bab6ef20bcfab651b937b0f38eec840b58d0aed092a3bbedd2d6a95d5c150372a1e51087572de55672172adc1fc468a7

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                        Filesize

                                        152B

                                        MD5

                                        a28bb0d36049e72d00393056dce10a26

                                        SHA1

                                        c753387b64cc15c0efc80084da393acdb4fc01d0

                                        SHA256

                                        684d797e28b7fd86af84bfb217d190e4f5e03d92092d988a6091b2c7bbbd67c1

                                        SHA512

                                        20940fee33aa2194c36a3db92d4fd314ce7eacc2aa745abec62aa031c2a53ba4ff89f2568626e7bd2536090175f8d045c3bb52c5faa5ecc8da8410ab5fc519f7

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                        Filesize

                                        88KB

                                        MD5

                                        8d01de2259154e94f2475b5bde583e0c

                                        SHA1

                                        681cbbdb952c20c9a089fe21b2120963418de313

                                        SHA256

                                        32350800bf06f91e687af8303f77816c2aca3ada8cdf4e1e5af50b775edca6ce

                                        SHA512

                                        b6c192dc72c47741a5ff3d05b51fd709f95bf65435ec769ac18b9024fd6e63bf8ef6d85d76b44583c49371a452b4523dd59e84e1cf20c742e36142d63b93058a

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

                                        Filesize

                                        115KB

                                        MD5

                                        4c0b72f736c5800fdf26adf4e8cc99ce

                                        SHA1

                                        f935ac4c773108729c200ca90cbf199ee3ff76c6

                                        SHA256

                                        596d530896bc525d79623387c97e15609851b467f209f1ef7bf630bf58f64516

                                        SHA512

                                        b6380165f4b8556c79baf63512d6a7a5326e22a58a4b963065e48c1c884825537c9ce0bc4d81527e2aedd5c6d291b4e7caa98b5afdfe001ae34adc61dbf25314

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

                                        Filesize

                                        1.6MB

                                        MD5

                                        6cb2319600bfbdff79ecb282236a5e59

                                        SHA1

                                        1c9b0b4b36862b5fe8275c56fa6c46abb184a9fe

                                        SHA256

                                        3fcd5319c8b8e46622d5836ef4c3f9d7142e6a670831f992bd42c82322ea9125

                                        SHA512

                                        b4f2382fc0ff2a4652b7d3007ab7ab9a0a2b7cbeea556a40c0cf5a77184582213ba69a5c23564ca64bcdd193879ceef9956966aa2f6af5c7570f16fc997cae71

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                        Filesize

                                        125KB

                                        MD5

                                        dd95ee2dbc17d214043aa914cc8105d6

                                        SHA1

                                        2d8d39f5f1eb8a3910b1d95f882faaed8ca409f3

                                        SHA256

                                        dc297988471ca888e04ad838540e384ada05b33fe55cb58d7362013229c00919

                                        SHA512

                                        38afa0a25730913fd28ce2105a09ade4284a4ddc28da358d12493a6b457663edb1b8a658befcf4e65f05d09c48033bec0c6a0834225a11fd54e0168b403c276e

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                        Filesize

                                        33KB

                                        MD5

                                        f20d8515feed73a8b92424c2b9c67a6c

                                        SHA1

                                        01642c9b975538b3b219d95adde840c09a40e7d9

                                        SHA256

                                        fc6bfc6de25f96e31c0fa01b6c746ef9035900e6a0a1bbde6477617310d41a19

                                        SHA512

                                        5334172621bb287b692617365a83d5135c6fb258dba24581dce0dfbad7a237830635981b5aa8409ddac4d1284a09e8c22c022d371a7f7bc0572c7f6f04b92fa5

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                        Filesize

                                        16KB

                                        MD5

                                        076d0072ef9b37936f2e34aa923cae38

                                        SHA1

                                        52b818745d2c41da094580946d8876ace4a882c8

                                        SHA256

                                        ca66dcb45aa3063571dcd48139964a82c371b3354285f406f96815157334f01d

                                        SHA512

                                        0acc5b692508c3f944dbbae0d70d606e474b803aec87c6a75d34a2a9fea7bd78a5ae22331abc3f236f83ac509c0db34175100f082bdf91ee0a45f76b7eedfe01

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                        Filesize

                                        46KB

                                        MD5

                                        06a8c91c456e03f0192390c603cddc5c

                                        SHA1

                                        0391b7d875d533d6a0e5fd8b83fc00609fab2993

                                        SHA256

                                        50fe94c4a3b38bc83233d7b6101aad782ad509968ec465000b3d0de991526b56

                                        SHA512

                                        ac2f46626a89388725daebbc8afd09a64aa4ddf6817e3bdee3d057ae2336c37a7f85d92700a6c06dec49e8db06e765ce8c1f4149ff059f06be7715a73fde7c5f

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                        Filesize

                                        107KB

                                        MD5

                                        2b3aabdd9398ff5dd065d345707e905f

                                        SHA1

                                        02a7a91da44e8ee3115605e60e5ae16c3d06b313

                                        SHA256

                                        adfedc44073cf7357f999d385c6b5457b5595e2fab94d7f7ab84b4d61ee0cf6e

                                        SHA512

                                        da7ea69f51f7ddf953e78555cfa810e088c110d23a5d67d389dd4df6acc38d1fe55db6b4e0d5ec84aee4d66f7a2376d80ef0029a3b626b92c7670423213354ae

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                        Filesize

                                        20KB

                                        MD5

                                        87e8230a9ca3f0c5ccfa56f70276e2f2

                                        SHA1

                                        eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                        SHA256

                                        e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                        SHA512

                                        37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                        Filesize

                                        231KB

                                        MD5

                                        1587f4e92b14a98ffe71d87f03818152

                                        SHA1

                                        7ee5c47e9d8e952a26bb35e3497009470a2dbbe2

                                        SHA256

                                        73820ca50bb7e010d8de8d0a5e7df4b1482919c378b3d95f05ee13db13c31ed7

                                        SHA512

                                        8c8187462e6a1841f09622b8b716e4c8b331ac59f5b72724af7846d9990cc73b9f497d7b53cfacbe81667577071451c480c249ba3be66cd7e238c876efc03f51

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                        Filesize

                                        16KB

                                        MD5

                                        f84c8c896bcd4ada05b7946db79c399e

                                        SHA1

                                        745c474ceacbfc32a6eb20e9cbaf8139f0594504

                                        SHA256

                                        cdaab1091fbbf3036303dac04245dfaaa44bbc5b276c0377489c5c1b5c3acd98

                                        SHA512

                                        1f628da6803a877e11f46059e34369aaa8f475b9c313c1ea43fefcb91a908db6cc65e175fc1c0569711670d64ac521634b441d4443a55c4dbca8ee264077b160

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                        Filesize

                                        78KB

                                        MD5

                                        35a46116980c974751122a331d47fd84

                                        SHA1

                                        cd6e9014e38596c681641a27706124b5b69f86fc

                                        SHA256

                                        ccab92b9bfa43457f743cd83e454bcc63a768deb352fbad2d06d718eb2815a66

                                        SHA512

                                        aa4f484d3ca65525d5613243797d7e025e552dbd4e68bd9887d88d32fc6928c13dd7a47e8f97c77436924478d451445fa121d1bc1958a0ba94a2a05159345048

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                        Filesize

                                        41KB

                                        MD5

                                        4a686349993965721f090d158a10a6c4

                                        SHA1

                                        fb0f61ba49cfd7e213111690b7753baf3fcce583

                                        SHA256

                                        65451d12c37acf751e9f4732e9f9f217149b41eebad5b9028eac8bd8d2d46d8f

                                        SHA512

                                        0dc571487fd798b62678378c2dd514fb439f6c131637d244c8c3dd48d5e84267d21fe633c5b20578e621d5e8fe2958c5e58bc18ebe2d4731b18669fec4031489

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                        Filesize

                                        215KB

                                        MD5

                                        7b49e7ed72d5c3ab75ea4aa12182314a

                                        SHA1

                                        1338fc8f099438e5465615ace45c245450f98c84

                                        SHA256

                                        747c584047f6a46912d5c5354b6186e04ea24cf61246a89c57077faf96679db6

                                        SHA512

                                        6edf4594e2b850f3ede5a68738e6482dd6e9a5312bffa61b053312aa383df787641f6747ac91fa71bb80c51ed52a0c23cc911f063cd6e322d9a1210aea64e985

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                        Filesize

                                        126KB

                                        MD5

                                        9af6488572950c124c457a14326ce4a6

                                        SHA1

                                        27cf3406ac87a9037d2ed802f8a44e9c1f189ecd

                                        SHA256

                                        e34a6045e73402634364633053d945b5abec05055263772c7d5f1c357a046e0e

                                        SHA512

                                        60bf9442133d21d31dcfcaa3a023e0a02cd7bab649cf1feb2414ee3cb9a40d5e8ccfa2671045169e9005aa9f10d689d959e679e51de913c1532f9601d47b401d

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                        Filesize

                                        125KB

                                        MD5

                                        53436aca8627a49f4deaaa44dc9e3c05

                                        SHA1

                                        0bc0c675480d94ec7e8609dda6227f88c5d08d2c

                                        SHA256

                                        8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

                                        SHA512

                                        6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                        Filesize

                                        20KB

                                        MD5

                                        1435f3cfd01bf0f3c24b8983e6780db0

                                        SHA1

                                        439ab7ffa6f9d5b654710691d8736eedf2b6e892

                                        SHA256

                                        8cd3f9f312e86bade2e77eb25c28eba805707909441d49e29288944677ce6d47

                                        SHA512

                                        dded0517b2c8f6c6ea045ba87f3ae870df63843291c3e2219e7bdeb4e33baf360b5fdb6065f0566fd1c79253105574ee4ca8cb13a11f7e6a51bf20eacf03155b

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                        Filesize

                                        36KB

                                        MD5

                                        95f29b72de8350f10d35e9f5d4817fc7

                                        SHA1

                                        30abf249b743cc0d4053bbdf697277ec53cbccc3

                                        SHA256

                                        681f274dbe7827db79c311260e5faa03b72a9b0f8742a9419fbb7386dec7814e

                                        SHA512

                                        004ea83d712a52970f41b0eaa1240c6a99750b31b1f36c2660c6256274c97f38761a68580b361659e16f3f0064ab9e9087849f0708b31896a1619c8115027278

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8f85d71a2322cd5b_0

                                        Filesize

                                        293B

                                        MD5

                                        3dd9258f1bdab3ad1e1b064fef91bfc9

                                        SHA1

                                        dbc639ad34f08d117f6168121691bb18ee1b34b6

                                        SHA256

                                        aaf8f9dc0b86d67d36f3db3f11eb22161590baa6c1f3459e6448bdc3220ce6c8

                                        SHA512

                                        39439481f07ef0ab301e8bf0ec81b0e8dcf0a1ea5dc53e45be11e77829969cdeef65ab96a1ddf0e7afc7e74b1eb8ccc8c64b7cabee59194cd76e56b03ec05bbf

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\97a15a2f89aff066_0

                                        Filesize

                                        427KB

                                        MD5

                                        1be34f0a8614265eb57a9b9ce67fe49f

                                        SHA1

                                        141698a750d1e5780bd2795c7a4d015330539202

                                        SHA256

                                        d59ebdb6431d45a6bab13defaff1e5300eb5ed2f65c8eb7750f052848f047bd4

                                        SHA512

                                        2844db7e0958c135c930ca66dd7c191b50444bc0a07aebe25d690bbd313a8473bdb8993ff80342327ed5a938b03d6e24dc7f0cb238d790af66ab013049fbc53c

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                        Filesize

                                        1KB

                                        MD5

                                        4307c349b2fb4d891145cd7d71bab054

                                        SHA1

                                        891a5a1acf7c1f347ec58aaaa5347ecc00df4646

                                        SHA256

                                        160aea38004f36da74b93f393e4913eec5ec7dc2cfa1a0634e98da2d67e34dc3

                                        SHA512

                                        2860ed17cde13afe01dfeb8c716e9fd085489c4890179ea01fb84173164b76e676b0783aae3faab766c402000c99a0adccb72fe4256c0d32d6c5b9cff2c4b0d1

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                        Filesize

                                        1KB

                                        MD5

                                        8a4550ceb9a6950b3d287af08caba99f

                                        SHA1

                                        37f3a2a4ce79a90fd6dbfc03d3bebb6df46aa238

                                        SHA256

                                        3844869d11b22ba939de88aad2cf5fa8cbaec475dfd259704cb645e0a92b0bba

                                        SHA512

                                        856e4a2e7d16a09c1aa8d464e731ce7e84cecc113cfb137255637d1b437b72a299d60b87ebcddba1fd2a250b89fc0ad10f7a91159312a4c70d929c9fff58f1d3

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                        Filesize

                                        2KB

                                        MD5

                                        b116fc964b53661c69d42857e7e67cd9

                                        SHA1

                                        dcfc42e27425cbd9933455413f570e1e0e7301d0

                                        SHA256

                                        7a492be9109c968b1fc3d29f1b8954e9565fee6e680cb7c366fd30fea9335d16

                                        SHA512

                                        7b2fc5689c5680a75d44a31dd18fc93f24a8133c70ef83b0d030dfb6071eb770823fd7c9b2aad411cd0788066ba809e9f035f2235453a61d73beb6a8e2d06acb

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                        Filesize

                                        2KB

                                        MD5

                                        0e4d490211775ffe33bb6991089bf28f

                                        SHA1

                                        7c43087242db6fa5103668a345aaa8b75dcfdbd9

                                        SHA256

                                        825adb1aa3e8202ac11b7b29736a97ada5f576aa6fbf610197e6562ce387dcb7

                                        SHA512

                                        071c8f39340c399708044f3630c76489abbbd82160ce46d022056366ad98e9700152aae8a2861ac2a4dd1480c00215fabbcea4e954d7633eb7224ccec33ae02c

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                        Filesize

                                        5KB

                                        MD5

                                        9adc57de4f3aed478fc3327767bf81f9

                                        SHA1

                                        73d11b1a67ec1612d19b13b95e18209a3d9ca4b7

                                        SHA256

                                        991d5613dbab00b682e680219cfa49d9ab1b8b28047f58e67403981c01515104

                                        SHA512

                                        a71c187b4f8eb82b3a8e2215676a95a70e52e1c6ac933a11a75df8673e9992f4b80e2b725c4074fb258474cf573f7d938bc20f3c464f9dd3e345fa34176b0095

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                        Filesize

                                        6KB

                                        MD5

                                        1210df5cb67f8bcbbba896f912631db5

                                        SHA1

                                        c6446246d68fab722eb53f3c7120adf6429b8ecd

                                        SHA256

                                        738aec577fc16cbb01135b388b1b3f61b08451bf8efbe70f31795b82c5b6b5c1

                                        SHA512

                                        70b498192746179f6dd12c15b86a8ec9b03a9c816e15d2baad166ace15eb7e6a5532d04ee0d9bb2481bc0c3751a0ab4d62d66f0bdb72c1d2abac38ab855d7c99

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                        Filesize

                                        6KB

                                        MD5

                                        a851e0c5e779885e967786311dea9c76

                                        SHA1

                                        6f88cb207c2f232ee0cb89b3828d8307aaf64680

                                        SHA256

                                        d90c4379a3a6368698709e01152230ea0d9359f506f4e2fd4f17b9c31ea3c48b

                                        SHA512

                                        ba08dde025c38d034ab6819f38b7216de502fddd5ff282989246612ff0ecb6454b3b51426ba109e7dfbf6d3af8da5997e8aaf9cd65219f61321978da85047f8f

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\c2aeba8b-7edd-42f2-a983-990d6e52b633\31b3631ef85adfea_0

                                        Filesize

                                        75KB

                                        MD5

                                        d5990b09a4a8549f10437845a1eea760

                                        SHA1

                                        cada4a6732c338e4e26e2269560ed408b7e116ba

                                        SHA256

                                        a1da291dc62dc2ea1bb58dc86094914ca6d02d65c33da635901c524829c13398

                                        SHA512

                                        91d970a9ecf05fbe5ac5fb521b6cae4ae8104668660575499c7bc85deb1668fbcc3595740466aaa5e426c4977fea255e99773d7e8ad58b1430779ff5260981e0

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\c2aeba8b-7edd-42f2-a983-990d6e52b633\31b3631ef85adfea_0

                                        Filesize

                                        75KB

                                        MD5

                                        c8d449ce3328c7d1804a80656612282f

                                        SHA1

                                        92f93b9f4fcc64957d5226404f855d2a59e936d2

                                        SHA256

                                        35453b82c3de48bb4e9fe97f1e680ac333a3ec0b07af4bf3794d6c9debc1f94f

                                        SHA512

                                        8c83e65ba68dfb926daafaf950953fb5890ac5eeffcbba7f21db8514e76b282523a000fac0aa008c2863d718c3d1a1d59291f5ee8b5fef064cd5ef582e5c9984

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\c2aeba8b-7edd-42f2-a983-990d6e52b633\6aabe55cfde15c95_0

                                        Filesize

                                        23KB

                                        MD5

                                        b66313009a58f237ed3158512a4fd905

                                        SHA1

                                        dddd7f898bab2438f063bdc3d9f442bb94e12514

                                        SHA256

                                        00c14dd500ff5b21b8ddc6713be23e21e9ec36fdc4819117c6f9bb334165ca74

                                        SHA512

                                        1fde5edfa19d551ac53c1633657966adbe5c08e64fa73cc7667b37296dbd6d5681852eafcdf0f19bd86462ef3d45402588a49e2f58b5f27ccf27c95bef234b42

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                        Filesize

                                        124KB

                                        MD5

                                        eeb016df5d7588187162ad033d84a7ad

                                        SHA1

                                        89aa68d6184ab5959ecefd2a08ec5c0da6f4b692

                                        SHA256

                                        4991340c4869a1f04605c96b86324fba898a531ca15e183b2d5e4cfc9fb44ef5

                                        SHA512

                                        916dccd3370390d8538a1af8becc7f9d6b959fd199e5ecb96be1a429b867dcd4506ae39feb82fbc2cec94c89f1a84374d31d03d257331f03b41432e04c2ad29f

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                        Filesize

                                        72B

                                        MD5

                                        793cece831c85a8d5c3afeec19aefe62

                                        SHA1

                                        8b85dfcc4ad689fb0a8c740be27cb4d78d5366cd

                                        SHA256

                                        73bf0828286de2c4a4fa2418bc6b8e13e4c27b7ccfe5330787e4fb90fe1f2a8d

                                        SHA512

                                        d6332a87b3b0ba71476dc7cff9ef20fe2f46d23290a6213193220c9f23e6bccb110c56411aad832481e8fb1bd47d06f69bbb0116f317d7f471224b86db38f4ec

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57fbc5.TMP

                                        Filesize

                                        48B

                                        MD5

                                        7a5d67b4bb79a061e73d3db47cf3afdf

                                        SHA1

                                        f46da1f4349fb2d55005c3864513b02fd0d8219c

                                        SHA256

                                        b22de89647d3a7bc1b42be492724553b838ef628c7ce670a96268613906528e9

                                        SHA512

                                        0eef06f86030e7b4645618d0cf64ec0e2cd2483153216b399c3d52ba8916ae9bb19cc6e47d49fc867b444cfbe0aceefad4f297862b5eb7cbbb8456d278a252ab

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                        Filesize

                                        16B

                                        MD5

                                        46295cac801e5d4857d09837238a6394

                                        SHA1

                                        44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                        SHA256

                                        0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                        SHA512

                                        8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                        Filesize

                                        16B

                                        MD5

                                        206702161f94c5cd39fadd03f4014d98

                                        SHA1

                                        bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                        SHA256

                                        1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                        SHA512

                                        0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                        Filesize

                                        10KB

                                        MD5

                                        418da799d48d8cd722e0b6497261fcbf

                                        SHA1

                                        81aba6c6e862adbc629cf8486558ca3664f925bd

                                        SHA256

                                        80a3e085661e30e4edd11172873e317a01ea732abe5ebe9276a899d049aed233

                                        SHA512

                                        7e7b67ec40d40104f9815003957e1befeb04b4729206473f4f13e016434993aef4fed8ac3b3ec65b916c1cbabcedad09e065dab51924c064cac4ff00825d19b7