hxxp://melbet[.]com

max time kernel
145s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
05/03/2025, 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://melbet.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4284	msedge.exe
4284	msedge.exe
712	msedge.exe
712	msedge.exe
4924	identity_helper.exe
4924	identity_helper.exe
1508	msedge.exe
1508	msedge.exe
1508	msedge.exe
1508	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe
712	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 712 wrote to memory of 1092	712	msedge.exe	88
PID 712 wrote to memory of 1092	712	msedge.exe	88
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4776	712	msedge.exe	89
PID 712 wrote to memory of 4284	712	msedge.exe	90
PID 712 wrote to memory of 4284	712	msedge.exe	90
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91
PID 712 wrote to memory of 1028	712	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://melbet.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff96a9846f8,0x7ff96a984708,0x7ff96a984718
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2036 /prefetch:2
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4284
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2564 /prefetch:8
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 /prefetch:8
  2⤵
  PID:3348
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4680 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:1380
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
  2⤵
  PID:744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2716 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,7351116436748791774,2181437352287880707,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4436 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1508

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4672

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56361f50f0ee63ef0ea7c91d0c8b847a

SHA1
35227c31259df7a652efb6486b2251c4ee4b43fc

SHA256
7660beecfee70d695225795558f521c3fb2b01571c224b373d202760b02055c0

SHA512
94582035220d2a78dfea9dd3377bec3f4a1a1c82255b3b74f4e313f56eb2f7b089e36af9fceea9aa83b7c81432622c3c7f900008a1bdb6b1cd12c4073ae4b8a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0621e31d12b6e16ab28de3e74462a4ce

SHA1
0af6f056aff6edbbc961676656d8045cbe1be12b

SHA256
1fd3365fdb49f26471ce9e348ce54c9bc7b66230118302b32074029d88fb6030

SHA512
bf0aa5b97023e19013d01abd3387d074cdd5b57f98ec4b0241058b39f9255a7bbab296dce8617f3368601a3d751a6a66dc207d8dd3fc1cba9cac5f98e3127f6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
960B

MD5
9c29406080bb7146cacfc78f645f5296

SHA1
99303ed2387d69543059451d652dbcf7dd5b8e2a

SHA256
bf2675e52af47e4c580420859f3c8579a023a3bde79c6b2852baf0947ba1d00b

SHA512
e4a399d6de507d7c416f933fbd242c21cf4142f5d5b6ba336c93aa9fe45d367e04a99f93136b3a78c5607075c8576b0ed5cf97fa1e61b007dd247e452f02e0cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
4ec045ebf32f5502ec85d9f1d810d9e5

SHA1
3da02965e56ae545489ab4ba7b01683751cf2cf1

SHA256
5c913bfeee3e398b1a901694876d2269176b8128bd80ad01d1b38b7490ed8d4c

SHA512
e94e19fcb8a7440ce81e6aeec985965e5d8f322d68effb9c0469bb6e5e2a79f50fc70afc2e0ea7b6f3c4ca58a734603bbce4c121ee2b5d6c105579dd6bd8e783

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b929184c0b4f8a2a309371f9f716e801

SHA1
eb1b08fc6005ccb1afc877804964e178d5839727

SHA256
e78481c1827252a2ce3f3ebfa889e85c650800cfd618eeb1bd871a7c94afa2b8

SHA512
05981e9b8786a019c0d3af2f41018743579a0e6dd26a1d267919b5832fa03b630a461ddd61a8166c27ef2e5a737aec7ea527487fbde51d15fbf5ec865d559bc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
49a3c3977ebb50e5ff0d5e8a9df16d13

SHA1
ff8cda6287e36a60632817ec6333f0db21845b82

SHA256
6ecaef63c4e844e83707ed65f6e8f3a99fab4d41979d92f510ff0e1d2862c3d2

SHA512
a3a6dd2618c61ec68f952a5defd1949c60de91b68c42f34ab067b9284c6a74f2d99336cf4438d610a1b31920a3d505cdd1525fc672d95c564e5861815902790d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a3c66fdb91785c66ee88fce653973896

SHA1
6634862d65d7025686734c7122bd0666aa591acc

SHA256
08f5c1875c3e07bbfb091c3e3c63f8c801e0401a3e388453b831f10f38d93a8e

SHA512
4bb664bb18a8cae8b3d1616aca69a4d057626e294c1d0db37051719cddf662ab6c85df026eb1437ef421698f4227fcba2836cdfd117a0f2c1e5e58210bf46f5f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
e1a6698ec128fe7e82071bc99398dc25

SHA1
f1e17fad16fb5b891b1c62400223484abd59367c

SHA256
8d56c70e89ea9dee9373332aecbcad625a4c361f193d584fb3d97da4806e4762

SHA512
373c8e5497484934122b62db55128428c376a960a9de82eb8d2adee6460a0ce3b3f1bf7fe01aacd9143e0d2ac9db995914031a0175e220e8618d9ff9c49b80b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587e82.TMP

Filesize
48B

MD5
bc24f230dc5a0f8b8f9d765a4354c923

SHA1
3702f7125f2674125d3932d65f14f26531629279

SHA256
d60dd772563d362a9775c4d94b252de6f6dca47d8342a6e6bd51f6cdb1c390eb

SHA512
b621d070565487cc84834c7ea9140cc12911fe6c0fc2a227247c38fefd6716f59e6aa022fa42cadf09e754ca8694150a15682474d6f4642999cfd27932453028

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
85e7d600df59c9b5d52e3820368393e2

SHA1
716d52500385d4b291051c2d10ec9cef36aa4570

SHA256
cfbf028b28e2393bc49d3530c1d0e3e39db63d4f231c7a9dcbf29b3b5c9c7a31

SHA512
d943826a1430a67eaa95a3033a022881cda3a164b1db2ef3bbd26b18374c942da27e57065c70f39c7a45d4d4a6078a53c88bb1cfe8b989e717b734e5ed93d1b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a8851021544166314893f611a9d16551

SHA1
b8521c977573476bf21a489a550dd2295be2a9f4

SHA256
de00adaf544a422a94353daca5ff7c9cd0130e260b0b614c17a11e294f4662a9

SHA512
5d4d82199c7bf8213c17a5f0947f671c1e71f06b50c053c35647862b81911787deebd078ee772c55a9804d16d162957703d98969d2347bec515c806aaaf35fc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9f875ccd4e49f82126a457d5e34faceb

SHA1
2170d9e32cd9cebe4a464097c8da061318233d0f

SHA256
f9a341c2a014ca2cbbb0f90fbb7a180a85f289922bdc5b3fb000a1b696894c61

SHA512
f47152cf857aa18ebf95ee7ccf8f3c8c1af461866545e79588879d910f79d797d0c73f0f062b18e46b74c36235e6267fdf834f85e7b750a1c5cba634dd8c1604

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1297695d8ba21a65ad79df8b3e1d8376

SHA1
bf433ee0cda98994395f1a1ab5967728dfd44407

SHA256
38b458c1c2d8d94bd9d3f64f3c629cc841dde26dbfffe3c5264d5ff07dd14c24

SHA512
391c3f6ddcd65d90162a22792b0e34dca64eb272f8f08cabcc5ac0c79218f432f0806a5450d8c34347a41b15b154be0a8d91308d0362b45dc733f8d64c328c6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582287.TMP

Filesize
370B

MD5
18534f55af49f87b39e356ddd484d70d

SHA1
e9ecc218577776b0bcde64d2932f7d4e8a021b9f

SHA256
de87559e6b8dd18fd5413dcfdb5f9497b03ebd5fb39c5befae80ad89c8c622c8

SHA512
b037ac3946e508b06714abb9f91875da0a7a3c7fc56197b5530d93b67401c86228689466943ec52b86646bc28825423e93947068e7e823d9dd8a0c09c775b7c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
94c704056e91f55212cdd84e960d447d

SHA1
a0f9e12ff33b4a359e65ea27be168c28fada311c

SHA256
1d9b4095e9c5c6cbdad174c10f27f28f7c0115340580977afac1d55c3db48484

SHA512
a9e629d9fd0ccd8538609c85384ee5e22738223775c012d2ed57e1632ad906af042fde7c5f7be740a56305135d943b3894c3c079bfd7987a22897736268ce410

Download Submit