hxxp://melbet[.]com

max time kernel
149s
max time network
147s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20250217-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250217-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
05/03/2025, 17:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://melbet.com

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2732	msedge.exe
2732	msedge.exe
3744	msedge.exe
3744	msedge.exe
1016	identity_helper.exe
1016	identity_helper.exe
4892	msedge.exe
4892	msedge.exe
4892	msedge.exe
4892	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe
3744	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3744 wrote to memory of 4620	3744	msedge.exe	84
PID 3744 wrote to memory of 4620	3744	msedge.exe	84
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 1332	3744	msedge.exe	85
PID 3744 wrote to memory of 2732	3744	msedge.exe	86
PID 3744 wrote to memory of 2732	3744	msedge.exe	86
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87
PID 3744 wrote to memory of 2924	3744	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://melbet.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffb066f46f8,0x7ffb066f4708,0x7ffb066f4718
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
  2⤵
  PID:1332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:1512
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8
  2⤵
  PID:4144
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2192 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,18336727492130128465,15869524799596199406,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5040 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4788

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4232

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
56b88c052c247ffe0b476ec079b68d26

SHA1
f5c0ecc4db1d6d83c9b1211103923b5dcb422a00

SHA256
1a03ef362174c9a3f5863436aadb8f8430dd6639bfb6c3bbf57a9d8a502e12ed

SHA512
29f4f422a90dbf625d1b31a9f4a13fcc116fb489bc42d5cc2e504df89bc2d2ab4f9e63812232a30342b36d1bcde009605ff2f44521654c7e9d1e496bfb00efcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
960B

MD5
d391dbb3fd26eaedb5d6e933c46556eb

SHA1
49ca4c79ac01646aa55555ec4f37c2bcc4cae52f

SHA256
dacdda358fdf8fd0b1d86ed9fdd4627178c9d99eae2b95a45776ae66573ae8c7

SHA512
ecd22918e1f6263d51c44c678d81adefbb9e1e9d44619bf0a62876ddd5698035dc7187c12b9f35a9f0ea2d39e5b830aefc2b49544e6ed517e8a10ceb1bd5f234

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
11a2c2788eb66353d9cb9a4071da1eff

SHA1
fb2c39bcd74455c02045f531bf76490a3b7ea3d2

SHA256
e5fb234b042e8c91843c9978aff0625f9516894f34e7b9b6e8087845b66c1c1b

SHA512
bde795248040ef797c4c218b4abc8270311eb41ade5caa4963c40f7d2701a11c2d1903d05191f12983f0f34ff8c149e0b209f65134d89d3764612fdbd2e4e222

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
f0911df0edeadab790acfdecf3bd6ee6

SHA1
1675e5d6a3bc201c21abdcb8e52e357281b5d7b2

SHA256
c618115dea2f3da5418060d88d848277f9f387408adf27473821a3835a180d97

SHA512
79a5f12127f7c3c4f5ec3e4e7da14807a7e9aea812e96a63424503452c9148c89db5d5881f68cb3aea17b401ad15556d1541646737454037f365d414ed8ef043

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
89fec8e34e09bd91686a32dcdb6cd61b

SHA1
ce89c10b75c5c6b6a5229177515b68a8ae536c81

SHA256
ba1dda03d302fc1dff93c0c60fb71f9507e492e1e7f584e4b2008ba67045ded9

SHA512
627d2c60d9e3cdd6f87c5edaaecc67007a6f61ed95a5177129adb5f00416dbe32f058e3033d7bed0bad3fac4585dcfcc5bf02beef7427102cfe97abcb0e74b51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
8debc56e7a37c88f9bf424851d1d90a8

SHA1
4d7370ae8e84e2219ecc60bedea0bf048c0c4f70

SHA256
3f2d567d00b9f8aa3f068b437e0b36261cfc631d943e588f46e6383511caf67a

SHA512
a9afae34604b4dd0d8808730d3838f1e7fe8573ee62caad1cecce49c4281d323d397156b21dd5b9d03dc05630782e01c912959e66fb8c43a2315c380d72dddb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9127ea601aebee7b84ddfb1a6559d800

SHA1
7cfe0b2535c167c98802caf475422cb1d10263a0

SHA256
f67222b78385b28591346091e1a59dc653ebd5720d72c944d5888daac477f00e

SHA512
5188338542803131d7697328af4439f7f84288464985ec808adbf6d5d82dbb96725e6b107cd26fdfeebec4c938ec34d8d6b2a5766ec6142e8b241d32b9767ec9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
0e055f9f9cb52a080ecd532090703cd8

SHA1
f87d1a80410343155074fbbc7974ad4192af2397

SHA256
71ccbdb2018aa73d1b51e56e77e958367f17ace2122560b42ec613c9929f9c74

SHA512
3cac6509f42fa1e7dbb1773b53253a48e823e874ad872acff68f3f958099a8de35a6bb026a0bd9349209c6bcea2f50ca17e6d2908cdc32fbe1886d20481f5a79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
541c38e9fa026415e23998f4b6b90522

SHA1
8d8f98f6768a195dca0117117ea0292eb7d35857

SHA256
24f1d1211d7fc76c6ac8550fc63035e59cc7a5bb6c1d5768f4c520337e62a7aa

SHA512
fddc2cef41defd0102bdc3a5ddbd58819d34684034788f2b5e7c9b26db5f8b787359d5a38490baf734f7181c2e517b7243d54eef5130bb06593e3875abd3aad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
2d71e16dff6c37d2c7f75dee42b8f416

SHA1
419f4a1040004abb592f9644b168e73744e549ac

SHA256
5c9820a7c8a5a2292d349e43528ec99949a72fa558df651dfed891f4d1ab7c8c

SHA512
d98985e8c339e99b65e0b75d5047e76c9430693fb937cda646776948f9d294793eabaadf5c80d01386b357a2303f7de5dd0560ee6a9ab6e33381027815890e9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585b0c.TMP

Filesize
48B

MD5
40c5c27105e405140c260f8d9d0b77f5

SHA1
b3442065e5a9fa5791ba8e9a90a835fa8c875f77

SHA256
95e8e037a2a246e103b5176ba8a4237c73e5b3c61e15882b3d737829f7e20811

SHA512
8c7d4e66405ea7de8fef4a3f597ea370e3a9ee15eb4dfd059515628d520276874b0023faf1120f572dcfbe2a8951fb4229f0fb52c92b755fca33094fa659bb1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
27f9316d1f8e5ef594ae9270ef6bdc60

SHA1
eed6bd11884408e6f49d442625268af13a70cd07

SHA256
43611df3c98009ce774871c335fad30b7cb4aa525b8f4dfad72afe91126839fd

SHA512
d38f505256b4d92a7ee1040462f72c68a458fbb1add5826c6a85008fab9ea70df443cf0a03ca926d3ac0383ba4698b15c0d8a130114e519205a11749493ba86b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b3bccef06fa4405c7943594d130ca1a9

SHA1
96961d00bd57e117ff2d3db5060f7649363e79bf

SHA256
482db807acb8fd1624b94344958744eebf05c21159f22e977846e6161471345e

SHA512
4d57930b42d71de9904afc9f260381429d2e47e6b6cb29f3c36f52aad7829c84b5d9b0ddf852421596611f57805803dbfefe16a42019fed48ce905bd6bc24b09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3019a65b903b0c6a91912dd93e35da3a

SHA1
5429f8316230c18c9d72e2e218b2f4c625977484

SHA256
b8db1bac2eaef0b74fca454a09a6d2e17fc9c8b7ef0dbe5df4ca765820e13cec

SHA512
324d4db66a6279762a89b95d3e829f81081108d57fd4b8d06538b6979f95eff2f5aea1e7a48db1fddb847b3041cb6f21d0038ad4dc36328b06d772681a855d6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
c4a6f931a4d4600860edec9c6867de57

SHA1
a00ed9855ea66e27567ffa715d6a6dcd019b6e43

SHA256
2632f4a0cbb4e4a00c683c63f4dc91b5a9f3d3d742b70a81ebae37963ae4697f

SHA512
89609dbe1357776000803cf6044f31ab4c549662688d8c2a2e59f51c1573d99e5b518adda00093e83f3de03727d115b39a1f97ac6ca1627fda440eb4d976e848

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58056a.TMP

Filesize
370B

MD5
76067feea82a3fabd51054a9671445fd

SHA1
4c94e3446cfac0f62f340726199366ec77f2f7be

SHA256
9db1af45108f0b28e38f7988d6d999d9e1370ec33c538171e1204a91032b8799

SHA512
5feecc5afee79b5d4e926fabf5b9d264d955b3ab548d6c121e50e51ef88c92f0a228a97b053d50c3a38e8201b17fbb482cfd278c55bb88746621d0e9af681848

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
9887c2eb0cd8f29c6ef4c5733f56d422

SHA1
50df30334933fde5c1ffc2ae3c5dfeafcbd6f1f6

SHA256
383d9b0843337a443b67afc7de17aa94554c3ed3934e40428a71bdbfbe18fb65

SHA512
04643cf1d45e9b9ebd3bedd6c454a3037008c0475359b436d5e9d714ed453558491d335ea8101d04c15e89f1013d46a6f11674a2fc57fde11cd8275b4b78a1ed

Download Submit