hxxps://edpuzzle[.]com/assignments/67c8c5284ee0ac33336e44c6/watch

Analysis

max time kernel
164s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
07/03/2025, 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://edpuzzle.com/assignments/67c8c5284ee0ac33336e44c6/watch

Score

10^/10

google discovery phishing

Malware Config

Signatures

Detected google phishing page 1 IoCs

phishing google

flow	pid	Process
70	4160	msedge.exe

A potential corporate email address has been identified in the URL: [email protected]
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4160	msedge.exe
4160	msedge.exe
4936	msedge.exe
4936	msedge.exe
1592	identity_helper.exe
1592	identity_helper.exe
3220	msedge.exe
3220	msedge.exe
3220	msedge.exe
3220	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 21 IoCs

pid	Process
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe
4936	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4936 wrote to memory of 3488	4936	msedge.exe	88
PID 4936 wrote to memory of 3488	4936	msedge.exe	88
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 3920	4936	msedge.exe	89
PID 4936 wrote to memory of 4160	4936	msedge.exe	90
PID 4936 wrote to memory of 4160	4936	msedge.exe	90
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91
PID 4936 wrote to memory of 4744	4936	msedge.exe	91

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://edpuzzle.com/assignments/67c8c5284ee0ac33336e44c6/watch
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed15746f8,0x7ffed1574708,0x7ffed1574718
  2⤵
  PID:3488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Detected google phishing page
  - Suspicious behavior: EnumeratesProcesses
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:3268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:5588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4756 /prefetch:8
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5724 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1
  2⤵
  PID:2344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3576 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,16542637107576046366,6776698156782854578,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:1540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4636

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1632

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fe6fb7ffeb0894d21284b11538e93bb4

SHA1
80c71bf18f3798129931b1781115bbef677f58f0

SHA256
e36c911b7dbea599da8ed437b46e86270ce5e0ac34af28ac343e22ecff991189

SHA512
3a8bd7b31352edd02202a7a8225973c10e3d10f924712bb3fffab3d8eea2d3d132f137518b5b5ad7ea1c03af20a7ab3ff96bd99ec460a16839330a5d2797753b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1bed6483de34dd709e03fd3af839a76b

SHA1
3724a38c9e51fcce7955a59955d16bf68c083b92

SHA256
37a42554c291f46995b2487d08d80d94cefe6c7fb3cb4ae9c7c5e515d6b5e596

SHA512
264f6687ea8a8726b0000de1511b7b764b3d5a6f64946bb83a58effda42839e593de43865dafeeb89f5b78cc00d16f3979b417357fa2799ca0533bdf72f07fda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Bookmarks

Filesize
1KB

MD5
d24b0217b240b53e72c4f7f0385914b8

SHA1
a548869aa848ee9649cd3c851afa3148ea3e6517

SHA256
382a40a2546d9557614c0797935c021538cdc8b7298bb613342fc7c8b5b30649

SHA512
5aafe955eae3fbaf310ab26bf15223c16b7f1f92f559d32cf75af680fc855eae4f40742fdc32e4aa056ff10a3c366137021feca2e42076cde5c5008625bfe2fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Bookmarks~RFe590c1c.TMP

Filesize
1KB

MD5
0e4c5a8c74be5233e53290e741ed2a34

SHA1
300bb20ea8295bc95d7ac6199ec76040274d24eb

SHA256
d7b1cdfeb9951019fb3df9be59ec469838f97729f9db37648215787ca2d8a877

SHA512
aabce49e77cdff328c861d08ed66d4ce9589cd2d67cf9e1b7af1874df5578ba9e3c3569b2b225280c965bc874b3d25f5c383247a0c975e6a08392ab491c87ed8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
21KB

MD5
29e5c4ac7faa171f12af2b523c318952

SHA1
9c19c6203780564bf446622983911b9fc93868d8

SHA256
b67ea16766060efd30d7f0da14be0c894a17b8055c96bb4566cd77721dd307d3

SHA512
87b9e5fb1cfcc200e534ce0da8a10ce05d4d908452d7b33dfae270206c2ea3cbc6a88978061b8229dc6358420d9bec72ad48cd0a72b9742ae1334b23fb04c85f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
85KB

MD5
2c872dbe60f4ba70fb85356113d8b35e

SHA1
ee48592d1fff952fcf06ce0b666ed4785493afdc

SHA256
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

SHA512
bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
333KB

MD5
c68f5540c26c71511d1149cfdb394245

SHA1
efc6554b917f01cd62c3725d2f632fe595e58363

SHA256
ff1d454c6346365ba9708f35339752a8c416ecf573e78b31f38361045083372f

SHA512
7ff38d94bf45b0ed8f9bb536939cb2fe5fa825d90260bf4c144d9925885a350b3dfdd808625730ad641e9c9e469bc32eb81d6959e630fb1d1f995a712a3ca74c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
220KB

MD5
40520aa30f51c2acc1c9575b80ce84e5

SHA1
52433490f7cfd210b6c97a1e608ceb999c9db052

SHA256
902e1d0dd52c0e658ba493d16ebd51b8344bb76ef0f85e54d27a759f23f16c14

SHA512
96f325185108e31f2a4fb942c6a0060304effebf69c042505db6858d7ca54e88e19e4a77c959019f3106706918ccfab0d1dea8909aea29b449c39687a6a2aea8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
1.7MB

MD5
e5bc0b7d0c3065dd992e94a05bdb6a77

SHA1
a96fe2504c46787149409841de5825299e390b6e

SHA256
e8b2eae1edbb022a6dfc24cc5dd5b8ad675a29a730348bd17bf1bbd3cee13e04

SHA512
ab6c74aef74730bc7aa20f513f4e704cfae89de20c3b1cef06ec3d685fc38a506a157b99bdd3eb8135899ab135e7096b545e0ed0ecbfbe3c0ca4f2911b73788f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
10.5MB

MD5
df8a88a7198adc15dcf107e4b01b2458

SHA1
02c6be6a9e66e341635f03abb3a3a38fdea0defc

SHA256
4a38011f3930034775ea03687c80403bd927295acef0f91eec56a5f8b1e869b9

SHA512
260880b08cda6d23972bdf8bfe9ed63351e0af6184f52d557e6440f3969b392aefc1e02784157ea6cc21c0f4bda04adc88754825969b0442a1d440983032af3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
1.2MB

MD5
9984518d38478d984116d97d9008fac4

SHA1
a75949903701be53ba8c1d39b7231eaed881fc3f

SHA256
7a11db1fec267851dc3e69bb3cc2afc39870327da14156526dd3a67677801666

SHA512
2eab9fd8e7f12cf28ecb2d7a071618c7692ec25ceecc0660d4784d60fcdb3aa9d823b8ba8317f2f91d708f22c99b945fa5130713c709d1a3a5045a7c1ae5e408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
363KB

MD5
541dad64dbe8cb7bf81ea46a0a51438c

SHA1
bf025ddfa5fdc62743096222d7f3f8da9cc166ba

SHA256
ef16b3ccc7b1a231dbff90d8af1291d8440eb741c27a5a9df9420279221c1f36

SHA512
4a2f4c005bf7500a2c9b34422ab02b07aba1655a0eec9457b35e90225105a21c6f96e7ec250ce6e787409e7245028d92a8e38b66a1381b807ed73f2f75190a3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
48KB

MD5
06e32a5d1e2d387ce562ee7aede8192d

SHA1
67f9d64c29663f6865d0d134db189938a92503cb

SHA256
46ec4156584d2cfcd0ea2dd2eed85a0545ddf4e30a8c20c26b2ff3fc7c065317

SHA512
0d1de74efa671be757ac49d1b864ed89cca90bd56114d79432ab91407ef5987d4f4573ef3f2e307b32601ab335a43f8cd1860954f986dd5d887a02ae37ea0717

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
67KB

MD5
cc63ec5f8962041727f3a20d6a278329

SHA1
6cbeee84f8f648f6c2484e8934b189ba76eaeb81

SHA256
89a4d1b2e007ac49fc9677d797266268cd031f99aa0766ca2450bff84ac227d1

SHA512
107cf3499a6cf9cdcbfa3ef4c6b4f2cda2472be116f8efa51ff403c624e8001d254be52de7834b2a6ab9f4bcc1a3b19adc0bba8c496e505abbca371ef6c8f877

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
26KB

MD5
1fdc7d5f60f441782b608e81738dbef2

SHA1
74f699940fb527aee9bf21e8d6172b769c549ff4

SHA256
a1538cf05238cc6c7b0ec08ccda41ca1326209b03f3942dfc49194d79942c738

SHA512
7e481bba26d4662c714b714a78e5a002f43803d50637983650b1827237dd7ca0d773fa1b8b016092424d1f7910e753993a8f04fa81d791f98425f0c5cd5c79da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
385KB

MD5
1d7e1793b4396e528948fddb506dd732

SHA1
995fee71edd7f3198ec43ee0c67e9198576a3e6b

SHA256
f4fb519f033bff69a9406009ac18788b5e2742dc642018ad21dad328f90b027b

SHA512
d4780bdc025f9ad7ed0fdafa2940b5f7acd178ec8cac0c2eb24cb02e0fa9e3e30719be51e36bc2d8de832c37c981ae5c8375a12f029389da64c1978d92dc19cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
230ed83bdf539327b85c7922b5b9b493

SHA1
7fb27040dc39e9b723bf3d2f2ab185e0b34ed306

SHA256
14dff9769d36291a46cb6c283e7e91b405e53692c6d329eb76dea81e2d99f0e6

SHA512
cb76e9438e93fdc166c1180c01836c7158c49d428b651c6af69b742272bc48dc3672b70dff4eb0fbad910d0e466717c8b86f83b0fa49220ba7cb3801ff883189

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
d1778d3b6913b690100f96db7788d396

SHA1
19bcb7922bdfd46fcc60137be2bb8c5280c769fb

SHA256
40a62d92813d7587bebbd1e00dec983ade51fdcd60e172c9d52dd688ae7cc54d

SHA512
37e333028920d81deda589dfa763b0c5fd805e05803433b2ecf64995513292ebd9112348d7f36329978f0f97d62e5b579b0491fa98c64eb8c2e67576fc20c4b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
f77e54867e75e09e1ac9bcb85e733fa9

SHA1
145a175d6dc964ca52818b5ba0c8d90545404f2e

SHA256
838ea91e6c1e6626ca35c4fd0ae2b46c4273134379b6f21e47e375b5f93e4393

SHA512
65badf0040c7dc3b20b632d500a6ffdbfa89a3c14ed636736e3bbf0f448876825eea3207dac13978d8d40f740465c78fd8d1fca4ed95371e5a7e1bedf1ccdf7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
7ea5cf12d450333c69b251d19f49e347

SHA1
2663f2c8a93a87f959177fb9ba46af5710eb1562

SHA256
9fa008c0b3e4fc87dd8f44eeefb590211699dc4a9bd92f7911c2b936bd003d29

SHA512
d57bb56d6c6e33cae40fc3472dc95e89e4d9a36f64dc823d7b55ba8299c0da18423144b9c6f4848c892de332bb8d06d3eb6828b6308f7e823a945bf3c3fa50b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
845cc965c219189055b22771bca124b0

SHA1
c372eb3a80899ca482d16387e07a88885f807148

SHA256
eaadbca284853c66556065a3154a73af4988c3758e75c1c6d00cbc6c1d16dedd

SHA512
1f6caee03fdbd50aa5cc67249eadd984b8c60ce05781566b7b9c7895375d067c6959f0e72b5836f4a64200fe525dccbbc0f90dc7bda64a66741194b2d7de98c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
2684e1ccd4041d68f04bd80922fc3cb3

SHA1
eff16a21bceaaf398b52e87e3dbabe35f93f99a6

SHA256
bff52c707411376728074fc367d263c6a61475a3da5942bd7cb5a54d2e151687

SHA512
816e904211f3b1125b90ad1767d19251dd6b805dd965bdfd6d4e9dcfd2cdcc69d847bff7fcbede333e60345c57ba8872e7e4c1f503842f3cde52d9238fed8aa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e2818c31fb177cf31141fb124aa9c446

SHA1
5eb94854b0da4b1a09afd5d30b53c7613c070c8d

SHA256
5a4fe3ec236d6526dc3c817090da3b9aef6887264480272b0081e0f48c28a288

SHA512
357100e4cb76fb934b604284885decee1389e3892d0dbab0244e64bf8b88a4c0a7fd4bed6eba1ced6dfdf30a3e7ab455d2f5434d3ca35c967964b34d32419318

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5f7068bb34f453e58ca7f8bb280635d8

SHA1
42af13278694b583dfd27565a44c8e0a46f5bb90

SHA256
7fd97863d368fb57c7925a5ed04515faa58514a3339cf5cabfd6b3c6a520301e

SHA512
45ebb917857f7ada37556da7a6fca24dae7ba81ae7c5f44392b3942c887393a695e22849bf3f5f20a6272886ba66245b5ce68d0b2dd2cc4d91be73c05892e38b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
5036801085e353c7c7e0e72cd343e17b

SHA1
605f0520c666c306aae1a492e4d91940a3318a27

SHA256
6bff749864d378ea1582cd323022f294e51739c922e9cc4089b4d9207c168dc2

SHA512
32cbc6df25de591d2798294113e4e4daf0d90c5a42d74059e9c49a1636437e2ed43e26e98ef05bc3873cd4fb38fce8c32ee5a91dfac58c2834825a43a5573dc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
775959b67995c15b1559d71b1cb37954

SHA1
aed18e458f43770b636c4112f3970913e9a505b3

SHA256
94f5fd288936e9b27cc357b2e5460c95a9892dca097b853947ef44b41e6e4fed

SHA512
a3d946d66d00f8d0b1276757b53980f6a4e186b4f4c47e0a8f1882451b1810bbfce7e603c341acebc205ab597b970c6c87c158cc08ec932f240d7d6030ae9b0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
e1a57691198fd3ba3fc8d274c805da08

SHA1
2bf060e4e5fd2ee6eefa549db9f4ff93d564ed7c

SHA256
bc10e8fdb5f13c5da4ad1b21637dec3f65ab0d341d14085a330f8e2d1d62022e

SHA512
239cd9ab0fb732bf5b3032ff4242d097f6e1d1886cbcf0554cdc1ada8d96570d250721f25ccb13e0ebc0863a4ead8af360c82240e50731ad85b885441994ce61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
c342b922ff4fbd8f79911a2af078f75d

SHA1
32098f3a06c40d6ca65d5645a8362a5e8a361789

SHA256
f97a5fc277e852b0a6c276cf976d276c2a9c99108654595b63c131f7e84a18c2

SHA512
7af08299eee389afe1322042c0047296cec0795b7acc13fbd927cc934abc82ec82319a2d9bfa47fc824985bd62a2287fd0e58672b4d8c0b9060d57ac8ae5bb45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c65d39c12bfd276b8e3f82a415ca64e0

SHA1
89f15fad7badae50a1da7528d6ec8dcc43244eaa

SHA256
7400e9588ca4d3bb1d59c812eb9732df89e2c2f64c9265a476608c8a74e186eb

SHA512
f04c0ecc9004b4e3a906b59cccdea0ac1f135303eda2b676f785404cf463b522b560d63c2ce96de809a50640ffe18fbf33175455903d95141d9e181dc46d6efb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\3a63dc61-4702-47ca-84ff-de16f81d813f\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\3a63dc61-4702-47ca-84ff-de16f81d813f\index-dir\the-real-index

Filesize
11KB

MD5
efc02edb65186ab9d8023a5924076318

SHA1
41cc2d6d346086423e55f5e9cf5dfe385d913244

SHA256
566cc075a920511b5915173e59bdc5b6475e7bfac059acddf33550a3eaed1b53

SHA512
4a323f71ab7ae67d517caf69f3f57e77757cd288f2167580a07534f373d8b72410d9aecb49f622fa6189ab8175b2bdf03f93961a96529ede3501cc31f0826c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\3a63dc61-4702-47ca-84ff-de16f81d813f\index-dir\the-real-index~RFe593dca.TMP

Filesize
48B

MD5
2c6c178165727843071168d0e1f97323

SHA1
dcccf994544b39ce6ee4ac3e875ba2018d53ebb2

SHA256
9d733da754215e9f88c66bfc17489f721d261439cd2d95071c56c894feb2212e

SHA512
cfbdbeeeccecad95df84f226e7f5452489a3b40ae636c6a5e1ce27dd220461f2ade130b445fbaf7ed2e67d5a7aa75bce55b0408e9b78958ed3112b01c87b8530

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\7b940c33-dbf1-44f6-b258-41069cede4b5\index-dir\the-real-index

Filesize
72B

MD5
462eb3202423444797e0f7fa4dfd2c5f

SHA1
1a494a043bbf4f54477f191ce073c801332409b6

SHA256
3d39fe56f5295567d90fbb26098eeb4b51a64fd55a90d58c40ac798258b0008e

SHA512
8e3d093c45f071846b6ad880288803d78183c86e0dec068bd5e88dc862581816e4bb782ed3ec0daf75cbdcb0540af03cfa3b265f236411dc530c27b374abad95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\7b940c33-dbf1-44f6-b258-41069cede4b5\index-dir\the-real-index~RFe58cafc.TMP

Filesize
48B

MD5
62b5644a98c51f4169f61b72ea374ae9

SHA1
8734c3c2bcae7c071e715afb4e2fac96689ff2c1

SHA256
8df297e8a754a3728b17025df915712296b6d8604eb85e094a7efcc1ff91f7b0

SHA512
98a8c7784d1910ac6be09e903e57da79aab164dfd432c14640eb5065529544cfaa714ec20aae5276d6056648b5379e5308e93dad6f3af791c0c7c17019d20e27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\ca5c7db0-b5bf-4f72-8dc5-10d5efbbf167\index-dir\the-real-index

Filesize
144B

MD5
42b05b164f2665784f4976b3057a5da6

SHA1
f8d61f11546c879d120d83d4e0405fd413c127fb

SHA256
438256a43247ad1f133fde7f9e8cbca2b63a1a652a791035ad5344b6bb604b79

SHA512
890f10eac1b1aaf03747495ed00f362570baa8bf0a0bc217bb0037a65b2ef2db2fe56be9ab7a9409956d3b026d8ac89c5c74c5617bd1b0df73fc402851462fc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\ca5c7db0-b5bf-4f72-8dc5-10d5efbbf167\index-dir\the-real-index~RFe58c8d9.TMP

Filesize
48B

MD5
06e17d4e1e89ad78e16f6cfc1db97fe0

SHA1
b2edf3fc8a30d739c7c5441b6f05a7e9b7aaef77

SHA256
2f71b5fc6f12de3a9fff95b827f9a826eca47bf8dc8387e4ed498fd16f455401

SHA512
426e6d131f0c7bcc7517d629291a379d9f300ac9783f7562fc35f3fa5ed48a5078dae47dc025aa73729d7a48e10847545b45e433aa73fb8630d367cf752940b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\efb3683d-8eba-401d-a3cf-a0cd712a308f\index-dir\the-real-index

Filesize
120B

MD5
b423b6da92c8f176d8d7511e49c32d61

SHA1
bd46bc80c6a1c447261674ff0ad2468c57027361

SHA256
9f3a9e16a4adce9f57d18bc524857d87db03434988c30452a9d3c1f637bd1908

SHA512
547f560dab4d534c862eddba015507fe4841b5348a3c804e8c50092aa979d53ee694a4855fd28e342e8895bbd955c49371a6697a0c3b3e1a7ca4d98ebfb52560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\efb3683d-8eba-401d-a3cf-a0cd712a308f\index-dir\the-real-index~RFe58caec.TMP

Filesize
48B

MD5
8c9642def3e7a86bfecd68e9a706a3a6

SHA1
f3ff11410cce717846da5ccffad6885f2a2bf0dd

SHA256
46261a9bd1b33b906c51f38de4f2315350fd22e9242713d0030eaa836712f4d3

SHA512
e0dcc154f8c239eb71786bfb1daf11e67cc192a3ddc164fe3073b075162a60a3c17b25bd2c78ee416251b4d6c19ae3e241e9fda4ae5f98c47778419b407da7cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

Filesize
130B

MD5
027420595eee74728af1f9629a0fd3b1

SHA1
b779f15199227104380e1348f0ff86aaa7e5d8e3

SHA256
dbadd9db8addd223a2a59a029971f4311e0b84394e5ab863333e344c78e2f101

SHA512
60c8ab36b325b799a095b0f58f91d08f2484c4d1c8e4dd0720f6d2279b7308cb780bd7b036ec0a06d36cdd1e23651438fe6d63d3f25d8c6de94bd1accb78bc7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

Filesize
226B

MD5
0e9a4209c94fe9b5c9b2ed0cd09a3601

SHA1
d90edd284cc1619836c7714b6235cb06be2d7298

SHA256
9f920b18fc8b4c535bf67234b81f4ad2b63c3104fb51ec5c49ebfdf6381d0331

SHA512
846f9d2584c862f49313dc2c8f9851e18fa99969c0137ef0e301219df79f98c2b3bc9383809706641d514947e5cd23dc97c90750a59a8ef7700ba839b092ffb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

Filesize
290B

MD5
b2e372253c76f5f7071f8c547008f6f4

SHA1
4ca2b1246e1f0a17771fe565d78e4a93b676897f

SHA256
0084c387b76b2f9b1d72fa1f305de58e99d3e6da989235643f7ce52692c7e195

SHA512
6f120226d36b598be1a698bda0fcd9f15f3d6d00ec9e98126965def25cf9d633707e630da9caf1b962a8e50312b86025367d7c026ea55a6a07bbc3e38b4c9326

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt

Filesize
354B

MD5
a713a63e5c38bf30a682a4f127f02b21

SHA1
ad61168151082d0a40280b8ba9c8c6837be602ad

SHA256
94d281794994954fc3172907491ac42e17de409be5fd0b019e041c819d74d095

SHA512
a4a0ee826ff93e87e79e282f6a71eb8a39fc329e6136c235369eb4dd199985e6a7db1110956c122102fa73ddcdb8d7b4a1691b0d81006822df88e51ef335a9cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\579544fd7d0441717f082c9eb123588966aa57ac\index.txt.tmp

Filesize
359B

MD5
2c7a8fa60b1e14e407cdfade16a1e894

SHA1
9f2697ef400bb36b41075a5092eabc8583266963

SHA256
62c7b41c0ca1050b463bcb4d57999d729b8f8e4e02fd64b0ac3bfe25a73b1d89

SHA512
9d5f4c7b74f9456394c2d8a4966644252549e48b01424ec67e5d2d6165af42bc5d4c4fe7d1d710a376905f88f9a1a558e32bde1e80c530cdb257efb20911b875

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
72e77d79998a1ed22037b0d7e20b315f

SHA1
49ceb205a8bc289ef24195d6069210d2c70c1f0d

SHA256
e2bbd288b1be09869aa3addb42c8d7fc5a52d28926fdfe379131c264b5d7080e

SHA512
1674af6ceba6959f30f27928f5da656626e5a156c50a799277588b8c451f760777b8237e5a92a7b4e23a170409702b46b03745e682b8564bbf5a4f706adb044d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58c58d.TMP

Filesize
48B

MD5
11b1696d584f1d18d30373574b51a1f1

SHA1
f6d8449fa336a75e00ec17354b01fd883ade7e47

SHA256
3ccfc26f2246b0c3a78fa104d866b363ae054501c486ec54a9990978be69fd6b

SHA512
49dff162080a8cc889eb63ce0408380f240df56d1db5f376c84e5b77c9cba72d0d9d500b79624fdefd8bc38329695e152a6f9f2956f1a740bb5e55c2c7aa026d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
4297fbe64b3444d585ff3387572f0b5b

SHA1
9dc3e02d425d0f8abb8641c0234f0d1d0420a470

SHA256
c13198680c8853aab6c730556339e97a7b1d6ebaea45db37e7031bc786b71029

SHA512
f87e74f0e5fca01a5384e32e5f8ec957e61bea4b9726912ccbcc01167c0f4b214bd6ac5a2f3b01caa52a6e8fd16b40b117a64fb3f742595ab790dd28230916da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
42411d1a013477553d1a3a8f9ad4913e

SHA1
e63cd80d84adf0e1260bdf394423a0c514a5c561

SHA256
bbefbc6ac8ea561df6c08e951d5d054a6ad81e8601e216568d205a30a9ed344d

SHA512
095237a35e4b29993f24fe6f9c73d2648fc00ff253dadc759a7ff9222a43ed0c99a1c873870142cdbaf6adb623a9f86cb61a5120f7a36fbad47d44437b8463b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
b7816da37fb241bf2142488e6fdcf2cc

SHA1
982ba14dde7a8b48174cd8b897b786d6d013348b

SHA256
4101770f7f64514e7ca0cd58071a1515a1c49901bc9c2b0863077afeefb42a54

SHA512
98c0d88c9a8579f0e3849f8bb578149590cf07bd02f11f5d4721ad1d7c1f3e9c7a75232978d5d3724b40bc36bb13b8b222bad4caa66a2190dbbd5d84d4942b1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
928509026000658456024d2856a3c605

SHA1
0f8b2cb0fe56d4658f74cb2f3aa67ac2d7165d70

SHA256
a037187952eeebd3925a6cb299d060c2e5bf80d0e1fe43118b2b9cd5ad040f22

SHA512
5d0a401673505dc3c86f67c01453c3fd238f7656d85c892821cd69fe77b10d8f5c7b51473e0cfc802497e11c141628af95621cca72ef3f95bb622c6c0956b850

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
03b6de07295c4472233df6ab49e1e609

SHA1
3d26f287e36ce7a72f555a1f1b076f4750e9f7bd

SHA256
f1ab33e8e709f20eeaf117b6fb6f3067917565121532391ecf3468744f6d1ae2

SHA512
e0bcb14a975ec93e6f7645d104d4f53b03ee90c8fa33999f440168eaf218897caa113d98d70c4f90364922389dad9777b67ab9c65eec8db51adf64dbab9edb35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7625b7e3a80bc409b7cc573c324194b2

SHA1
fe80b92aa5782182562ae9ec2e149419b3920770

SHA256
3e13ec4b6aec8b81ee158dd1f919e48c42d51439bf4d8ea231fe0f77fd2ab140

SHA512
9facc98baac90b1ead9a1437cc4fbe73e6809da150a01383bdbfca4d068b5754e35e4ccaef86f48a79ba34c080a01ccee0494a039376d2f6b6e822e3c10e1d32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
2cad241b4ad523708030afcdaec2b89a

SHA1
3412897f9ad6bc4e815a18d4b225168293dbaf55

SHA256
0e5b300f52810b60e79f7d36db9b2415713fd738d1051649e2519cae6a20b66f

SHA512
f6d81db49ab2d4b92d91f758e8279370f6026ceb9512bbedaf49d27e4ba28c62e5034712bdc2b5c2cc594a6324cdd4796f5533a76b9498dca0083dc41422d560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e4e1eee876657bd3471df9c7cec5e882

SHA1
1f2750ad7b8274e3419cb2c1d8445f48de37363a

SHA256
b33ed63752fb147af59e52da01cc9da151d6b0266b6afb35b3e491db6a4d5ab8

SHA512
4265c7648b799ab976c08460f66c4b1d935a263a0d99021673a50ab3ca88c1399c0717caa912731e7310e924cb6ca3aca681bf378290ced693637bf99a60f892

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
56da62cea8772fc8fb0db650508725f2

SHA1
41fa9547a9f109542bba2c4695b21c04f2283b37

SHA256
f53da7413cf1dbac32b4db4fb58675333b6e50ee05a2aaea0b92b0d0a39d5a7a

SHA512
1279cbbdc9459d69977b71096c2dc4c13ade13c375a441eebad1159285d7492250fe80a6f48eeef5406484a96a09cea4118ba0eab8b00b1a4cf4beb740696f80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581c2e.TMP

Filesize
1KB

MD5
9a34d38462e36212a90caf28eaae7bd3

SHA1
08219d264def2ebf9fc4d7f6c32d07e5585707dd

SHA256
9c40be0184394bc398566a2f60818c3a5862d50cd39ed368a4c0e7207051e078

SHA512
2510f8c69abfe6b90813087e8fece76a974e83648841925005af18963e9cc151301af6ca4f7e65848408bed37d422fed81cb8ae9c5c7a4d5733021eb03f7867b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8b39dbb7633a884f1fc302631afb5931

SHA1
9621dc1685e70410b26b790a66288903bd90d3dc

SHA256
1d5eba1bf5bf97c20febe0a1b678244295ee341477c51c1e797444a37900dfed

SHA512
001d1e6bd30a5a849e41f005c464b0c33784f8d84c9608bcd23c1063a08561b554dd45a53916027492aa58bd17cde0c9dbad66d62d9024d26e6746fbe8266206

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
12KB

MD5
fb2ca923e69413ec503e597f19876f7e

SHA1
698f9072bc1def0b1a3995a2af2fd172d4281f20

SHA256
3b83d42d2699900a5a04911093dd41fa1aa866b1a61c1c4f5d74a0f16f12c286

SHA512
489105d573c9bdde5d23c5d6c4f328ef8dbf5b1c2f4e8078b3586587fb4052e93a54c935b188dbac43c48139103e676f89aaccde0e1fa4f9bc9467ead4909af9

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
14KB

MD5
89815ed91ebcea64214cfac7cc450634

SHA1
b0f0c2fa55b0d5c3239f482fab4fca8e4983ff5e

SHA256
3d5f33dfb0a5f63d6d908dc9d3ba318dfb9009eb08be558f86d9de53114d4cef

SHA512
5fdaddea7fb022843bdff4d7ebd656c77d167300d6656689614d4fe6e558b947d9296bd385817511ee27e14ba646202567eb2dab5589c5f5b25de096a383d4d1

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
14KB

MD5
24cc5576824426730de4ef972952b5ec

SHA1
e437531954fbc97f751e6bb79d28b5fe807708a6

SHA256
ce00402068365c4e85f5a0b956364dbbda9aa6cba438e0e546cb444f1b0e9596

SHA512
6ea485e89d1bd15c5a8f833583c728c69cf1366bbc62f90aeeca7e8673f56ce407c57288bafd06d120b08ae4e777bcb8aa10e73d5e929bf6347af0159823f41d

Download Submit