218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44

Resubmissions

14/03/2025, 11:10

250314-m9yhdaspw2 3

14/03/2025, 11:07

14/03/2025, 11:00

22/01/2025, 12:48

22/01/2025, 12:46

22/01/2025, 12:43

Analysis

max time kernel
137s
max time network
141s
platform
windows11-21h2_x64
resource
win11-20250313-en
resource tags

arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
submitted
14/03/2025, 11:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

.html
Size

474B
MD5

10957f24772eea915bc129c12ad964c9
SHA1

875b9ce0b9fe2f519d28cc8a3e8e957db9779360
SHA256

218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44
SHA512

dd351894c8596e496a8e3ee3411e7b4a9cca1b9d13919eaa333c1b093377c18c93d8b2002b36027fb398685907b558a9021e60d8af51b2711c4452b1ff8d1602

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	msedge.exe
File opened for modification	C:\Windows\SystemTemp	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs	msinfo32.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\CompatibleIDs	msinfo32.exe

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\ECFirmwareMajorRelease	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msinfo32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU	msinfo32.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe

Modifies registry class 8 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\MuiCache	BackgroundTransferHost.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-976934595-4290022905-4081117292-1000\{4F716397-2039-4C7D-A959-6C18D6170BA5}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-976934595-4290022905-4081117292-1000\{FFE2F9EE-CC44-4B83-BC12-96E63544E26A}	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix	BackgroundTransferHost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	BackgroundTransferHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:"	BackgroundTransferHost.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3892	msedge.exe
3892	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
3892	msedge.exe
3892	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe
2736	msedge.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2120	XboxStub.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2736 wrote to memory of 1808	2736	msedge.exe	78
PID 2736 wrote to memory of 1808	2736	msedge.exe	78
PID 2736 wrote to memory of 2880	2736	msedge.exe	79
PID 2736 wrote to memory of 2880	2736	msedge.exe	79
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 5896	2736	msedge.exe	80
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81
PID 2736 wrote to memory of 4160	2736	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\.html
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x268,0x7ff8cf05f208,0x7ff8cf05f214,0x7ff8cf05f220
  2⤵
  PID:1808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1748,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=2520 /prefetch:11
  2⤵
  PID:2880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2444,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=2440 /prefetch:2
  2⤵
  PID:5896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2212,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=3096 /prefetch:13
  2⤵
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3408,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:4856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3416,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4724,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=3404,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3888,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=4648 /prefetch:14
  2⤵
  PID:2116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3492,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=4596 /prefetch:14
  2⤵
  PID:1900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5796,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5848 /prefetch:14
  2⤵
  PID:5160
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
    cookie_exporter.exe --cookie-json=1140
    3⤵
    PID:5340
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5840,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:14
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5952,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5960 /prefetch:14
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5840,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:14
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=6264,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4156,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6496 /prefetch:14
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7192,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5852 /prefetch:14
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7164,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=7220 /prefetch:14
  2⤵
  PID:5388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5336,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=5412 /prefetch:14
  2⤵
  PID:2948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6984,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6960 /prefetch:14
  2⤵
  PID:5224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6908,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6876 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=2064,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6776 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=5308,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=6780,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6736 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6864,i,8262677237233927955,809837484817574735,262144 --variations-seed-version --mojo-platform-channel-handle=6792 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Windows directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  PID:3892
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x2b8,0x7ff8cf05f208,0x7ff8cf05f214,0x7ff8cf05f220
    3⤵
    PID:4288
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1852,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=2244 /prefetch:11
    3⤵
    PID:2432
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2216,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=2212 /prefetch:2
    3⤵
    PID:5784
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2316,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=3292 /prefetch:13
    3⤵
    PID:2908
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4324,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4348 /prefetch:14
    3⤵
    PID:944
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4324,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4348 /prefetch:14
    3⤵
    PID:388
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4468,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4328 /prefetch:14
    3⤵
    PID:4896
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4552,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:14
    3⤵
    PID:2504
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4544 /prefetch:14
    3⤵
    PID:4860
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=568,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4484 /prefetch:14
    3⤵
    PID:3936
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=4752,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=4776 /prefetch:1
    3⤵
    PID:3452
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5008,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:14
    3⤵
    PID:3444
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4388,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=5072 /prefetch:14
    3⤵
    PID:404
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=5360,i,718948265632976948,15640206989036620770,262144 --variations-seed-version --mojo-platform-channel-handle=5436 /prefetch:1
    3⤵
    PID:5244

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:5000

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4416

C:\Windows\system32\msinfo32.exe
"C:\Windows\system32\msinfo32.exe" "C:\Users\Admin\Desktop\EditHide.nfo"
1⤵
- Checks SCSI registry key(s)
- Enumerates system info in registry
PID:4656

C:\Program Files\WindowsApps\Microsoft.GamingApp_2105.900.24.0_x64__8wekyb3d8bbwe\XboxStub.exe
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2105.900.24.0_x64__8wekyb3d8bbwe\XboxStub.exe" -ServerName:Microsoft.Xbox.App.AppX4j96ekjxtzkkkrmyx6aaa4hkpa1meyzz.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:2120

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:2572

C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
1⤵
- Modifies registry class
PID:6104

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
623d0eb0c4a36135a270354557aae018

SHA1
864d2599207960d2aedba50ada4a3b1b2a5a8b87

SHA256
52b485675b621aa85ff48f5cef95a29f845616b63d9a683bb7503f324cee3d03

SHA512
685e69631c295fee7ddb6bedccb9ddab7ac0fd5d5476f5236ee22d7b8af871f9705be8f30ec71b0bfdeabc69927be677942bf8bfcfbdb7ed1151e7dfe80105ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\64f00a9c-8474-4e8d-a188-45a2e4b772fd.tmp

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
a4fddcd46ec694f2131eaccde607b95e

SHA1
cb763ff810c29a57b61edcb34f0e732ac0c31065

SHA256
e556dba19cf8ed0f1cb14dea933f8ccc25577097defafde11a1ef1dd4be59aaf

SHA512
9013230422db7bef9f7d2d7f7c9d7730238a3ed1886e26f9486e5037888ed107bdaebe4050bbac06b36e645037621c280b34654ec82e8b66aca0cfcdd8c101d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
520KB

MD5
1aec8d4ce3ff132542f7404c22e66699

SHA1
ce47c6f4a566ab43db370a6a6e321c15e928cf37

SHA256
676b7653d1443c90ae7c78f32cd56620d8c3c0d56c356cefde2729d9f53b0e3c

SHA512
893b8971f6bf71515c8cd17ff4461bd547ce5fb09975043fde1f3ad7f45ef86907571e7d6b487eb3fcf71dd818d20075fd6ec5410a5a9a602c42a41844597b4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
2.0MB

MD5
5813853176f8802bb9996a55107ac3b4

SHA1
273adc1e774f05352d3961faaf86b512ec2645e7

SHA256
8d8a4200a8e2e1ad44bede229e75d0da288bbd6f3df0012d973c4b86d6a5f803

SHA512
aae5b5cfb286066773b2b7a8948df531a82902029a6c517067ca3b580e46041d58d6006c323c9d145e2b6f8ae40652a051887c1dfd7a25d70417c02ebb6b0885

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
4aa6e7d2c226d5ae93c828adef0b743f

SHA1
4f730e5226dc2f73182d7559ce972e2dbaa3c3ef

SHA256
5c47ba600f9e9a8a0d8a1f0c2b0b2e0d5cf073f7744ca7e8f6c1a2cd935bbda5

SHA512
e7078deada735d865413c5535cd0b612d30f91385fef5f8415df548439c1962088891e3b4c6f57799f7c10d248df5c3653eccbf0301f9a6dfd1e3c70142cdbcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073

Filesize
34KB

MD5
7463a7d57bf740b4310ebde6887fb8b2

SHA1
f648bea3398331df1489c0de0201edf3ed8c9f79

SHA256
23cef5c5a2e7698fe906862f7f79afd8531fc73a4313e6f3238c9e30d8592237

SHA512
46c2625f1136b0a1bcd5a0f04e24b0bee24fb77536ddca1763ee8296358467274123a0e8625a546b86adb3810cf5ff6d99ebb6a2f29c2b827e6e927157f6f127

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074

Filesize
50KB

MD5
038d3696701546c93d5fcd67446c6ed2

SHA1
0612316586a83ebbe4069a4ec72c3c3fa620b098

SHA256
46716865826535bfd89ba517b8cf0dac36b80fbe7b7fb6836a4753daa32cc67e

SHA512
0ba980c09589be0b1066afd38902ec0852af48f644051cf1d43b65ad329cce953da7ca153ef8540dce079d8790513ebed1584145b310044b052afa54048d8362

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

Filesize
50KB

MD5
06569e65d8b223c8fb86e281f4360bf7

SHA1
b4295f4227e3a615d22f2a50562d40867ef1ddc8

SHA256
d81e524144a4c7cc3dd4378a17951fbf7e3cf3d1d0b553be5cc0b50223cbaab6

SHA512
4d9dddd150726e343a89ee4626208998d756e59c6f57fd3d30478c820e73d211a53bdae4caeb19de76fdba71b9492838578df4d8bb5f87ec66c4839423430089

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

Filesize
59KB

MD5
f2810abebafc3f2fe14b55cd7d58c9a7

SHA1
ba703d825d5b4ad93c1d560ae9f8a3d3b02be7b3

SHA256
a5937daaa2647a3572e7e51e81818109c943e650042e9e4d28232b1549e37ad5

SHA512
6ff2683626558707c4b0e2c8dc71b7764d8806b6e97fb23a8e25c7488306cb8fbe69e7909c2d02e7fa9356a585635cfd6030b86b9fd9092336904a33a47c2409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

Filesize
356KB

MD5
80cc98886bfa93990d137c5e3d9151c2

SHA1
c016c6375e665b89f6adbc8af500276fc9322497

SHA256
9e15737b023a60b4ad83d3715154915fc2fd4a0d7278d7d0301b09a5048e3216

SHA512
1f4687af685a241c7ccdf5463925749c66725e6693913dd8595b0d94e81b07c204b67bdb4c2cdfe8db99afbe0086409ba75577e29572ac5d258ab218801d830a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

Filesize
162KB

MD5
7dcf17de5b450079d158b313b2658519

SHA1
85edbfc22e282be3e9875f923158293603672f90

SHA256
dd0c23ade21ea6c62103ec2f46fb94411621da5a5215123332465ce7d65e6261

SHA512
536848000b93696104c69b3abd8c23eac8f62bceb7d9c523239e56ee346d35f7cf7c8b6bca09a9d6458a9f8ae3363a31e13de0b585965b070ebca3a56fa9c2ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079

Filesize
33KB

MD5
79dd4c5d89d22c065d2ef0f9f9cbbc5e

SHA1
d71da5688ed1c800bc0ea6c06cab380f0cefcaf9

SHA256
eb5c73affc883894604789a9fbf74fb573f37ccfa466a51cc2d4adf42dc4be67

SHA512
b392aa1171b5c14843ecc40f3206f22d6c6fb919467076b20b97095e40a0b066206dc83afa65d622d6506cede24127f8cc8cef561d6a2f3dfd27fdc118dc9c71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
70KB

MD5
0dd3acf5f7540fe5d98136ac046225c2

SHA1
46a144a4166c21bda2bc00014d196bdab6747500

SHA256
2243fb2a154146f674e6cf9b9d5dffecf1a1363b51b5b495d0cb30ee4d2d6fb0

SHA512
28506d866684c5c66f3c4e8cfcfe8389294b07c15777ea35e6dad17a042545773a552d147f6b081d54d0e3aef8a07fd241f6f981fd3e297e0c73dfa00234cd41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
53KB

MD5
470aa45848f01eb1e4f984481302f46b

SHA1
95e2fff1e1f310bec7d54b6b7103cddd8338cdb8

SHA256
8e349d9355a73daf9118fd30106203cb76ff7387f4e22f722e255ffb5f994578

SHA512
0ba7395b4348bce2f047bc50affaabeb841e119f1571605375304576fea46379a932d0887d9a7106377fa6279221d6c1d88d8d44d980d237632b23f477153457

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c

Filesize
59KB

MD5
4d9c5e8bfd271febb1c39c035195b918

SHA1
2311a50287d0610ce4521461a0900dc9670ab561

SHA256
747e9da9de1fe569e353d2b59781cf7b0f2f844775f2e5e93b52d48bfab6019a

SHA512
fd529afe8d760f497e8fb625bbd3fa9efab4ee6af1a803199484879b625b1bee9c346fabb6e151d74db3c2f15f47721a96dfa57bb94d6cbba6bcc117d578bfd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
51KB

MD5
14ed181df6e1da5e0043f0e74d56beac

SHA1
1cfce75631f695c68b996d90bab28b8896ac0a65

SHA256
f6872bfd7ee2a8655f1974851c05e0f87ff7dfa707e00a00f2744b3dc2468cdd

SHA512
837ee3b662c282169c2fd233ed8b67ba577d0ea9d65fee850d0d0d11fc37317a533eba02fd046f461b3052c96d3270dc86363360b45d2ef53d85fa7a5c1c5ea6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
53KB

MD5
d3e7af4b6ca25216ea8f2fd3e82a8b13

SHA1
aa19227fe96c2c1fa27b1f5d028291219f8e505a

SHA256
f88f44dc16a51eea844baef65ee05f9dc1e606a7385d93c33d13c402c85e1f23

SHA512
33f8741e2f3a828d26a522b9af7a734a86af1a7b0fc06c0a403ef5fb89db630f9b3820569ee5867a8fcd4294e473e403da3d1069bd96804eef1367fc89332072

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
19KB

MD5
238ab8e5160faa6942d0b4709c9e971d

SHA1
345585f8574ed2c5a360f88d0e23b431bf1b4302

SHA256
fef494cc253c544d87c6876a3b65681e046e6c671ebd8fc1fa27af65c80aeff5

SHA512
553c97f47437ee64cf24479f30c5959aec3e4b6dde86597df75904176d250aa4e59259773f8c9c34ec8a82e667b74689aadf01e2a705562b312f99dbd4f7b72f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080

Filesize
72KB

MD5
6a6397ecaeed845fc4b91eaec75f971b

SHA1
6759fe4aa4754fef3744ec999c380cae3ed07b0c

SHA256
61e36489b2920bde2a22033f640a249954d1c761ca76e949f49d9af6a14bda42

SHA512
81f52ab92a20acd0b28ef72cf12675e183925ed74ab898971c96ef59c1bf3422ebc18c85ac310f10370f00a3139d419bdea65e7d7c217661a2d73cc621434656

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081

Filesize
56KB

MD5
5ae22e5a1ebcf27c658954fd415efe20

SHA1
e4a69618fb5de79e218ef45f500a8f9141633d39

SHA256
d8985e8f3d99ad9a2594c1203f4f12883f768f937dc2d1b059c243c0ce9a1cd3

SHA512
527e10b3153bc9fb748cfd9426f0444c039555f2a9c3129cae6a1ee9f96c108dd80546acbd0951b2f4f6cf83a3d696fc89d0306c7c021d83ad0e23dac1e9cbe8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

Filesize
74KB

MD5
b76ce74077bce28416944f903601d972

SHA1
c36670f30f3a6df23e589e392fefdf32ddb313fa

SHA256
be9a3e2037078ac6c8f960c87dc1b1c33299726cf74179fa67747b100f08c7eb

SHA512
2e5bcf4627d6bc415ccb2ec853fb334d23c553113cdcfe1d4bfa3b2dbb91002d46c0e8c4462d617e569d8916712a33fdbb94bc32e1e517d931d73119cae7bda9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
28KB

MD5
0d5a162d6c14e970660870f599bc15cb

SHA1
e03156ed73b6c7023fcb8372609e2bb31e88243a

SHA256
7adf0924dbfdcb62c5d1e24d8cb4e3508f571679984856bfea01ecafec1479aa

SHA512
786eb644bd9c74395089ce366a2c40c8692f7916b782a67461eea3c8c364d7ab3863035f22d7df984b935de8741ffe9ebbfc7338f4ed6c715fbeb98c2783e148

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084

Filesize
88KB

MD5
4adfb24689fb9ad06f5d102e5282616b

SHA1
37d0b105a1c17e759199340f267d3642b1c7c022

SHA256
0d56401802985eccf1afb442203525d8635d4d0441e57ac385bdd3134fb3bc0f

SHA512
c8186cc0aedee712ca149087f2cd4293a7cf0cf36089b2a2cf74422d3469bc1dc809d0827f53032777ee1cd52cdcbae002bf7f9b4ebc9ee4988e8dcb989afd08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085

Filesize
48KB

MD5
76753502f6a4fed03edd147ef24316bc

SHA1
cb13a604cfa7b8e0090b2dd328d8f844fcd3b642

SHA256
808e2dcb59cfd783abfb50bfcc858c3bae03a6d305a710eb2fb04ceb1b430673

SHA512
3e6baa4b691e42f82638be48cf5dfe6b934420fb4805ede5cfef8623c76eda8f014aa5753d39276a4abce8ca3f6eedc7d4d35689b5a02c62384b2c3bf03d1e00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086

Filesize
31KB

MD5
87842221015e026c59f155f05fec1316

SHA1
92fea1e57629980be2a563a4e07bed82298b0fe9

SHA256
cb9c400778a6d658e7a95be328c756197a039132b1f431ceca718ca9af6d96d7

SHA512
0c1c6bfec8359b76654c3d9009d47dcfa42711dd5ef0a0f12a4aa51cbabc1947787bb5ecab71d03fd9adea5a8ff6c43403e3d704525a2e0625658b1892f98870

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087

Filesize
32KB

MD5
3ca6746d3a408205486d80ac7b4e399f

SHA1
67ad1083efb38959e306c33b83892235c1ba3c89

SHA256
dae34d86cfe2ab33e242f09466483034c2f00b827df52d7e52879402cbebbcd4

SHA512
f305a957e101a1f592e9a105b0c5a195ebf1322498da137cdec3db25cd9ea75171db1b12347c8dccfa8a9bceb1a048fc90632d6e23815b3edaa3a244c05451ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088

Filesize
57KB

MD5
8657cca88e738e8834ea4d9237bd9bb5

SHA1
66daa84186408cb0fedfb72ae876da086d4d2f78

SHA256
ba19767257eb70731ecade32b0ad84ec52b76027a4305e3b3266c9aa2941691f

SHA512
332d07e7b92dc63c18388fd2d9751e7f8b4b07b46388da1cf791050c32468265f18a4f7b1ae7af9266ab14197b9a55642f1b72401608a7f3ab08a9b877e5297d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000089

Filesize
45KB

MD5
cdc888b3eeb3597b083e3f92679d8bc8

SHA1
196ac5eb8dcd18da97cd74034909feb8c8cf7fb3

SHA256
8f126f12f17ef403cdef803663037bc173dc457bcbcff06ca9a4575a517b0a3f

SHA512
f59daf627e9aadc838b47e5d26cab81d9cb3c0104362295b83294ab15b29c72983bff08f1645b0349f48cc1d12478ce4e9cd551fb261a87f278ed6cef42167c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
44KB

MD5
4b6876623466ed47971ef7d789639486

SHA1
6043f9da88b519c7d108791f5e6139c82e2b346f

SHA256
e6cb90f487a0976101b55ee0edda64a463e037d30d0c61bd3848d50ba3f75787

SHA512
ec22279fa787ed2b92b37f63ddeace31a4142702eea71579291eddcae4ca5655c374b62cc7bfd00c13bd74104852ffb67161db8d9be344cd011b888c766f1fb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
46KB

MD5
486f3c700c8362a4465871686163f302

SHA1
6f8942f693c49d9cad1393775c144035113fdbbc

SHA256
ae4017b559b98b0b7cc6e252f256fbb17d72c31b281232ace1d0d8bf5d246d41

SHA512
84666a2bef937a9a51820af2056b70f788dcd1fdc0bacd72cea0f3def71b17a373b9348f052ab727d41d50fca2b29e3483c1fd6800ae2cffcca9ec0a73dd6196

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000d6

Filesize
162KB

MD5
d21d4f6f4553e63b45a2c7fc4ef2ebdc

SHA1
74940df7e4a0f76666878c212267d2b0b6cc5a1d

SHA256
d6ec42dd662a63cdf3c1e391340559a733c62048344fc0b1d3790e796d0bc912

SHA512
7da912ae7bf7b812f1a25ba311d3e134a4f5bc86d4c95e9a465419ad272405884c7c0125e0fc94e99dde6775762d14bd9dc40a1bf3ccf4815aa8ebefcc2c575a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c911fc02260db5f9c73fba8504538636

SHA1
7a382433f2d8545fb79ec88dfd70024cdf7e875e

SHA256
e26977bb51b05e3d81cd14f3fb15c499e64505822fe970efc5d7d9f81904714b

SHA512
5da15da8eb83c5062ac84d21de74fc422ef0cda4dcae362ed29048db9f0c1877846f9fe532abe41f3fa08af3d67ad92d9fa475ca2312fb4726d45bab52b56edc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
3117cbec9242cd4848115de0648560dd

SHA1
381e5f030d1a64e05b085cd7f9f8cec98d82dc82

SHA256
a77a19a76b147fff044a20f17caec41626ccbb1d084bddd88e08a821241271bf

SHA512
974d308484a536a5d28868b521c6ee4de2f1179bebecb607321599a01e82327f15613a7144d178131f57f835ecc50e189222b5a59932d2b9bdc59cae9ba5e3e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57d83f.TMP

Filesize
3KB

MD5
01c4aacaef58e5ae17ee0a612deda259

SHA1
cd47a1234066f3c0d4b36282cb707e84c813eee0

SHA256
39c00c36e69bf76ec5ef689b64be2e42817aef355d4a3945858a6131441c2b04

SHA512
fb282855ff37231e02f6c837938aca69e719a8291fef1f0784ff240fc0251e9006af78dbb8406fccf6dacb880874c55bdc3c591798f7b493bd617607289c0505

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
88efcff1a895506b20ee271b4be0dd59

SHA1
56c8afbc81d369eedd6ac760f2a49f0322a53287

SHA256
4f0324641722b6d34feb439d5d832507ee380fe7f2b16cf672d9959f21bed81c

SHA512
1585c47e3967ce535e4cfa07414d40183c5a6ca887e3669c933c8099f2130dd2c8f8346acd67a797321ec86ce66b4fe099f97b9f75e6bfc872c611d6267f5f67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\000003.log

Filesize
22KB

MD5
3796146e96bf1b1539862d30e535ce96

SHA1
0ea6c7571cb9be310530ee6eb0649afd19ed6c2c

SHA256
5574a24b0969c6a304ebb36004e9b520b18d93941039950da050cf1198494662

SHA512
9954ac3208ae34f9ddfa43536f1bd669eab2f5294275badf73af87d88893475303659e188e196bef0ea3571dd98363359b47316bbc0c554a7cb4e73c93e77b49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
450962448a91ff4e5e37119fd7d0daa0

SHA1
669a3accddeb6e71f57ef7aeccd7562ed70ea52f

SHA256
dbd30152a21d89ae3b1e0854ff1dc8317143c47a16fad7c18775550d508cbaac

SHA512
c822b6e4b5fec64f8cbed16d951f1c931eaf3a7375476d88f1adf60bb663496fb02a6d9d728be519f62229c720da7b9436de1cedb6578ad1a3812f28f747de36

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
8cb3989287500d185742be921e64fae1

SHA1
653ed0dec5d1b1a86038111760212bec9169cfd7

SHA256
b6cd72c96cb3264d6bc08c9d19f4bf6cc30354d99d00b1628f79f455b8deaf11

SHA512
3ffd4ce7c35092f0a542429512c007bb21ed147d89bc9dc7bfe81278f89b70ed240f27224f092358a04ea541a18c08a3b48691edaa9b3d07a33428ff10577634

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
209B

MD5
f630d53327a7b6f578b3b769f2b1c6a8

SHA1
f9d907ed0a33daa2c0d9343fec867b93dbc57da0

SHA256
647d4350c184e894ca4c40d2e79eb1b1f32e0020d389639fae3b9626fdd74e12

SHA512
2a8b5737da811165e895c054318b81f1231e20904a563050afd3dd6b87d0bb11525ab8f42d21ede74d64b29cb0f1eda36ef8e22fcbf19d61913fb2706a40878e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
8da9bb049b978f1a5ebce88043d041b5

SHA1
84a314a2b2b2a2f89ace0fdddcdc8c62da7563e2

SHA256
206e1f8258834cf302e65ae3a1a1d7c230bbdd5671342f349092078e0cb7abd5

SHA512
2d065c4c278ab68029e3e52b0d4935440a8eb2f83141ce70e3c0d242d6dfa8354e89774904c03bd99a7fd4298a8b26dfcc5575c809b071e2e12e1282388b0a3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
0d494d38a08b716c9bf7220b3a743dcc

SHA1
75db625fed68bdbd98231cbd9086f918699d6fa6

SHA256
b662d1929548336aea56c96aa08ab956b987d2aa49ecdbb1398ed947be13f857

SHA512
09fbf16964b3a87dfa2148944eb2f12c959173c3a3df9bf0b42dfce7ae054d4b166bad53b8aac2a942a1948063f135942264bf13c360e5c45a96ff2602c50e51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
37KB

MD5
8ad58e07539c7573d400db7680646dba

SHA1
dcc27a5280420c5de29a81f2fa374fbb1fd277ff

SHA256
3e5a6d0f77e4f9a3c0f0799ca661cb097f843551c21b68079c931da1e1f193ce

SHA512
642303bf756f0278a2fc3c23875e587bad61790bde24181179b71666e2fb61086720bd9c90382cb91815bb73de5b99b7fc6ea60c3f7f0ecd3126fb88bae68b2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0f186f9e-f52c-4318-9897-cab08eec3639\index-dir\the-real-index

Filesize
72B

MD5
718fba16b9884e7c7fd9a9e95db5103b

SHA1
9d8de274aa8f053ce2ae742303f17885ac4b96ef

SHA256
2cc530e7ded218f2813c318d19407965e97c0722066532b01ca03ef5076439d1

SHA512
6844c2849335bfeab1d777ba0db78e50da9cb2d2286d608953a215f873f315b8e9d6c1eb6267b46cd081829efac12d5456b272e3bf5c17d09e8c90b91481a227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0f186f9e-f52c-4318-9897-cab08eec3639\index-dir\the-real-index~RFe57cfb4.TMP

Filesize
48B

MD5
801a01c46f8dd5b385ed3ebcccf5d7dc

SHA1
df59e0d65705cfcac3519806e7452910c6f5816e

SHA256
b2a00a25af56e7dde71a417ebd24d04f91484cfbff85973a4e76b23eee533e2a

SHA512
7658f263c6377b5148b779e5433055da1830c4d058e7841540c1225e56df6050bb620f9fa9abda8a1581af40b90ad48e1db4dc22ea9aa906f33937b77cde5019

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\1b97ac3f-6bc3-475e-be22-a694a7f63702\index-dir\the-real-index

Filesize
72B

MD5
d41964ae83600ae77426a7ecb8a4fe55

SHA1
546d93e7651d9675a86628e059c55b009ccf4dcd

SHA256
79f664e54ad13d6683a0ed60f61fd261752a8f0e639c9dbabb9a3fddc5c16b75

SHA512
6766465aa2f98d1b347340efeddf3d2dac218df5f3f2fabc5f54de921b6c2085ec961de641c90d097d690a50e265d09228a146a81f9bf4889ea2505d48b5a98b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\28dd4031-e536-4f63-a9d8-62178be28277\index-dir\the-real-index

Filesize
72B

MD5
2cf6fb6cf9f0054b689f76968ebca774

SHA1
87e6ea498a51302bcf0922466515856a9c8936cb

SHA256
014f61c0457b56f4f46a117909cb0769367335e5f7560eb0a5579f4dfab6fa6d

SHA512
cce3bb3aa76cc928c2841bbb64dfd510e5f47e81a38cb7f8c53d860c85bd1cc68fafa73c4eab56394cd32b93b807ee2ad60c04748eb34b9292ddadf9ad1da610

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\28dd4031-e536-4f63-a9d8-62178be28277\index-dir\the-real-index~RFe57c93b.TMP

Filesize
72B

MD5
0c26e3248d84b0cf5fb0cfed7dc4e394

SHA1
15798395e9c2de328113872d936024e54abe8c81

SHA256
215a40620ecbbdfdd2f8892f09d5555f2594712fcabfb65c68e34f41dbad85ec

SHA512
f8c09cfb09af6d606c630929e4fba555275eadd5a0e0d03dc8bf97687fbfb7c567f747aaf4ba8b9efcce98092405815c65ffcdb89a0bb3170a7a35c1a68f8c3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\cc6df4d9-21a0-415c-a960-a810ec9b1432\index-dir\the-real-index

Filesize
2KB

MD5
826b458576c1ed54b6bf80987b54267a

SHA1
f5a1b20c46d7584687f6248cff110fe010a5a1db

SHA256
86a28eb671b6fecb6b6894e4587e38c8a30e082eef92a7042af8ecf926db0560

SHA512
edf726a2a856405391b281dceb5ad54a30ef7e8b830c0b065037bfef6a7cd4387dcba40568169d08e6d1c67a17757924cc66de3058e2796d6ae024316857e2ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\cc6df4d9-21a0-415c-a960-a810ec9b1432\index-dir\the-real-index~RFe57dce3.TMP

Filesize
2KB

MD5
13d7f69db8699216bfd7a6725ca8e3f3

SHA1
f0174c6668169cf72b50e52cc943580ddc2e1add

SHA256
5c082a42c685cfe68dfed1ad6462e56487b7d39501ba489be1a9150c3178891b

SHA512
d21d305aed8ec1026a875114178a9441fb88232911f19edab0ce890dc0fd96452dce7504aa204f66fbeeea77f4a8cd69950fe2eb358d99a6c692635c9ea9a2ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
322B

MD5
6b29e6f16b580933f274e13e1f7de444

SHA1
b4465c3fee198fdd3c573c039e2dbc70efc66de4

SHA256
a9a740c7816329efc4a66dedc058bfe1008d99387933b0c040d67d34e595f974

SHA512
86370fdace5c676416f4206f5d79c51d215f246076ae254160aa3d23b61ebed0075aa24fe3f3698f7219e6cb26faa55f90de4494d33765b9969c2c7bc95df96a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
327B

MD5
2dd27445e5153430d608a56165086155

SHA1
634bd9bdf09cb610bc99bb17aed8abb2025cd493

SHA256
331fcaf5ae4625dd118e2a702ec907b3b8867493a70d7777a033ca372a629ac1

SHA512
18154c6383c2fca36510ceafac3582780145d6f00c88154bc5309976601c1c668ab6fcd2875663589089e20934fa303df18cd007060b4917a029892951f66e46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

Filesize
8KB

MD5
c9742e1c65b4d5a569c47a952727013d

SHA1
5ce21693ef3b1d0cf511f35ecbf516c1cb8d2c3d

SHA256
a0fcaac53f0f09939f62c1e82a87befb6af0591839b55ebcc4d3a122235e2291

SHA512
1ff9b303e0ef5e0ea31257be1da64e50a6ee61fd82c744e7d45c1004ff044576801024433683504977412e53622dd013d464a7800c3cf883948059c18c22bbeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
335B

MD5
3785df04f47f6f5aa6c07fc38c8ce845

SHA1
e3cf82579bb4cb4ef7a38b66a2b8bdebb021b03c

SHA256
53d97073938756888c90801d137ddbf1465e6bc357257226deda54f95e8153a2

SHA512
38f5f45eb4e73cd97c5481cb391638e5c8a410f65d8dbc72e441f8c596a7b499cc4103a6f6f6cca248f6b84f01ea93e1633f1a7cd5d24e25eec47f9bd859a54a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
4c8488b6fc268157b61ca1ea79d07bca

SHA1
428975919549ea6ff038a324d4b49bab16d786ac

SHA256
37273097fafba78dcc8ccf6c181c2f0558d2592bd879410cc62a600c0aea206d

SHA512
9c9b41feae0f7e2b3952eadd93e59062d6541518bd2f68bb1c54edaeed829fab0bd2e55ba085c79e8d814ad18f095a7e2aa59754f09bed1622f4e6ce6255adfc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d8fb.TMP

Filesize
72B

MD5
57425c7baedff4a1e7911816e17e1573

SHA1
69512ae3484806ccd29b356f9013bba3a56b4241

SHA256
6077fd0ba3400e147652fe751f920a417673751caecc0a9fd8716fc4775a35f7

SHA512
7246f06c3a67595d8976ca04f019a6ea251ca920407a8814dbaaafcb46d7d641f02284634451eca64dfec952fcd30b894e0705f8a0db663cf859f0dfeca70e90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
328B

MD5
7ee5b32480c7cc64aa34c6d4616847c6

SHA1
075d6421442ccde30c048e7f04752c10c025abef

SHA256
35e6e36ef85c32c0bd0354483c34704081294080d246929240c70971a25a59f1

SHA512
2e2c9ac72bfb9391226ff847f616b55478fb6810e34cd0e09fb6b7b40b4a610727da70efca0ebb8ddaebdfbe84e28ba09db631bdde19968285f45c5af2599c0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
bdf10f2f6b648028ebf5fb498b067d99

SHA1
8882b43c7c15aa5e5c1e7d3ee186d0cd9fe7106f

SHA256
157eef390d0d2d6845ce0d85e92684ab3f6f1d0e754149df0476f192d96bb37e

SHA512
6fdcf161108c25c56d74f26db99f2ab3bd6e270af724d9c261231c1d0a5b607f47af6737e1fb174866b628be885639c71e2ad1eaa1bf6f825e6643c50ee2f1b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
61a261757a5986fb460cf46acf5e1f8b

SHA1
c5a2af96b17041b701bfe4f376828668d6bcd540

SHA256
ad37b69717fac4e8596fb342f9f33580b6a7378b4232e0773d91ef8c9e48b599

SHA512
9973ac67e8c32ee1b76a683fe1071dff1f5e7d9bee379591d8e1a32f9d3b98b0e08193f3b12cf7fea37f93ce4dbe5624e5ba67b6106b51634b3d234c7022b96b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
9c9ca3fc31c0873300eafa6c56b78ed2

SHA1
8da0a2bd8352904c9a365e7952a1593828f6816e

SHA256
852d299a87bec25367f7d8a3e988d3bc717658a13cd7634c6b25bbd27359990e

SHA512
3c4b39983fec8f8cdfbbd7c6764b55f80f0d4714620c0ad35e54018a2484513f47116a375873b4ac4fda9c330d1186e1d587b3ac76ef9f3ac0ae3ecbd3f6f74c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
d5bd7033a9e62c7cb85be9a79dad3fb3

SHA1
ee3b2043116f49f294f0ceed6c73c92d938f300a

SHA256
6f09a73d2e7ec7f14f3ff94024db0e645be9950c2ec47ce3384adaa8ab8e8d95

SHA512
8366cce73ac87eeb20b36290816c1536b64122a7dabc8331fac2f7ccf36c41341ba169175090f5f280b1287e006be5bc3f0699c56b47201ccdad200e04808408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
460B

MD5
5e9276829999e476ef8f0999068db04d

SHA1
08debfad564626c52beee908cbed108d9ac25e9d

SHA256
c7e332ea97e7e91ebde1b7d8ec37ce34eefe0f4dfa84c4dff4b7844dc9a607d8

SHA512
8cdb1d799cb337eaa3c6ec7daefc375d00f13baeff7a40d9297be17f641153a76a86d9c9c0c8ed3c0b8a414842eb3e8f59434465e8ce4df4bf1d85d0c0be2127

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
464B

MD5
e96c20563eb154d93166221519241fa8

SHA1
d3f46c5fa105f794aebf65dc9e3a7ea50806561b

SHA256
d3ddec0ead86742e9943008213852e8c7492bc48f4ce280f5f4a1cf3def46bc4

SHA512
3ca5cebbbb6c2d914e06875785a40a85620dd41c1c4add948f675b226c432ce87c38aef1b77f94f756af84343f55235743ed07cf6a2948a25410958eca0e15a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
54KB

MD5
eeae4a681838c963d048eb966a704bc0

SHA1
92ad255a12bf851efb81eb8396b551435e12f74e

SHA256
8f45f32464c2697fb48136ff1a4a3bdc16cfc0186323f932e2c9389f8d42413a

SHA512
0db2592eca20a0a06fbe045963b90b3fddd4547a1026d48f14708cf32fbe791ee5466552fb18d1dea1831b0ab61f786f60c98b57ffc0e82081ca2e3fb0275ea5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
54KB

MD5
e7f1b90eccb38dac362b6e36cc518322

SHA1
b556a1ad48e313e97f666d26e55649f69a59e150

SHA256
acc735edf40549df4ceee38c9f14528a231f1ae307ce66d4b9dfac82fc25cce7

SHA512
59bdf431b4fc667ab548aa57e4bd983b3bacb28cdc108262485f29fb9e6b8ede4cedcc2a7b793798c36830214a977c470638e4d7a1c6f60b5293d586a9d915ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
46KB

MD5
51c4df1bddfabc47e68311bd44a42de3

SHA1
439d3d6e185208f38b5541c76ea0a04a2ac9d70a

SHA256
82f93b28deceed1decc01d8738b375dff63d18749de971d6343d9ba574a16834

SHA512
468c04104aad8ef52a4294eb8512a60891cab3adde575eb882f901d6d5471e76ba58c03972caf27e0a7bb961730f67af3251eb2b35f8116c6c1731578c75c303

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
128a0e9bb620c76dd0efd192861ad21c

SHA1
5f98885bc69e4bb14de71b526c83c0032cbb3eaa

SHA256
d062119de60ab382f6167f590edd1d4a4b0f82940942495a831a1de004004ab9

SHA512
9140a75b7ef197b864a0d062676730ae1dff077c87fe4c625b6a5dead137db6f2db9162b8e4a0ae11b94be3d25b75aee8fd72ee76497d69f9241476f70be09f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
48ec6be5125c23b3ee1c5c72c21fb83e

SHA1
10f1ecf15dd079c209151f755062e9153a8d2380

SHA256
a381236503f28051f3b7ec35b8d96983def7f2b9e28fc3628340130b700f26ca

SHA512
e01262de8ea9ae60b2da934baf8249182573b9885b974a7cfcc11e6a90d9f694e4bc9625a6d4bed425fd71800678abf638d0443d2e8f558f2f7360711ec08c6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
47KB

MD5
7d2ad8430bf79fff294ebaab8e2c5933

SHA1
a9ed91b4423dd93e8ecaa71e038726a088ac7980

SHA256
47fcdf0ea2ad1d78662094ed5588ddeef3e23197039d104d84f25cca17e6c513

SHA512
d59cea0b3e90c5b813a03636b9458cfee250920148714cbed77158cb8b0afe608c8f9a0cea4fe8f59b2c5d997521b078a4d2fb1e42521296a5d12761847ec54f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

Filesize
20KB

MD5
373353461d94d9e1a067b7692dce6ab3

SHA1
8a7ed838951e696c8dc9b498e5a1fcb9efaf3e40

SHA256
f9ea43f9f04db6074632fd917709e5e6a302ef5d6c2bef0792515f66a8669886

SHA512
ee9009273832a06c8ebca069e822db9eff13b1ec7d99abbdd12b0836b41c0f16f11414a6c5c72cc809080b8719a8622c8d124d94295b879e807896014c18a2cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
62cdf2feff47f4061398c007dbedd2b3

SHA1
df2ac8ef35a9d8c569cf9a8b1325ca4f74942108

SHA256
e6b75be400ae39ca17f57130c286de95413c6dcc3d106478dc13e54c6ba3c8d3

SHA512
b3c1f8e347f686f51691c89b83ac3a5f9c5c384928f310928bb2327c441e9f136a8b4dd169ec1d917778f8fb0ab4ca031785b332c8067f7546c89f4bc6b6a7d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe58778c.TMP

Filesize
392B

MD5
bf160638fefcf25bcd9b4999acd29984

SHA1
a6deef4ad9d5870c8a12213bb94b1ec6b7e9b7cc

SHA256
9147dda2da25aa3b94c258446852d53e4a852a45515182d675c21f7915b37ee4

SHA512
3bc899c7ee69b17a3ea0228b29f1483c6504a7dc77904d0381fce328e0bb426cbf41d0f3169c60111220dd4f0fcc47a7a87033fe55c3968452f61dd5acf34df4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\9bcb8b6a-9dbb-4458-aa2d-dc38ff024097.down_data

Filesize
555KB

MD5
5683c0028832cae4ef93ca39c8ac5029

SHA1
248755e4e1db552e0b6f8651b04ca6d1b31a86fb

SHA256
855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

SHA512
aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

Download Submit