Overview

overview

6

Static

static

3

Xeno-v1.1....re.dll

windows11-21h2-x64

1

Xeno-v1.1....ms.dll

windows11-21h2-x64

1

Xeno-v1.1....pf.dll

windows11-21h2-x64

1

Xeno-v1.1....on.dll

windows11-21h2-x64

1

Xeno-v1.1.55/Xeno.dll

windows11-21h2-x64

1

Xeno-v1.1.55/Xeno.exe

windows11-21h2-x64

6

Xeno-v1.1....UI.exe

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....-0.dll

windows11-21h2-x64

1

Xeno-v1.1....x.html

windows11-21h2-x64

6

Xeno-v1.1....ain.js

windows11-21h2-x64

3

Xeno-v1.1....lua.js

windows11-21h2-x64

3

Xeno-v1.1....ain.js

windows11-21h2-x64

3

Xeno-v1.1.....de.js

windows11-21h2-x64

3

Xeno-v1.1.....es.js

windows11-21h2-x64

3

Xeno-v1.1.....fr.js

windows11-21h2-x64

3

Xeno-v1.1.....it.js

windows11-21h2-x64

3

Xeno-v1.1.....ja.js

windows11-21h2-x64

3

Xeno-v1.1....nls.js

windows11-21h2-x64

3

Xeno-v1.1.....ko.js

windows11-21h2-x64

3

Xeno-v1.1.....ru.js

windows11-21h2-x64

3

Xeno-v1.1....-cn.js

windows11-21h2-x64

3

Xeno-v1.1....-tw.js

windows11-21h2-x64

3

Xeno-v1.1....der.js

windows11-21h2-x64

3

Xeno-v1.1....64.dll

windows11-21h2-x64

1

Xeno-v1.1....64.dll

windows11-21h2-x64

1

Resubmissions

16/03/2025, 09:05

250316-k2j9nsw1fy 6

13/03/2025, 23:43

250313-3qy8kawsdz 10

Analysis

  • max time kernel
    136s
  • max time network
    129s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250313-en
  • resource tags

    arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    16/03/2025, 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Xeno-v1.1.55/bin/Monaco/index.html

  • Size

    164KB

  • MD5

    001dcbb8f41cdcbf9b4d1e3a0ed4b2d2

  • SHA1

    982a05814546017c40771e59e7677b53d84787e9

  • SHA256

    f1d2c52f2803c29585b81d2eff74c56242d27e9619ee6d38081d5604c5bb1951

  • SHA512

    9a4eba2a9314b6f5851997e1db0ecfae8e40da3443d8a5f9df933ccf6a4d75fc330888c8d14818326e15b3dec9ae2f5f7e73cd08c3822dd7eb0b2d753c8cd8fa

  • SSDEEP

    3072:Nk4J09UmmJv8kBpZaFD48VOAGUWYPjDZlLJbRBiPEP8yKUz2Ojmjr8zM3KP7pblM:64J09BA3pZaFD48VOAGUWYPjdlLJbRBS

Score
6/10
discovery

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Drops file in Windows directory 23 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\Xeno-v1.1.55\bin\Monaco\index.html
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4472
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x2ac,0x7ffc195ff208,0x7ffc195ff214,0x7ffc195ff220
      2⤵
        PID:3916
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1924,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=2100 /prefetch:11
        2⤵
          PID:3528
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1688,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=1980 /prefetch:2
          2⤵
            PID:5404
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1672,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=2500 /prefetch:13
            2⤵
              PID:4144
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3340,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=3368 /prefetch:1
              2⤵
                PID:5196
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3348,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=3396 /prefetch:1
                2⤵
                  PID:4744
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4704,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=4692 /prefetch:14
                  2⤵
                    PID:5324
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4696,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=4936 /prefetch:14
                    2⤵
                      PID:4384
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5636,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5612 /prefetch:14
                      2⤵
                        PID:4648
                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
                          cookie_exporter.exe --cookie-json=1128
                          3⤵
                            PID:2080
                        • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5696,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5720 /prefetch:14
                          2⤵
                            PID:1456
                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5696,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5720 /prefetch:14
                            2⤵
                              PID:2136
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5784,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5792 /prefetch:14
                              2⤵
                                PID:4340
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5768,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5932 /prefetch:14
                                2⤵
                                  PID:1192
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6108,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=6136 /prefetch:14
                                  2⤵
                                    PID:4000
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6116,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=6084 /prefetch:14
                                    2⤵
                                      PID:5868
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5028,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=2240 /prefetch:14
                                      2⤵
                                        PID:3420
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5552,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5128 /prefetch:14
                                        2⤵
                                          PID:3404
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5200,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=4996 /prefetch:14
                                          2⤵
                                            PID:5296
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5988,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=5792 /prefetch:10
                                            2⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:344
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5560,i,10705400333249853826,12074049751607948264,262144 --variations-seed-version --mojo-platform-channel-handle=4924 /prefetch:14
                                            2⤵
                                              PID:4972
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                            1⤵
                                              PID:5088

                                            Network

                                            MITRE ATT&CK Enterprise v15

                                            Replay Monitor

                                            Loading Replay Monitor...

                                            Downloads

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                              Filesize

                                              280B

                                              MD5

                                              ae987eb15fd5136f2fa707a7b1f18abb

                                              SHA1

                                              bc4aa67ba8692031bfead4b653fc6fefaee3dbbb

                                              SHA256

                                              f5e0e4ee660e95e1c4f64d5aa134aacf9f7fa1a9b9cfaad10f5b57b24d331d1e

                                              SHA512

                                              fb98d55c498ab80b1f7886b56d0e652e648666bfb13c61c20d495dfb9f2e473e24821efc48f103fb0705e199e56b3e23a0bca82c0296d690104eb0d79032c0f0

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
                                              Filesize

                                              2B

                                              MD5

                                              99914b932bd37a50b983c5e7c90ae93b

                                              SHA1

                                              bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                              SHA256

                                              44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                              SHA512

                                              27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
                                              Filesize

                                              107KB

                                              MD5

                                              40e2018187b61af5be8caf035fb72882

                                              SHA1

                                              72a0b7bcb454b6b727bf90da35879b3e9a70621e

                                              SHA256

                                              b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

                                              SHA512

                                              a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
                                              Filesize

                                              1KB

                                              MD5

                                              c1df4573187c48f5e5592a411c80abaa

                                              SHA1

                                              628a14b7c5bc0dbcaf66ba149230bec34d1ee534

                                              SHA256

                                              10a16b07d7df2f37ac1be397b3a92be868c3a1ea841c7ab07af81a2e227d65c6

                                              SHA512

                                              95386b092dc8692dbb2fd649c80e614e48910b85de58ff2b18a986a2dd0c6f85227d5479d9cef9fa4a61f730686c0f0d963e84700f34eb5acb5c7b7f5a44cf9b

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
                                              Filesize

                                              2B

                                              MD5

                                              d751713988987e9331980363e24189ce

                                              SHA1

                                              97d170e1550eee4afc0af065b78cda302a97674c

                                              SHA256

                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                              SHA512

                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\e321844a-3c3b-4271-83a2-dbc9501d78e2.tmp
                                              Filesize

                                              40B

                                              MD5

                                              20d4b8fa017a12a108c87f540836e250

                                              SHA1

                                              1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                              SHA256

                                              6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                              SHA512

                                              507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              15KB

                                              MD5

                                              639f11447d2c8afc1cfb7dbf0cfe2eea

                                              SHA1

                                              42f0bda64551cf23f30a07fd50b1fe05120ed9c8

                                              SHA256

                                              9d641defce00d872d3ba49aba451f55e8652b5672c28ee3fa34d2810a4b298af

                                              SHA512

                                              eaa811bbfd49641d0842fd9ca0acc73bdc92cd1b5cf78e0724244cfdf79977cee068a359c76b9fa73027dd2d0dd7b739bb783ab401102dfb350eefbfbac611e8

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                              Filesize

                                              15KB

                                              MD5

                                              56494b5c002fd8122c62c53a4583e89d

                                              SHA1

                                              e635f471644038be9d3ca2556233a72e046d966c

                                              SHA256

                                              281079195975c78bb35534488e9f5fa39e1a41eb4a3d8655995aec1c68a09ddf

                                              SHA512

                                              aaf3818d5e41d32c6c9a9049900a204624cfd3b8959442dd7373ea3d94663608fecbc8575493a0d31da90c3830ae23707d5ae449defcc0ea61446c6f16b24e52

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                              Filesize

                                              37KB

                                              MD5

                                              cf0882bb559436e03c237becc7800a71

                                              SHA1

                                              ebf851074c0ab3c183ce7981afbf29f4bc461d9b

                                              SHA256

                                              57c42fd13d66cf1bc59836a2a8e3e20cf337dc55ca3602cf23747ac8ea09f378

                                              SHA512

                                              c1a037fbbb145c46d541178db4e8fa86b6816ce2d952266a3b68e9cddae229c291649ee1507afdb2f7491ff9169fe12cdf1566febbed58d250d922a068313bb5

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
                                              Filesize

                                              22KB

                                              MD5

                                              0fbe12a11c0207e94d634fb0a6d70643

                                              SHA1

                                              80f6e7d3fb1e7ecc97f2d272a71a2fbe170ff422

                                              SHA256

                                              66ce36909f3b03b0e758286b35a859edbb2d6e88dc3d1411f0ad11f0932c8d80

                                              SHA512

                                              90fdf130e47be9a82e10844d216deb9a39447070418c64c8ee0a68c2690e2e35f6ee1e1a1d4a949efd3b11b65a1e7225156b76920e6e03bd8b7a877acc5cd616

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
                                              Filesize

                                              460B

                                              MD5

                                              9d063295d048800ae2ec17f2ee7e4060

                                              SHA1

                                              d32d6183180763095ecf5c0a0cb7d616bc6ee726

                                              SHA256

                                              189d0f7997194166a90095bcd0255f8a960dfb4729e800e23d9ce3af60134a32

                                              SHA512

                                              730b6bd3f167fabeeebf8ea00be417e3e95660a14b86c4a7ec593056b71c8949fbf8628179fcca78756c5080a2ef271e3542400b5426e94c10d0a0d37c77bea8

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                              Filesize

                                              41KB

                                              MD5

                                              a228afdcc53542fd73cf18ef6124889d

                                              SHA1

                                              6dbfe505892a4db2b57c742773e46abdc34b7eec

                                              SHA256

                                              5c3399bd2a0bbb96daa9d16bc171bbd3abb33b59cf1040b05acb140a9e278d64

                                              SHA512

                                              84b271e196ced140ccdc7c0fe1935d849d617597e4528e2362fb422d5b4871b8490fb3355799be4e16a914e00f3151a15cb0de2900492e424dfa1d6bdcf20d87

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                              Filesize

                                              50KB

                                              MD5

                                              391570e121c9d3215538ffcf924fd8c5

                                              SHA1

                                              4a23ab10887359826cae40ef201a63ed05114504

                                              SHA256

                                              7d54cb0dd741a2f9f7ea797cd5723b20a94891f91d8bb52ccf39f72e47e467d9

                                              SHA512

                                              3e430bc0bb98a2fdd19259880792ba1122fb4afd7e241b9c4ed127b7e38671700b0c3ad993a5558b2d8cd0cc545d97b04cc5fdb5dfe066a6d83a30062d689411

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                              Filesize

                                              55KB

                                              MD5

                                              4b6b8d53726e0578f6d9f508bb673772

                                              SHA1

                                              a83f6f07054c6a0fb00c4c20c212353cc8c0694b

                                              SHA256

                                              1653f025795c2a412bd56b00cb9b225aff7b28f37566bb2a06d80211a4131ae1

                                              SHA512

                                              9f2819a303275f84afff4b7a1502e9fa198e163ee6e0ba6862ed92b26d60093c078b7b626b616ccb25a8b86de1a6fcebaeb8a6eb9475169a61699ce8f09bde5b

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules
                                              Filesize

                                              1.8MB

                                              MD5

                                              d7c9c6d2e1d9ae242d68a8316f41198c

                                              SHA1

                                              8d2ddccc88a10468e5bffad1bd377be82d053357

                                              SHA256

                                              f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547

                                              SHA512

                                              7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE
                                              Filesize

                                              24KB

                                              MD5

                                              aad9405766b20014ab3beb08b99536de

                                              SHA1

                                              486a379bdfeecdc99ed3f4617f35ae65babe9d47

                                              SHA256

                                              ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

                                              SHA512

                                              bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

                                              Download Submit

                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.3.16.1\typosquatting_list.pb
                                              Filesize

                                              631KB

                                              MD5

                                              c3ec8bf0a625c2583833a3340825f1cb

                                              SHA1

                                              582054710a312897117128ed59ddadc983525eb6

                                              SHA256

                                              7d10e035e0b2e152a1fe32a92b0b34295a979f7db2269cfba69d4aaf3401b77f

                                              SHA512

                                              175125259eb39225d0584fa4e3c5cbfc66bd22646cf32677f0eb7514a0abeb2c08118375210a69207be85e6e7ebdd9b6fa9a967d3c4ecd40ecd514e306873c6e

                                              Download Submit

                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4472_1645616603\LICENSE
                                              Filesize

                                              1KB

                                              MD5

                                              ee002cb9e51bb8dfa89640a406a1090a

                                              SHA1

                                              49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

                                              SHA256

                                              3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

                                              SHA512

                                              d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

                                              Download Submit

                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4472_1645616603\manifest.json
                                              Filesize

                                              85B

                                              MD5

                                              c3419069a1c30140b77045aba38f12cf

                                              SHA1

                                              11920f0c1e55cadc7d2893d1eebb268b3459762a

                                              SHA256

                                              db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

                                              SHA512

                                              c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

                                              Download Submit

                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4472_515110325\manifest.json
                                              Filesize

                                              118B

                                              MD5

                                              ffa5fcfeb00002903f6cf667e9fe6a3c

                                              SHA1

                                              ad765ea344c8cfd95a591da8259fe412e52d13b0

                                              SHA256

                                              dd0679c622258bad2e2ddaec3470297259dc68b55b8c4f4d7f2f28a378826217

                                              SHA512

                                              8da9b780e9bc6785efbd56b51a4decc8703c9f1d41b33469153cc0aea8190c1b6a9001128c6022756a66ee539086ad6f787da84b6b7082dc51939077365e7beb

                                              Download Submit

                                            • C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4472_567710446\manifest.json
                                              Filesize

                                              116B

                                              MD5

                                              2188c7ec4e86e29013803d6b85b0d5bb

                                              SHA1

                                              5a9b4a91c63e0013f661dfc472edb01385d0e3ce

                                              SHA256

                                              ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62

                                              SHA512

                                              37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656

                                              Download Submit