037289c207c8e229d728f247c2d7eb1459fb4413fcd4fe662f74c711169a1e08

Analysis

max time kernel
40s
max time network
56s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
20/03/2025, 20:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

void/7dec88c2ec34b8483abc44e98ec843877cc5ae88e094c90d46bbabfafdf3749a.html
Size

10KB
MD5

ff5e80953341f1cb01a5d31fffcad2c3
SHA1

cf2b440681ce3c658ff734517a16cc13afa7ede5
SHA256

7dec88c2ec34b8483abc44e98ec843877cc5ae88e094c90d46bbabfafdf3749a
SHA512

bfe9629f07e9755b2df63d632f7eca214c29fc3d701c77ccf4b1eaa7f9ec518af01d141065af38bd242223344c518b57dbf8c9c43d669a191bfdeb22703a9509
SSDEEP

192:PN2x2BvekROFASf+mhf7h6RyfVah9OLgmiMMpIFaHU2y92N:AxeJROFASthDERKgIAUn2N

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133869751300529765"	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3342763580-2723508992-2885672917-1000\{0A26B359-BC32-456A-9FFC-41B34F6F25F9}	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe
4700	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4700 wrote to memory of 5520	4700	msedge.exe	86
PID 4700 wrote to memory of 5520	4700	msedge.exe	86
PID 4700 wrote to memory of 3208	4700	msedge.exe	88
PID 4700 wrote to memory of 3208	4700	msedge.exe	88
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 2152	4700	msedge.exe	89
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90
PID 4700 wrote to memory of 3516	4700	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\void\7dec88c2ec34b8483abc44e98ec843877cc5ae88e094c90d46bbabfafdf3749a.html
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x24c,0x7ffcb79df208,0x7ffcb79df214,0x7ffcb79df220
  2⤵
  PID:5520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1952,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:3
  2⤵
  PID:3208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2044,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=2032 /prefetch:2
  2⤵
  PID:2152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1800,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=2616 /prefetch:8
  2⤵
  PID:3516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3552,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=3604 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3584,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=3628 /prefetch:1
  2⤵
  PID:5812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5044,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=5080 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4912,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=3564 /prefetch:8
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=152,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:8
  2⤵
  PID:1272
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5608,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:5604
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5608,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=5572 /prefetch:8
  2⤵
  PID:5480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5932,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=6016 /prefetch:8
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6020,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=6064 /prefetch:8
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5992,i,7775742037450574389,1148875252599207279,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:8
  2⤵
  PID:2708

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4748

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
df2d1721cd4e4eff7049314710dc7c11

SHA1
f5aed0158b2c0a00302f743841188881d811637a

SHA256
ba336ffd1b01965d7ab0e5fac5415e43cb594139c76b19e4c0d9b5b3b67c1e93

SHA512
11fd520176193f284563c7d050e6a7ab4e9895bac49fdc05759bab2c8a69f224858ccc784b351fc1d3ee5d39345430f9234623c9390978d7daf6a08ff5576ef4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
ee6a877cf6f58deba23a21f74b673937

SHA1
a90ac2d05df9aa464f1432ffe5c84693413a48d1

SHA256
98e10aa172cb9d13c64579be2980628b718017266ac789ff04f97a27f12586e2

SHA512
e880942f1d8bab4dea7f19b962e6cd64f9f31b8446316891266a1333eab9fe0af81b397d4a0a885abe78021c05bf2b1be5945ed5ba7eb4829799ed478732f70f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
9b38a81d23e0195e518e947479159757

SHA1
f641bb459007def68e33fc51fbcef61f7c567a5e

SHA256
e35381d04d03b3889ba13145c4fab6c84e056b83cbfd8409fb34d29518fb6b5e

SHA512
868b971a3fac75e658b1e8596b8826c32816b98eda8c20f3308e8a60f13f111ff2d49553624fb046e62254071fc5be485c6790e6ff1d7e3bee1c06d297c5d2c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
24KB

MD5
cde7bcd7606e4cacb2f184b88b74906a

SHA1
28c92c17e6cdfea0bd86a2591de97533ada1e2dd

SHA256
8929459b0799a439987718bea494d848de06b654fc5dc71d9ee265598d1c9abf

SHA512
c65cfd97581696ed72ef3c46cad9b11ec9bdf9ddff8f8df7cc748883ed95ab050a84a3c13295ecc2db0eec2cebc29fd9270f06397ebf6bfdf962879df4b4ef1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
485bbb90fea2bb71e619534f8ab25a8a

SHA1
a449385376b22572dfc7dd5d0d3da4ed8aea73fe

SHA256
fab126994b81e0ddd35e5cfa954fa906019da8b7e449442789c627185e72cd64

SHA512
9d59673e81bce261078cc07617561a633b3aa2ec134e7ff131f37ff4fb648d0cbd6cb5402db79a707811b202bfe7b879d92f23342b2c41d12e422392a21666db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
4554abc93e59bdcbf26749542a5910e4

SHA1
b4bf3a6c15ea7e7a99402e07c6786c9fa69282e0

SHA256
822646f723e9be6b9c5e3c18f1435cf87173dc9714ccdfc9f6c3612ef86dcc90

SHA512
57e10a69fb2f234abbbe4b854163143909f4ab4ad34088b64a5fe0642ef5ce387f08cca7e7a18fff7a1160cd1e3c24fac866be1299b47da44971bfc496fc12ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
f07e274c9e386d90c07690e2c6c468c4

SHA1
48dd37d479edb85564f5ca358302509496c75918

SHA256
02ae662ce8e2d40f1d253893514b5fc461acbbd96e9ab1cab15d398024b43f3c

SHA512
d01d895112ff10d266a88c82be3a9f080504b284348c83daaf1a14a87f078ba3e75563b8ca048cecc2983754ceb3b6d99792e9c6a4069b7680eba46a48c01adb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads