deb41cc8958cc50c40cf80e9a4fab93d8386f5434ba72eda040f3e18b5b3820c

Analysis

max time kernel
41s
max time network
40s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 15:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

vapev4.exe
Size

5.2MB
MD5

6b9b6812b8e6d61602667f0c992666e1
SHA1

37bfd6870570bf5a505c2f04eb2b9fea38a5b04b
SHA256

deb41cc8958cc50c40cf80e9a4fab93d8386f5434ba72eda040f3e18b5b3820c
SHA512

d76b11b978350ab440dfa26c66e1e1c21323f26e757ee6753d44961fc5fe6a64662f7c48a68c7e0b2090467fba71fc9345477aa726521cb75afb854c79a9cf6b
SSDEEP

98304:ym9tIN6GN8Uqs9jveeV30sLVDTJNJ3PijqD/HZc/8gcEnniAF:ymru6GNa2jfSwJNxij0/HZQ8gBnF

Score

7^/10

discovery vmprotect

Malware Config

Signatures

VMProtect packed file 2 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
behavioral2/memory/3532-2-0x00007FF79B090000-0x00007FF79B91A000-memory.dmp	vmprotect
behavioral2/memory/3532-3-0x00007FF79B090000-0x00007FF79B91A000-memory.dmp	vmprotect

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
34	discord.com
35	discord.com

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ka\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\am\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\el\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\pt_PT\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\zh_TW\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\zh_CN\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\kn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\id\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\az\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\128.png	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\no\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\th\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ru\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\en_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\offscreendocument_main.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ja\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\mr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\eu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\iw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ml\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\my\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\pt_BR\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\vi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\bg\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\kk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ta\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\be\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ms\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\hi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\en_GB\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\hy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\sv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\sr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\zh_HK\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\en_US\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\si\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\fa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\sk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\page_embed_script.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\gl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\nl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\zu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\service_worker_bin_prod.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ko\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\tr\messages.json	msedge.exe
File created	C:\Program Files\msedge_url_fetcher_4016_2058656346\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\et\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ca\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\fi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\fr_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ar\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\ur\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4016_400402879\_locales\is\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876479767099504"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1062200478-553497403-3857448183-1000\{F1BB40F5-E8AB-4339-B770-0F867B941408}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1062200478-553497403-3857448183-1000\{1453ABB1-E75A-4F32-8268-0B990E4D6FE1}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1062200478-553497403-3857448183-1000\{4C7A956B-7A1F-4057-9812-B6422A950E8F}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3532	vapev4.exe
3532	vapev4.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe
4016	msedge.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
4016	msedge.exe
4016	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3532 wrote to memory of 4016	3532	vapev4.exe	89
PID 3532 wrote to memory of 4016	3532	vapev4.exe	89
PID 4016 wrote to memory of 3956	4016	msedge.exe	90
PID 4016 wrote to memory of 3956	4016	msedge.exe	90
PID 4016 wrote to memory of 4504	4016	msedge.exe	91
PID 4016 wrote to memory of 4504	4016	msedge.exe	91
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4484	4016	msedge.exe	92
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93
PID 4016 wrote to memory of 4636	4016	msedge.exe	93

C:\Users\Admin\AppData\Local\Temp\vapev4.exe
"C:\Users\Admin\AppData\Local\Temp\vapev4.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/xerafree
  2⤵
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:4016
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2f0,0x7ffa861af208,0x7ffa861af214,0x7ffa861af220
    3⤵
    PID:3956
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1816,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=2256 /prefetch:3
    3⤵
    PID:4504
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2228,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:2
    3⤵
    PID:4484
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2596,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=2728 /prefetch:8
    3⤵
    PID:4636
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3512,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=3580 /prefetch:1
    3⤵
    PID:1068
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3324,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=3508 /prefetch:1
    3⤵
    PID:1376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4844,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=4848 /prefetch:1
    3⤵
    PID:2348
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4824,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=5172 /prefetch:8
    3⤵
    PID:4336
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4956,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=3556 /prefetch:8
    3⤵
    - Modifies registry class
    PID:2388
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5796,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:8
    3⤵
    PID:4648
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5808,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=5856 /prefetch:8
    3⤵
    PID:4572
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5564,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=5600 /prefetch:8
    3⤵
    PID:1744
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6384,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=6380 /prefetch:8
    3⤵
    PID:4024
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6384,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=6380 /prefetch:8
    3⤵
    PID:3312
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5404,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=6516 /prefetch:8
    3⤵
    PID:5584
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5480,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=6520 /prefetch:8
    3⤵
    PID:2728
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=6180,i,4752099151989709015,14856135199399061582,262144 --variations-seed-version --mojo-platform-channel-handle=6424 /prefetch:1
    3⤵
    PID:6024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
    3⤵
    - Checks processor information in registry
    - Enumerates system info in registry
    - Modifies data under HKEY_USERS
    - Modifies registry class
    PID:5576
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x260,0x7ffa861af208,0x7ffa861af214,0x7ffa861af220
      4⤵
      PID:1924
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1840,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=2400 /prefetch:3
      4⤵
      PID:116
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=1852,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=2272 /prefetch:2
      4⤵
      PID:6100
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2436,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=2532 /prefetch:8
      4⤵
      PID:3692
  - - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4420,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=4444 /prefetch:8
      4⤵
      PID:3760
  - - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4420,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=4444 /prefetch:8
      4⤵
      PID:2024
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,1960153835255551063,16890693626245765640,262144 --variations-seed-version --mojo-platform-channel-handle=4552 /prefetch:8
      4⤵
      PID:5792

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:1744

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:5356

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:6052

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:1084

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
09e83912b3e4e66ebef492388dc6ac83

SHA1
63f628ed7e6f9038a6b41d7b675e62a98fa70620

SHA256
e656f85acfe2804b789c854fc76a9a63cd149df03fe92c76fb964a889e981e2e

SHA512
ab33bacc5ffcf67e36adbb6c7d4e16c7138e1a1c1ee91c8fbf47581765d6d61695666bb31204e059a42e9fac5eb2df956442863ea49d74e8ca6bb1070f3aa7bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
690f9d619434781cadb75580a074a84d

SHA1
9c952a5597941ab800cae7262842ab6ac0b82ab1

SHA256
fc2e4954dbe6b72d5b09e1dc6360ea699437a2551355c2950da0b3d3a4779fc1

SHA512
d6b1da8e7febf926e8b6c316164efbbac22c7c3d9e4933a19fffba3d1667e1993cdeb5064aa53816c0c53f9d2c53e204772de987eb18adbb094a0fb84ae61fa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
4186deae4245fe06a0aaaf1570cff87f

SHA1
b5658232adf7428b894a29652fefe7dc7bab3414

SHA256
f3c343d370303196c05e1f89dfb367b36f4beeb5177822f2e0cf126d83fa08db

SHA512
e8c21213b40e21858b51b8eb63a2e61b78d036de60995adb7af0971ddfa24a1f777025fa37590bcddb901f70ee1c44df2e997d5234752c20d85b198b0a46d775

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\08a9d714-0ba0-4df3-a3fb-6ddd8a813d14.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
3c99df7b439c807d2ad6cb93c4b35a25

SHA1
58c59bbf5db07fe732328eff89a52382f1a0595f

SHA256
4b67d1ad3f827c2d121508c047e0a76ae688bd0956d1748fe22b381d761091ac

SHA512
1254c17448985de78198bdbe47228f38036904a5a0cb049c14f3d6b33cfc002551ae36f3b1fb1fe89d240d9844785ac653faaddf4951f0ce7dd1361f4a92ebc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
ffbace4c62b0bb1712141ddfed7c754e

SHA1
10c6a1b521d6f990c887864285f0c9030ea6e16b

SHA256
4681fd2f47508ff48368d05a7a8acc38d53d45ea6153c4ccd7ac426c021c208f

SHA512
fcf54d79d1865d0586f228e4891c788010d8fb852e0f06775e70236a7af298d2f1f88f408daa668a318f2067e659453ce5936010887a412db7332aacb8b4b6d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
2.0MB

MD5
bd9ff5e9b0d924c99d2f9e8427ab1a27

SHA1
38607f14813739ab7b4d1a7eaaa2ed0cbcf32015

SHA256
ce281c852a58f785c76054fe86d78f0ad4c33db460ea48b147c1a11113e51a5b

SHA512
ada792a032a7501b15fe5ca847dd007b98c46ef3c49d59b950c492b6f5f6a1971ffbec5b9771f8c45dfccb6e3da84fdeabadbe01967d6e2a3864d80a39fb265c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
12b7715fc8320c60f9743d077ec23636

SHA1
df8a493a82faf706562dce8ae365d4470ec82449

SHA256
4593b92412efedfecabee57b1f7097b6c430fb4c17ba71e2d98b0871d9a21f9a

SHA512
c2fee9b528558fd55e49eac04f3b70a479c1365ded4a769f27a6b723cb5d573ac2cebd82c2fbbda6e99ef6daf8095e517480c99b0ed0602d0dfcc1742822847c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006d

Filesize
198KB

MD5
a3197748be42521c2a08b21fa220998f

SHA1
91b87b366e9d90c2874b165dd786c532a37a892d

SHA256
5f75d44e5155cb30cbbfa170c041eae2ab7d36af35c38189775a4f00ed594067

SHA512
59924cf8b01a2ee53a30502b8aa442a51fbf3b8b801bccca52a5cf2eb9b5a2632dac7f69419d48776cd9f424f867b9f9782ddbeb0c7cfafbc93f57042a5d0880

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006e

Filesize
3.3MB

MD5
ca5116c3b88824d322ceb8c17e35e75f

SHA1
c94e083667a3a52cccd50a96a39fc273b5af86d9

SHA256
fe4a1170c9b7462f4f8d7731bcbe24892e2b402f4e551feb75c88b02d0676a5c

SHA512
7bde5ffdfb94c70235dba8b8c780eecc44d69b822b489a8f22b3be090b5f46bbe56a2c4a2aace9a8f6924065a12bb15eab132f964d11a94166d2d05b16b082e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006f

Filesize
236KB

MD5
8533ee6a99803c868462edeabdf3868c

SHA1
55ad631788c85ad858a10b84f82200173ed4ae54

SHA256
37779633929fa89c15fb0b9cdd72fd782d0abf41a2cce3e85c53e86b87eeff1e

SHA512
202f07f83ac1ce6994ee6861aed97af35925cdee6ee5335e5c186f0ae81836673323de2ad5398d6c27d2ee65bb5a67f947c0448d92ebdb32db0af53579b571b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000070

Filesize
379KB

MD5
df4ba9339dd3a74a16266c456f548fc9

SHA1
0de8a55db6b1512c7106e1d8aa0b89aa4edb85d5

SHA256
6d6704b90d275bab372db635555be12155835ca8b833694a4496b240df3868bc

SHA512
cbd89958021093b5b11e7af69ed2991fbbca31d5c854a81d54cb514dd22e9d67fc43a0fbd3f9a98e60b4805e7519ae59af811df998cbe2348fe9cff27bdeaf6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000071

Filesize
44KB

MD5
d295c40af6fca08f8e0eb5425351f431

SHA1
1d246a1e54b3a1f2428883d8c911af73eddffca6

SHA256
5d225b25d66b30563a00f395476ed701130d3f749620a63531cea09fc537164e

SHA512
9c9f23cb775244eb10f83f964b36224ad2cd5152cfa5ab82928f68ed1cb49be4156f887cc40a857b72efd0833014e4366bf136689a717dd58828a1b195ed486e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000072

Filesize
42KB

MD5
281bba49537cf936d1a0df10fb719f63

SHA1
4085ad185c5902afd273e3e92296a4de3dc19edd

SHA256
b78fb569265b01789e7edd88cfe02ecb2c3fee5e1999678255f9b78a3b2cc4e8

SHA512
af988371db77831f76edf95a50b9ddf1e957f0230404c8307914f11211e01cc95c61e0768d55aa4347f24e856d226f7e07ac21c09880e49dbd6346d1760b8bff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073

Filesize
136KB

MD5
db985aaa3c64f10506d96d876e350d47

SHA1
aad4a93575e59643fed7617e2feb893dd763d801

SHA256
234feb9a8a2c759d00a4959506a3b9cb94c772186a2d117aed973347c7ef1891

SHA512
300d0d35ebb9e27d66489ffb3e5502a4dcd3af032fb0f672d4f004e3846fb795772b6938c99dafed6fad0c25da8412d6f6a7b0221eb2540e84527703db5b7073

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074

Filesize
38KB

MD5
ff5eccde83f118cea0224ebbb9dc3179

SHA1
0ad305614c46bdb6b7bb3445c2430e12aecee879

SHA256
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

SHA512
03dc88f429dd72d9433605c7c0f5659ad8d72f222da0bb6bf03b46f4a509b17ec2181af5db180c2f6d11c02f39a871c651be82e28fb5859037e1bbf6a7a20f6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

Filesize
175KB

MD5
7cf1be7696bf689b97230262eade8ad8

SHA1
8eb128f9e3cf364c2fd380eefaa6397f245a1c82

SHA256
a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba

SHA512
7d7c7dc08001079d93ef447122dee49abd2b7a84d1619a055ff3e7ec0009261ab6add018560bfd82ed22b29c1915bfd059f02cd83fed2e15e9af05a5d0654e06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

Filesize
37KB

MD5
02f7eb7aa1f6fdbf2999aeb3823f7a5b

SHA1
911421dff1c013ff3492cfb536f9b0b2c694ab23

SHA256
1d43dbdb3b3cb3b1d622d19ec22f3f8b9cf1a53ba7d3b442ba564cdc1e1f9c22

SHA512
5323b7518656a0775b2005aaad40f1bad6ec052a4fdbd52d9a28ec9f9e72cf095b4cc932735fdfd5a06eebef69c3d9af98dc22b411c29c5d3ecd3d60d0acd8a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

Filesize
19KB

MD5
3cecc5c25217b6301c53baa4a763664c

SHA1
45eb5b1bdd67333f49fa60e65bec7e47a1da5bd0

SHA256
bb93e8731db20f469faa03169d06a9b02eac4778972f8e2ede2b128b314d53b0

SHA512
489971577dd3622fd47fcd7ff670da7c5d57f02d4d4d0150ec4824444c5cfc322e99769e7a5db07afdd01aa17fae137514d81562c8df0daa31985b51d7eb071d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

Filesize
52KB

MD5
f59a2c040c6795b27cc0e456233c8334

SHA1
4496890b105c70d7531b375ce75f45adfa1f0e19

SHA256
4efc5d264246816e8769267a8ab5209395478b20d460960500de358a38aeaf1d

SHA512
a5299dc79ab4ca26b4268f3e8c8d2771562177683ea20a23b94b6782f838cb3199e5fd30d032591eb91ade3b249f678e15d169fd410d52220f08056257b2f6ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079

Filesize
133KB

MD5
f9bf0f65660d23c6f359d22720fc55ae

SHA1
9fa19ab7ea56165e2138c443816c278d5752dd08

SHA256
426ae06cd942849ab48b84c287c760f3701b603ebcc5c9aaa4a89923ef5f058e

SHA512
436019a96e47848533684a34e3c360f516c29b2aa2473d0a05d50c0fd3ad19eac39df2de12b6ec1c6760493efb5abf58e6a54d32080226fa1765983435634d88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
68KB

MD5
ebc2b339d97ee3c185b8f185f7b42dca

SHA1
78f3beb6456c6096ccc4a5d4aa2da1353dd6e189

SHA256
4ddbc89a0010a542ff859d8c3ef96af875e5a743b0b8039e1ca0cf299ac7e434

SHA512
7fd2c5cc2052f4ec31ed6f4d7b9abb70c533ccc5ffe076e30e465da7ec39fde9a6ef500af22a9c229ae59a2068a1103dd132e5a8481257efaf7953c54ef11fc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
31KB

MD5
8e7190ca79ec6f184c153d69a4cb1edb

SHA1
361f1de2afd2938341bbbf522ba65273ede9b25f

SHA256
3900020951e324a353cd780c30af1478b0846d078639c8e2fdbdfcefe7a0179e

SHA512
7d1ae8d550b139f1723583c0a79dc00d46154cd4d8092fcb53fca9eda2e1c75d6186fadacbfded1f309f9a49db06137a5ae3da24fd0abc5787c52b8d3ab25ac0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c

Filesize
16KB

MD5
8cab993d7b122ce99670080d6f1799a3

SHA1
e7aa6e6f39bf15fdb8e43c2206f8eafab7c21e8e

SHA256
ccf9c27265dd1e55b1cefa4bbbbc5089e33846d83ba778ea5ff39ec180c5ae21

SHA512
cc240ab995266896c41b8de91a76ff160410e7cb24373b71b8c018c100fa4a77f2677e05ccbfb1d82da2593d219c0983f2928d42ea75130dc4804c05776d4adc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d

Filesize
25KB

MD5
77e7a21200a0ee23ae0d16b75fe95ffe

SHA1
0d97680cfc3c08f8fd75c6b51760404a2fe3e586

SHA256
933fe551f301929395ec58e1e93cb637e2f80f3ddf0b236749b3bc04b6d1b097

SHA512
fdf46f2df81f8f6ac1a9bbc21ef3728332042819391339e6ec0e080e6ecc7baacda887694cf242173bdf9b270ce6be27b6a1a494225fba50ea30eb96a1381857

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
24KB

MD5
ba51a3806456564f4e6114b172318d4c

SHA1
ab1ba44581fa5464c5a4564e9546b0ccc40d47a8

SHA256
4784cfa98ba22dedc67b91bf9726aaf7e78251fe8e06c41992201037d3e8805a

SHA512
72d67fed681917d24ddd239a3f27f33f0da9eaede79561c85016931534dfa212844cfb717fb1057017f9f259b37e2488f294fbec79a9f9507e52a2bdbe146fb6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
16KB

MD5
d0687fa1cc4c922f3184e72fba7d3182

SHA1
ec36a63eb96f00b03d227a05edf42838967d75e7

SHA256
aaa0c8d51008909e04c773edecbfa506b197f14755da83c927c6eea4d2dc9c69

SHA512
5e2bf711dd3e71259c8e37b582d0cff208f9be2684e65cc7b94e48b5b717528bb2ba3f263d28ee222ccf9b58cb308f5a96a2378420682a4a2de6560d00b6499d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080

Filesize
17KB

MD5
f32a7aac1c294232ddbab6fd163d73a4

SHA1
4bb81b9b146705bdab0677660f159400861e32df

SHA256
c0f307ffd56ba43ba274002b7269b286916329b2fb58fbfb124708a064715431

SHA512
351913de7bf942c194e78fbe76b4b631e24e3062e68f15f937460fba9c6d5e925addefcee6e77f2ffcf4c430cfe1d4126f2318b313b9afd1f27251894d173d9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081

Filesize
19KB

MD5
6555a223c55a8181c05cdc698b56c847

SHA1
8b03c04bd81f4b6852ae0e6736ef5bb8c5a588fc

SHA256
82c7374dd507c37583edefb0676606b7364b864b88a723fffd01401a2d8bc34a

SHA512
dff287d759bbeb5dd4d93f6121104926e2bff23811c11f2dd6ff88545358edad3c106fb59a99b3b494039e6f4b36b23c9b6acf159c43fbe1adb192fe2bbbfb77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

Filesize
19KB

MD5
600af3284db049bee66464ab7ecc6315

SHA1
fa66e00bc7d22e87728fbc7cc323d6650ec7a2e4

SHA256
31e75039bbb86303627cdf497e07898812f4d723ef10c8375487caab23548d05

SHA512
2e6a5a3bb31ece9a0fddf6270e09b45a6886e52892f21cd5737688803044e432bb32549975f2cc98cf495e837d18140c1622399cd8782486da790ce287a46820

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
30KB

MD5
0c94a8a0b7f58983762a4cf221438b4d

SHA1
637e6b1d8ec613d5b823f786e22417dd7bf5d01e

SHA256
bba8ef66b59dd44224e9dccba26351c914533d6fec3146172fdb4910248b3073

SHA512
c9fbf56a58f32bdae4febfda60cacda6fb625cdb9cf282a62a28db33694d80822e834306d50491d366235fc14fea93f8823b945bee24f31765180104b0a3c091

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084

Filesize
25KB

MD5
844055aeac09826849f79130b6e5b0f6

SHA1
0f49fb7a59ec3e4efdbc9eb2cf3274bd2c5d9b9a

SHA256
92c772ff8b04375eb08025c030e28e2d35a0da124a39a852e6dad88f69306be6

SHA512
a195c38ef81cc3e744b41fc93538b6aa0ccf6e2da7133cac7b8e731e795d3483fef1c18dfccc1788b851a162ee8f400ff16d5f9f2fba93675187fcb588206627

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085

Filesize
207KB

MD5
97188982f9dfb50c7f76faa251745c22

SHA1
43d81dc4e0363106fe0352fa541cfd0407b28d74

SHA256
70433ec385c2d7fa7bab623b75d85662bb50c159f3bf463df812a84187bc7cfe

SHA512
1378c0332dc99bf61b4d70468dac9a6c545da919d74350492f6e47c0b71d9993f63a31d22287c4de2131cda740d51cd29b39c55fa5ff4e89b449f58c24d9b750

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086

Filesize
24KB

MD5
d28e52826c48d27aaf7e4b74edb1558e

SHA1
96e8b1f54b9787fc72c6602100c6723c5595d889

SHA256
eef7fba405b5ef18be32ae5cb11b4a1499e897fe198221c9736640c47128042a

SHA512
1e7ade9cc7e07b4e9eb69356c5c6428d2f7834c5b9b7650b687655e74c8674f87767d764cc1ebef62eafc4ef0ed0910d49833019b973a8d8ed9a4f9287d1038f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087

Filesize
55KB

MD5
d022ee3f984f2412b177063f13ee57bd

SHA1
6a1b68545821dfdc4307f70b1434f3e63a8676a2

SHA256
1def94af708ac3d07eaf19ea48ff57852e19795e2a3d3523a612cf15594b09f2

SHA512
db11d7610dd3fedad7013b9b6ea6786aee934461f7d879bdd7da1de5ca6dc35c70d53a7775284e7b78481bbc628902ef29e9ddd34bb82f77d66ae1c7293be3ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088

Filesize
318KB

MD5
1c3f65056b908711cd3b110a1196047a

SHA1
defd05ecc1b2c1b0afbfa21aaf0cfb42e031e626

SHA256
bc790ddbe589f39ef6fb570898cb803e13d65074203b7bbca645b14a72d727bb

SHA512
227cc6e5ce36f9788061538eae48393a00b311aec66799e8456f6998dfc22350c5999f4670280aafb59a2010ac3ebaad9aac94a383bde9455400d0cdc32916db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000089

Filesize
37KB

MD5
3d6549bf2f38372c054eafb93fa358a9

SHA1
e7a50f91c7ec5d5d896b55fa964f57ee47e11a1b

SHA256
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

SHA512
4bde638a4111b0d056464ce4fd45861208d1669c117e2632768acd620fcd924ab6384b3133e4baf7d537872166eb50ca48899b3909d9dbf2a111a7713322fad4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
38KB

MD5
71d3e9dc2bcb8e91225ba9fab588c8f2

SHA1
d7e38ee4c245f64b78eb18e6ecd7b9f53b3254a8

SHA256
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813

SHA512
deda05ebd575d413aa2277876991ecc2ea238907390753485ba1b487ede2f432363c46daad5f3f240eaaf8d3258150829a3ae3d2d9c420ea59567cfd440361a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
20KB

MD5
68c4ef692cdf33162622baa2b79bbeda

SHA1
8e7e177a239a9ac9bc336846f0aa5cfe72aecdd9

SHA256
e59f049874bbc673ed7f696d9fde0bc22f4a6a5939da5c98f31a86def06887b3

SHA512
1336c66c5ddb498c30f378f6b82a7ce20c61a6203209730490e9f1f62672dcfce0f9845542599fedf21db69f0fdb0080b662da7147370b51f2d03ccc98eaf338

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008c

Filesize
156KB

MD5
3b0d96ed8113994f3d139088726cfecd

SHA1
1311abcea5f1922c31ea021c4b681b94aee18b23

SHA256
313818d6b177a70fbe715a5142d6221ac1a1851eff5a9f6df505670ddcd73074

SHA512
3d78c250029069e1850b1e302a6d8a5154f6e7bc5cd58f449b8824ccf418e80dba2d5569a9cff72f51ccc9de140dc91148f93ec4717f4a880e2ba94898fbdb24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
38KB

MD5
7f63813838e283aea62f1a68ef1732c2

SHA1
c855806cb7c3cc1d29546e3e6446732197e25e93

SHA256
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

SHA512
aaea9683eb6c4a24107fc0576eb68e9002adb0c58d3b2c88b3f78d833eb24cecdd9ff5c20dabe7438506a44913870a1254416e2c86ec9acbbcc545bf40ea6d48

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008e

Filesize
343KB

MD5
5bc91abf7f59120c7ed70a698b8aeb77

SHA1
35c022e44551d66c4ad3480f3ebd0ec6dbf90617

SHA256
8151d14300e13536b51e668061a87b254da723c733b03310a40fab060bb2190f

SHA512
85b448883672e8cbd9f1ace3dda362316c61a58443764a55a195c5f04efa43c0b19eeca0745b0165fe6f19c9cc65fac2c66a053b52d02aacc7d27b08ca8f1efa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
80ad2b3a1a51f46a6d3a7311057d2431

SHA1
d541c05242b26fea4d8dd4d4486fd810cf98951d

SHA256
2f1eb7b0e42a3f7b284cf18edcad40dcd4fb42fd6aacecac6a1659e20ebe62ab

SHA512
e4248d6c5b38f65d79e4c6688c242858fb810e68616044ff015c02baeadec2fd0909028480203e82636393659ea2627197cdcb0c548813415f840c844b7788e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe578a4e.TMP

Filesize
3KB

MD5
92c45c0252f9b036dba2b06fba9eb08b

SHA1
84ba5bbab12637c6a4bfcdb1010ee620707b5514

SHA256
f531123c9460bfa3f303fd35300d0ba5c194ecf4e3546c65301598fa74ed7b1f

SHA512
0f67efdc9e0873fce0101a38bc1fb8129666874e0d85b5214fc9403db206fa1838e32eb35342286ccebcbbbb376fe5797f148cb64fc01bd863cf7f9c39432025

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
e88c43b2a4c2c7f71c97677e19a1bb7f

SHA1
f1cac1e7fcf37740fa19d43e5adb941b172c736c

SHA256
2c4047185a37c8659716f3c8229fece80db0ad7e0fd8edb6055fb0921ec2b1a3

SHA512
530e838d33b6d035c31bb2e831749e36d22a3f494c7f1ea0acdc51083e584a5689794d836c39416bba807de4c583f369ef36c633b02e92f5e580d99440f55730

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
012216dc5e880c8178f9c846a8b08570

SHA1
4deed2d5ef04448a5df89d03be179a4fd33bdf9d

SHA256
d8b72a54db70094b132667ef9ba3ee80747de0eb3856abd2139dfb7a076f9027

SHA512
e37258382220e7cf7c01fb261644fbd232a6154c6952525ae6a13e1f3152903e4bfd9d7558f166cd20f71d3544720208dee5b0c37447743ccc8c22d02321f2c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
383bccc9368cb98d6f098749ba89e9d0

SHA1
969d20a32c4c15dca13b21470cd65d24fa3f499b

SHA256
3e29bedf008b72352caadcf9ebe7a097d3bba39b5d7f8561a39af92e1ed0610d

SHA512
15ca243a99f719a337139fa4154f5f30f1a49b94d6195e38a779d10b68c5712996c2b344eb51450013ef020913ed2076b9e95e53039982b3c03f48d98b95c849

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
00928dbc8a58a0fadebf0ad1bbaff6a5

SHA1
d52fae0be505b8aea0a626c55c7c2994df376430

SHA256
e78c7de4b7c306153d6cf1b8d8a7402487d9cf560b2fc8936e7735a3514f808b

SHA512
a2e9f29b7142075024b405894b2d0c054dfaa6af7899b451d51fc577c8755d4e1534afd1b5377221da7ce7017779b89eec24769ff8f1b5e62feeeb6d55ba727d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
b337a7fd4706f8ba1b74a627803684c2

SHA1
a6cc76adebefb0527e2f6c5a4a50f7134f15dd55

SHA256
3082d74b69d2f66323e465c87374856139931fca473d224af4792df91618a297

SHA512
743840e5f3088441194d8e059c993b6bc08f3e218e1571f559b05782545a876066d7c7bcc8a767a73072fc8fce6032bc79628915313e7a2cb2bcb8141f51f456

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37f3dfc2-b6ca-4fb9-9cab-a71ec9f4cb2e\index-dir\the-real-index

Filesize
72B

MD5
4f9dd79e2068353f8f7c97ca2f3551cf

SHA1
dfd65346f4374e9331d8af0585a723aa99e507fa

SHA256
39a5be400b5eff77966a287dca8956426739e88599b68847bb1518b243d70999

SHA512
329a0546e6df1b296982e0b6bfaca59eb470713be6e9a64748006960268c231809f78dd172430e5690c63ae7873a0ba0c68fefedaa5799b752a13a3364d1aa24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37f3dfc2-b6ca-4fb9-9cab-a71ec9f4cb2e\index-dir\the-real-index

Filesize
72B

MD5
618850ca2ff53cdd71fbb8f445d0dfae

SHA1
25faa0cb87f80761538503f029e43e2c9209b825

SHA256
26b808a55fa8c943ba0aa53c22d1ec4f6f2c1520e66b77f14f853d12245d16d5

SHA512
0ee6cf58bb1fc3c84cc3962eb18e39ae6b818e342f69bbdcc69840e313adf51822505a0938e0374f4d16d5ba7fafcf1045156a5400886b24b98964dcd4289f3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\43777905-94d9-469f-bdca-c5a9e2858271\index-dir\the-real-index

Filesize
1KB

MD5
b5c4629e33868448e5328e949e01d6bf

SHA1
d0addd774c45f4ae70608380de68789eff022c62

SHA256
1ea3e41426e71780633bd1557c640ac388317e7b7b24a8fc4c2e302166f75730

SHA512
865115835b6bde2a0c49d5606c2e9badaf47feec8f901d4b4f6cad37fea71c54946374174e3356b3af5470352d9726b4e297a8ec599d7688cb070feb8ef63ebf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\43777905-94d9-469f-bdca-c5a9e2858271\index-dir\the-real-index~RFe57824f.TMP

Filesize
1KB

MD5
9bc9b61101fd62bfbc91d46345e0536e

SHA1
5d2ac521af2a4a5416a0d3eb614834f2cf3ad5f4

SHA256
f668ff9286fb8a8a60cb706bb431e54e7b69148f900ed8d3643600c403083470

SHA512
1d0ad9b6fd68acf6c56626ea3eaabcd5ee6d700c7ca2b3f7a922bee843a95a26eb3fd01d0895c4f5bc45f0d53dc6c5789c280548ac5046ad26978fb2c8a4e922

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
253B

MD5
4e4a9c2cf20771e83b60c9219df373a1

SHA1
9b7a94f976b6fc3daa1d027bae0c161920e10ff2

SHA256
06ce190ff5990098e1ab1cc17e8683cb401553cab974c9df686835f854cbaa92

SHA512
0ffe5ade2c9d347b942c829067f2d5ba91aca8f2f27dfd286206a2c469a0abbdfbb8c82e5d91d26b5f70aa98405534f2b4846b6f80782f732973e70059c56295

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
48B

MD5
fcfea224097ae0b362574c71f59e88f1

SHA1
81213ece9c51d277ebdbe8957f98f4dc80f529c4

SHA256
db42c8c53b7e2b71023d583df9d47994a0c15186223f30e9b8e029fe50e10b46

SHA512
55a84598f10dfc5edc3b9c244da05c4cf28734145b537bfce1e278c8c60ced0d93075d955dcc9102ecb0722f888530fa0083522489d8c7cdccfadfdb2bfc47ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578a2f.TMP

Filesize
48B

MD5
509c4bbf6a63b0d08f029933d267ed5c

SHA1
20a57b6514b3e81b1bbd04f08a60cb9a56f22df7

SHA256
31e91a6e7ee377adf3dedc4035c762866167165f7042f4f1dfc66a537cae5110

SHA512
2096b73586c8b2223986f031cea9ff7acf374a7eeecd639993b752ef2ed5fc54c07aae86f5c99ad319eff3ff8dcbe4f6eff4347a2eb550f9a27daed2ede70d46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

Filesize
112B

MD5
d5d7104915036c738f172b9f98380a07

SHA1
3a4069a1939c29d1cecf3a4dd7c0b3afd482f581

SHA256
c054766a4bac98e9185e52b2bac4a84b2eb6b466ba641b22c97efbd57b18dfc0

SHA512
de66d1632960561fa2eff6f45b9b2f86d40e776fa7b2c55a3276cce1fc18fc5cd200123ebe320f0ca043524284a53bf044167e736a21f9306264ca50ba9cc6fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
96e5d4b49c7ea318becc8e4c03960dee

SHA1
a33ddd96959200358aba4d6f191cff08ec4804a5

SHA256
749cebb5d2cb514b00734897ca0348bfce0c106c81bfa1502a601227146b7424

SHA512
417be92c6aaa9bad11942aa6767fa2dc0eac9ee0e317ee459b75682d212c3c4e2fd165285475b3ea97ae38df2bb401d8b2cc486a37bcc3f7092e1862606d97de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
326B

MD5
d4324e49dafa40ed28cc3fc0bc38261f

SHA1
bb38cba4d18541096bbb9dfd24f2e43a0ed78044

SHA256
f3a12b32f76b5780338690ec1d645956118cdd7baf021235246a6ec57bbafeb7

SHA512
04c8f9f9ee51c18e29cd945cbeba9591ad40e8e668edf2f7952b65ac706768865fabc37685539351a0df96e46afb830917948ac713ac87ae13f43e9feb5bbd23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
adc59862fb0cdf80a8fe3e928a4f7beb

SHA1
815163a4befa8eb682e75774164c124821a4b920

SHA256
e5ff1202057ef9350b756be361f83cbdd05b4a1ffe3b20544212f32c45e62df3

SHA512
829d609697daf0d54bc6f87bec7d625cc50b4a9ca0911d0d5baf9586a773c3eacee96bea5d2084d1f70788b6425554a0845b7b82efe69a27ed3a72d18d17328d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
d1e961b860fe8fc087ab57253a223bb9

SHA1
a96f9e0aefc496934055cf4f6be553cf7d553653

SHA256
21badf891010358f60ac029a1f1fd28809c0b161f3f02a5ee7e9b9ab0e6a8018

SHA512
05d31ff1410ef69ceb3e49ca2dbe933c025f85767a5267f413bae5580f16dbb04b28d5e80d91cd24a12dc7c9b2b7a59e36bd2ab584ff75edfb40670d9b48d5f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
56KB

MD5
da0094033bfadd01592cb3241d915bd2

SHA1
3057ae7e9d546ca2a585975d42d21b50139faf0f

SHA256
40f0f94df193ee448faaaf7b14e271bbe69ca2278056290cbdb2a73853261c6b

SHA512
3b78ca0dc83e519a5b3d10aa5aab653296d423b171a9a75748d27e8cbb9448e425cd057d03808a0827bf10f1afa468fd1059937fb4c6b411ba279e21d1b318d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
56KB

MD5
ccfa3871dbf312bfc1908b1b7c48dfbd

SHA1
3522b2da95d2ca39c70c4d71a2e7f24871e943d2

SHA256
0f26193589440a79d65aedf4d59a06ede7fc8338cda4c536565257d4119967cd

SHA512
b834a66b9aafaa585224209f7a5db2e13789dc0c02cc20e4a29d2bfda8d76c69835f342b95bc86429f968753008fb0100c32ac9dd28f1aeb19603f34dd93b16e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
e7c679e0eb3cbd27f16625558740f883

SHA1
e6c94dbbbbf1d4a7cf79b79dca63bc56f4613851

SHA256
a63aa1f2c9f109b772bc2b383aaf99a5ec9f0d986857231aec59b357f5a22fff

SHA512
e35ed849b9e19b4b34a14a41dc5a6caeba1b70c95b66a5afbe0f520eaf8c3c4430c1b37a291cd2dd88ee0c7a30fe0c965d3077dfb3472d168af0c0926cfcb9f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
fddf87d0ae8517f1be2da85e8cd99657

SHA1
03b738034a5e15d2a8b981ac9b0707fe87abaa90

SHA256
14f6dd97a18bd4663bf59ae15d07d3870add2c2dbbb163cb250e6dd2ce19f629

SHA512
ab64c862556eb604b45e9800031b1ae8f45da5edc94561e41dca58412976217129a2180e01e1c9bd10d3f440c695b7c3dd94a07a8c607f8751e27aa0a996132d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
2dc38d43899fb42c0b9b8e329522b4fa

SHA1
218b249bfc0e3bd750e0c05368267590016f8859

SHA256
18b7aeea1f6e5d34bed7ca428c57716e1cf6f4db4abe4aea92b811a20b55566f

SHA512
6801368bcb4eb12191cf81446e98c28404a713aecda6a6d4dfe0f1b5bf19c9cc9b65977d5294130f2dda13a18556bcf02a50662b44a01bb17777a707e514ef48

Download Submit
memory/3532-3-0x00007FF79B090000-0x00007FF79B91A000-memory.dmp

Filesize
8.5MB

Download
memory/3532-2-0x00007FF79B090000-0x00007FF79B91A000-memory.dmp

Filesize
8.5MB

Download
memory/3532-465-0x00007FF79B097000-0x00007FF79B3ED000-memory.dmp

Filesize
3.3MB

Download
memory/3532-0-0x00007FF79B097000-0x00007FF79B3ED000-memory.dmp

Filesize
3.3MB

Download
memory/3532-1-0x00007FFAA3B70000-0x00007FFAA3B72000-memory.dmp

Filesize
8KB

Download