1105469c1e7b5f9a8bbc067397aea711c0f16e1a3384fa7fcecf59cba305bd3b

Resubmissions

28/03/2025, 18:33

250328-w66t1sztgt 4

28/03/2025, 17:32

250328-v4szps1lv3 10

Analysis

max time kernel
149s
max time network
141s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 18:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.html
Size

261KB
MD5

4a9e5a456b2ef524d9e276fc8f400823
SHA1

e314352f9507e6ef30130ba2e024657986cfe32c
SHA256

1105469c1e7b5f9a8bbc067397aea711c0f16e1a3384fa7fcecf59cba305bd3b
SHA512

9294c8370cfd645812f4448dbcc6980cd87ee0f26b3f53ffe0263e56c6eced6cf3589c86284cca2fd4756889e8a5d93e441afde84843ee251fd7f010edf09976
SSDEEP

3072:y+DQN7r8czxXGWZbNIQVE6elXhBe659iXGkDI0AwtN+6u/jmR:HDQN7r8cQWZ5IQVShBbiXrIfmR

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_2115641081\keys.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ro\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\fr_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\eu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\hu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\service_worker_bin_prod.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\kk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\nl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ar\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\es\messages.json	msedge.exe
File created	C:\Program Files\msedge_url_fetcher_3940_409774849\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\hr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\lv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\en\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\iw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1350438977\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\pt_PT\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ml\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\en_US\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\pa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ne\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\zu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\fr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1680939662\protocols.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\offscreendocument.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\zh_HK\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\be\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\lo\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\it\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\gu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\am\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\el\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ca\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\hy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\is\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1350438977\sets.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\my\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\pt_BR\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ta\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\sv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1680939662\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1350438977\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1162281932\deny_etld1_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1162281932\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\bn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\pl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\sr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\et\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\de\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\sl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\en_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\offscreendocument_main.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\page_embed_script.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3940_2059291735\_locales\ka\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe

Checks processor information in registry 2 TTPs 4 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876603938398506"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{29B7F4AB-7D82-422D-AFC0-A3B3CD734F2F}	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{6A7DA2E7-86C5-4DE7-90BA-DF19B72C6B90}	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
3604	msedge.exe
3604	msedge.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4020	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
3940	msedge.exe
3940	msedge.exe

Suspicious use of AdjustPrivilegeToken 3 IoCs

description	pid	Process
Token: SeDebugPrivilege	4020	taskmgr.exe
Token: SeSystemProfilePrivilege	4020	taskmgr.exe
Token: SeCreateGlobalPrivilege	4020	taskmgr.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
3940	msedge.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe
4020	taskmgr.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3940 wrote to memory of 5276	3940	msedge.exe	85
PID 3940 wrote to memory of 5276	3940	msedge.exe	85
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 4536	3940	msedge.exe	88
PID 3940 wrote to memory of 4536	3940	msedge.exe	88
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3544	3940	msedge.exe	87
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90
PID 3940 wrote to memory of 3684	3940	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x2f4,0x7fff267bf208,0x7fff267bf214,0x7fff267bf220
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2284,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1824,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=2456 /prefetch:3
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1436,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=2640 /prefetch:8
  2⤵
  PID:3684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3460,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=3476 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3464,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4832,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4840,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5056 /prefetch:8
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5516,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
  2⤵
  PID:3412
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5792,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5816 /prefetch:8
  2⤵
  PID:2192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5620,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  PID:3540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6080,i,10759644290685260524,2761762381537832766,262144 --variations-seed-version --mojo-platform-channel-handle=6232 /prefetch:8
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:3604
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x214,0x7fff267bf208,0x7fff267bf214,0x7fff267bf220
    3⤵
    PID:2384
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2208,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=2204 /prefetch:2
    3⤵
    PID:4928
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1904,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:3
    3⤵
    PID:4900
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2436,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=2904 /prefetch:8
    3⤵
    PID:1268
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3724,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4132 /prefetch:8
    3⤵
    PID:3764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4436,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4428 /prefetch:8
    3⤵
    PID:4240
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3724,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4132 /prefetch:8
    3⤵
    PID:5012
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=568,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4508 /prefetch:8
    3⤵
    PID:316
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3752,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4480 /prefetch:8
    3⤵
    PID:2192
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4504,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4748 /prefetch:8
    3⤵
    PID:3124
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4756,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4708 /prefetch:8
    3⤵
    PID:960
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5080,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4720 /prefetch:8
    3⤵
    PID:5204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2720,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:8
    3⤵
    PID:5408
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4064,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=4472 /prefetch:8
    3⤵
    PID:1348
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4336,i,15779383709095615249,16299263055546571946,262144 --variations-seed-version --mojo-platform-channel-handle=2676 /prefetch:8
    3⤵
    PID:2752

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:624

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:2428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:5716

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:384

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4020

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1162281932\manifest.json

Filesize
176B

MD5
6607494855f7b5c0348eecd49ef7ce46

SHA1
2c844dd9ea648efec08776757bc376b5a6f9eb71

SHA256
37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

SHA512
8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1350438977\manifest.json

Filesize
85B

MD5
c3419069a1c30140b77045aba38f12cf

SHA1
11920f0c1e55cadc7d2893d1eebb268b3459762a

SHA256
db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

SHA512
c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1680939662\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3604_1680939662\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3604_2115641081\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3604_2115641081\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma

Filesize
16KB

MD5
cfab81b800edabacbf6cb61aa78d5258

SHA1
2730d4da1be7238d701dc84eb708a064b8d1cf27

SHA256
452a5479b9a2e03612576c30d30e6f51f51274cd30ef576ea1e71d20c657376f

SHA512
ec188b0ee4d3daabc26799b34ee471bee988bdd7ceb011ed7df3d4cf26f98932bbbb4b70dc2b7fd4df9a3981b3ce22f4b5be4a0db97514d526e521575efb2ec6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
01cc3a42395638ce669dd0d7aba1f929

SHA1
89aa0871fa8e25b55823dd0db9a028ef46dfbdd8

SHA256
d0c6ee43e769188d8a32f782b44cb00052099222be21cbe8bf119469c6612dee

SHA512
d3b88e797333416a4bc6c7f7e224ba68362706747e191a1cd8846a080329473b8f1bfebee5e3fe21faa4d24c8a7683041705e995777714330316e9b563d38e41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
b3607049da2a494013ac244be66afa64

SHA1
a7f44af6b91cf0c93e8be313abf397dd070269ab

SHA256
68cb39c643a89b5717664b43ef2053c73278e5919130804fb0420289c9ce6fa2

SHA512
08f2e4063a45e2a6affa2e36222c2e3fd672c52f062cde82e7d7c7c4a841dc35f034a402b6c76fb3bef24beffe846282e683f67e3f99ba8ead2d83c3a23f5f3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
dab995e50fa2dd3337c84b6f1b0079ae

SHA1
4823a0f6b97e08a6b9b0c13e4abd6c6967a227ef

SHA256
0e3573243b78b0f8d404367c49e31d1dfef57795b334a2c5842a1b37d97ba7f1

SHA512
554a3d56eb9e9ed56a7886f579407e0e93efc3dec9e9b0284fe04ca989a62c9176ae693451cb10f3baf8504da77fbb64cb18d75a6335ef51ec8c26d687a3ea1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\431b63c3-c04b-411f-a669-1a55fa01a656.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
6ddf9dc68d90dc884d26f0afa2eea6b3

SHA1
df79b557ff46dc28f7b01f952fd27397d76585e3

SHA256
864702dfbbb3f5c8ab4bb5d0961da3cfac3833b19205d6c4586bbb7fb60e74d6

SHA512
63bbbac7fcf280eb618307eb3d7d7ccae0aa6aa79b888f89b3747b75930658269c1b1abe9af90f78977bee6d3abd7e2059ceca044ba9f12ac5ae5c4079c83fca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
70fe0728dc6f73786de3da7749200794

SHA1
cda6243b3bd602feafeb14f3225501563a7d53e7

SHA256
20281e383ae2e1b8303555ffed03fa31c133e754a67f10baed8f4228a4cda9e2

SHA512
5bf319cfb1a7a8f301c603fe4f0172e18008a609ea74bc8626ef1a9e48c5f402c9193d08f9fea646b534b01e4dfa97b9fc5d42a071cc7be7e6f7f745d21834bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
d249f2b6d8b8dc1dcf6b0a3d3233ceec

SHA1
eb8872d24a4b19ebd0d6822e4404f30a156bd7ab

SHA256
cad975c92a53eef33e85aeda0665a8f223943382f3a3685e8d3d99fba15cce6b

SHA512
d5e9b32ba3a90fa77c521039d6444daed243fd988468fd24a6e0e5877f2eef7e07caaf61bdea001eb04a502c6b30d2ef07e61a66df7f8321e38fbcb15b744153

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
0454392350c3aeadedf49fb5fbb0e108

SHA1
9b56514bb007b4a3bd6722a016439e8cdde2bb97

SHA256
b71c4190a0690e84effa4d97210d39494068cc6f74de473f1b69b4812bfb3d8a

SHA512
08dd5cf132c40ac625d8a772df69e56ae4724f6802d304eb1c77a98cd5929557a2b73ff361ba9551aa6a7a06833a0d9210d5796845bb55ab49d651a745fb5f77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074

Filesize
77KB

MD5
5e555fc3a0904b75a5f5c417d22dd23e

SHA1
c132ddd2aaca0dbf162f261a017dc59cdadf185b

SHA256
2ae1fe481d1164f16fb9a345d6120798b141b4ee92aaf07748cb964103a758d7

SHA512
7319b442853bdb4758a7f3b8d7a320dd271fcd7d9177e45c3f1391bfd803f0687951ce95a869ab2b23d03a3a862309e265393a17d24c806f058fbb0599c1aac5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

Filesize
38KB

MD5
f53236bc138719b68ccd1c7efb02a276

SHA1
26b7d3eea5d3b12d0b0e173ebf2af50a7d7e56d6

SHA256
787c14f8cc865430c03c96a345044b7c5b8dc8a032511a500d4a42228533acd8

SHA512
5485bc7ccce8ec75f60bca3be846086a4bd4466009c8e22da9cdd16bb1154529af2fb2667cd3a97485cc4f6635fb79ac0fdda4f3e1f39f25f6196f708a92d740

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

Filesize
19KB

MD5
5e5ae2374ea57ea153558afd1c2c1372

SHA1
c1bef73c5b67c8866a607e3b8912ffa532d85ccc

SHA256
1ef458d087e95119808d5e5fecbc9604d7805ea4da98170e2c995e967da308f3

SHA512
46059e4a334e0a5295ebcef8401eb94b8fa0971b200f0f9e788ed61edae5018c917efd30b01631cbd6bdadc5240c9fcad2966ea0aa9c94b538bcc369e10bbbaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
5854593ed209f6ba8ea9a93f16321185

SHA1
7f8ac0255047cf6bb8a7c758acf7a5a96b72f0e1

SHA256
c9e9cf480d8455d7c38b53033491cefe78a83d734500d8eef7e93a26643954b0

SHA512
14aca469d8b7cece3e7c19ccca2d8311695cf1ccc647f8e31d8011ed91bfefcd49ac91cd8b977ffb69a492f331895298a6bccd72796129817a1bd3b586effce2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

Filesize
343B

MD5
e879bf0ed0a9900502f3527ed3e0c6b6

SHA1
8bd6ef80ad15db6801e39109782aeab9acc1dfe4

SHA256
6cbcbd199d5a6646e5e05a6dd512099569526bdcdae467b118177de5fc486978

SHA512
586c8fc8fc10ebde74f45829a3abde616fa453d057dec636f44361775f95973c095eb99350e72500ffbd4f278b6538bc05dbbe8abfb571da811ca9717bc25666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

Filesize
32KB

MD5
18e21558a1d24a45c5480c994a35c3ab

SHA1
dfd816089ce6a2b9d792169887c6406ff4274968

SHA256
9655291574a778be9068a74695f5b7ae0e2bc54258ca3193ec860f17bf5d8763

SHA512
9aad8755e582e590e111d43195f7d857f7315c62284c299fb6fb6f8c7a43f924cf885b446a32f6313d22b410442809c419af026443e778204f0eda4d3a184e75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

Filesize
456B

MD5
f23d2df21a39aa8d814cade6c37856c8

SHA1
233e65707015a53f83a0d53db03a4af8fab21ea6

SHA256
c5ce9aaf8ffdcb8a00463a7bf24001885e0a792f110c8db74a1e2f4392cb0e31

SHA512
a7b50b8cafba80f6baca44b260f8379852c4176f3dd57168812f3b4b811d2ff340f09f8ce625cc2adecab2851cc33725cb729548a3da98b041387c7952077918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
889312d70bc02ab0ddabe89ce7fb3f37

SHA1
6bf864b65d1a197835930f9febbf61fc90eb3b72

SHA256
f4c61b93c5bff9fc9410fc169174fc495eb8b56a8715c6dee5e2ce95436a94f6

SHA512
13371184c937efb4ae362725de0ec954401dc5c5e3fc1319e9c222a23b5167142fe2d58cf202822175a6b2d3637bd7d2afabaffc3f70ed37baacd9a783778be0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.90.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
3b5c632a1e8a128def06d36b1ff6221a

SHA1
28dbfb96dccb3ac4930534157f61e21b22686a90

SHA256
0b78200e3a6ea69431e3d385e68cbf91f8dbcd955b4bc66146609dd2c5cd6292

SHA512
cd2e60955ef055eff0a9d1c95829bd648b85c35f544f2cc9c2bcd2ed06ad8e345b414b504a87745702e32f4fe0a22fbfd5a2420145d6ea50511160a162768400

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
80877eba5a47ceca85030be5bd659904

SHA1
edf0285fc23d6a2c51127db73c26d7122e70894d

SHA256
9dd4f3ebeb5697a54b080d629c9cf18475b674f7d570af7e1ec28dc6cc70c114

SHA512
10441797328f70b945b1947d827086208acdeef2519345a2768d9424f2f690c34a8623a954a3da207e99c5d796aea859b413652a9672e55f6f776aa7ee688602

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
8d3d2f806ed3b087d653020b432d7163

SHA1
ebdb2a5641049ece3be04ed70a6ea0137ce3ee51

SHA256
9b71f245a04e4c36ffed7e0c29f96515092d5fc6a8bd8947509b6e09717bc17d

SHA512
8dee4e5d12095403d53444bce7df6b8a123169e4acc91a8ddb85d13aade0d861d9d00aecbfed00f74c6f2e413013db9d021f7753a54a84a0750017209eaef764

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
cba610ee0ee8ab1f965fd2ca97964f09

SHA1
c6c150dfedce1fe5bfc52a3d0488e01df5acf297

SHA256
a86f7f697cb402f479edf22f74e6be3babd1dc9d274b85b83f5968c478e6bc86

SHA512
4ef8ab488d650409562bca6c9a539729e9eb2874d7ef5133b61511a15153adeea08f954e98f397cf5a4987a6912625cf96e842e1fcf9b5d4f1a1d275627246c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
853b360877c080ba7742fc00167e4768

SHA1
1c56399b432b56414b347ac1a24ae38195577280

SHA256
978f9ea564bd48715443efd6cc34a8eab791dba7234f5be706d4d781ac268f11

SHA512
81f9782b60e1637e20f02635608ed8f0b1417da6088c9f8c03c9977ee1c7b2ebf2e0045b664012b5d09f0cab4bf7626b4d7f8a1906ee266cb2b9d4f547e96170

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
c655f0b2975e2005603ba4bbfa760ddc

SHA1
c5c53ceb3fca2a31bcecc4da4eec9290a62b0b4d

SHA256
4386680f80a802f8bb9e130562056a502d220aee5e7eb0f925210e5fd9824052

SHA512
986a094779a03d2f984a6d5bd34b7a4df8ffb5180eb86c56b5f87f2c8757c53aff2ba4ea18b9511ad150abcfd0c1188b6498d622a0cdd288591d56108d9f83e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
740694aa52964c7d173b2c71f17a990e

SHA1
6d1398e07e5df7d67d059db850933e0e95f89ebe

SHA256
d9449388c2ed398cbb64b91851bc9beb56999b2d42a02af81a43d14b886ff9da

SHA512
067eda8438bfb4e13baf01e38b90219877f1dbd0a24ebf411105dbfc35f4106c0fae8ef7d8b3b31a5823d9ff125598a1ee10d92affcdfd3908e2ceaff90f0583

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
338B

MD5
c44ad376933978082bd5c50d87db6ee5

SHA1
6e44e948d48061c6cbc1752af8cb31135d56de23

SHA256
bdf28879cf27f1296f0d6cb7f709d96a13dc40f026e0e4c7f91efb239419fe48

SHA512
eddc72f398aa2c9b074878b0705751945e4372705ea1ca46ce24ebaa2b64b0fe73f4859123bb68ca7c1f3c0375bda000eaa997b48560eb9aece392114b79275d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
350B

MD5
28edef5ac0e6e86170995c33b27a2893

SHA1
7e59551db8ae173cc460e90a7cf1451ea0f8be36

SHA256
cfedef047403ac32886f8f21c8bdaa20fed74cacdb9516f4c04bc062a131d89e

SHA512
08ee9cffe3c346abd9ed84bd9227074de241353879de06051dc4c099126e5e1c6ccbce9a6f6e3c728f140a333821ea09b1b2206810622c1fffb30c73fe57ffa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
2e75d3cd865fbbaa3786a8c94edcfd68

SHA1
2fda6779d3478d7a6a0cdd9a3d3c4749f00779f7

SHA256
9a0dfdf41003cc2e32a8db9c8b4a7036b8ea67f2f746ebc24572a7f4fd4e20cb

SHA512
7b61c712214fc565a7c5cb667a2051fa37cc84341b1d24c01a629a850aa67dddc23dac9f137691ff758d46707c927c927de30f2045cc656e56ae9c958a055290

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
25KB

MD5
d4ac2ad98b7a84ed93dd88a37db1d7ec

SHA1
0349f86f7b1be02c9ccc96d7e8985a1adfac2cde

SHA256
dd60940dbac82a3d1aec42be6287f27fa1f1c947aa25cb19d8f1d146f91cb156

SHA512
0dd00a57c18e9b8fa31bc2007988e7d075cb288c85e25f8857e4aabd27fbbf1b9715f1c2a2d35a61b1b46df93f1ef7d19f1b591e9b0ecc81ba2ae444203df256

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
23KB

MD5
1b5ec59e5cd95a874fb9ca3cc5dcb38e

SHA1
ba90462108efb72321616d9ecc26a14f0fb15915

SHA256
17e3b183ed53e9e8e088eec7c549cdeb87bd5faf06ff827d0a958e2559b0ec74

SHA512
f6fc7f54330cb8bdbfe922e2c1507a348a928294ca03e8583dc34c31bb23522c34a09a094a1ff61638d77cbe0c4ce8ed9fc551ecda4f04b4fd05658e9dc10b52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
6394615096a0c3d22f502bf96592c8f0

SHA1
fd1fc1fcc400ddff942defa0fe6d5da04224a333

SHA256
9dda0a1aad049da642f12f22237bb67d3fbc394fc7a448f8cc6b6778d9e42df0

SHA512
d3235332ed956bdeb69b89a550059ddae65d026a021e16668b902cbdaab233c463427826186a37459fd69ec458c645fbaccc811a2fa758781096976b2ad5c391

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
228KB

MD5
3a30693ceecbaa3ead40198aeb8c977a

SHA1
401cbc8e188f7cfd5226e0c487a9220a2670bcc9

SHA256
9604fe0d0824bd4309ef3ff8b5c924f9471698400d08694a452f4f67561cb543

SHA512
2d901b2436401b2986d9690bf0456420477a9497ea06e970885139a90ee9631b26662cf0ce0931fe4e4acfb0afd49c74b7e4d4b8ac993f268d0b2b82e0c11227

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json

Filesize
12KB

MD5
18261eb12378081f939fb9415ca0c9e1

SHA1
20d4ff782e17fe45e71c3f9fc60a94655f72ec7c

SHA256
12bbeec9a0af9e3ed945b28b9b8ef89b2f897768d1ba3ffd6f3fbb42fa5bc556

SHA512
fef634b4ce77c2f36ce1bdd63e8ac28e76cd089f0bff33f4425c757ddf37fe9fab30dea7b5bb51c91eb27012cf78800e03643e13d51a25bf624ce58ab3488a80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\favorites_diagnostic.log

Filesize
2KB

MD5
016c97470201c42947619d9867f4cca8

SHA1
0e35cb702739272b2a7222360545ec54ac0ed065

SHA256
b9862a60b56d0ae4af07718313a9a58a644b6991f3cb0beb33ceced2246b8d2b

SHA512
2a66e1505b77a48a4ab21f5b9c91eb2ea53ddc222eea000ade1543dd9a706f0c6bed492771d4c9368c32f9bacec2886fb9f9aeb798e67e5a595b3e3e734f8a80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

Filesize
10KB

MD5
d18733a44f02328a977395d23c4df187

SHA1
c5591f5c7efed02ce901ede72a1d912346fdb1e5

SHA256
c0dad786b9fee96590cc3b0f008fdccc2f85e85281b4f00874b0709beceb46de

SHA512
af807ddc0b6966b37d92dfcb8edd31f360498e02f2428fcd834fbfeeb9bef88e168bf0752545b3873bac06a2e0ff48f625b3deaf279121e3fd72257011572526

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
322B

MD5
64f9d43332dc4032c27fed5e37d3dbec

SHA1
7a9d8b67ad08feb01ee53f63a59310cfbfd2bc72

SHA256
85541c1b47264951196b92e156afbb14d95e06a81ef390b651af91650ae0b561

SHA512
b74f4e812e813457e0ae991a4f55e5ab8420a06ff5959fafb5252cc385e8b4799cda9d25c1ad2f1bbde354507beb58b49aca7f68265d10a9a4a9bd828e80b794

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
97ba8d3f47e12a43cec79c44cc40dc16

SHA1
78991d4835e2b1fb3c8cde560b365b2f3107611a

SHA256
6d635e280d718ad42b604293865e02586d04473280ef2699e88eeb31486a4667

SHA512
004ff6941bc8bf802a8d4704fde78ca91cd72db14264469814b4819b553e05d5bceea5fff8555b69e019b30a408324e1e8bf6d46514b0287009b821c201577b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
340B

MD5
446039e257fef280afcac3e7372dca75

SHA1
1be37574140ee2caba0c887a475f12d6f2cee525

SHA256
5a0dfb56b0e9669eec503645ffff43efd1a96b33b4fac34b70d2fe47b9f83e8f

SHA512
6bc8a9a524969f8a13b0ed01c8f55ab1bd8deae4b626c562970f8f039b2e0ec16273ee331dedb71b0e345264dcc17e533636ae788a88ddc59bd5dec0bcd1421a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
469B

MD5
82ee29a56f615b8411b9fdd1014149cc

SHA1
ab259588b6ef58b9a2fe433276b90c39d8d42d4e

SHA256
48c97abae43e0ecd77f357abedadab99d2233399b03e15b09eaf98363a65a12c

SHA512
664720be627964900e9b4de97715adaedd0920b82d4a84513b8b3b7ff6bf042e4fb8c704f6a1cdbe17f39a0d271ad1d696f3a4414ca55a219c0f4e8f3671bc2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
904B

MD5
581bd3d7c5acd57a6ac7177424859e2a

SHA1
a2f117e871a128620dbd5ecd4e193cdedeed616e

SHA256
741e31a63ea8716322e25d1b67be177f3f15e6c644c8713324ff3276ca7b7990

SHA512
5241a50663de5dd45307060ef4d9a860930ece8749a4fb037c3f137ea27f2d1c64ea13693dbedb0761df107f03a5e74333d5e8b238b0259faa67c0914637f467

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
b8127bb91a01b5baf99e8eb755458b7a

SHA1
5f143e9e567b1988b04cd2135e6f2fc269e726f0

SHA256
88d9feae2d61a6540f8466b8b15f4ec3db06b903fd1fc30ef3580d005d4c0d11

SHA512
1c8f843dbc0a38029ecdddfebff78a94ca9a5456590055fe41de83e7272ea9f0d78697c16b7e4cc3ee5d2755702988f2210c3d768f8aa5ba5a3cc5ce08a6e029

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
8b528952cab20eb59074600cd10fabd6

SHA1
3c910fd483e78e93cec540e11d0e562296fc7eb6

SHA256
3bd6978644f35324d11393c603174a8563fe8a8d8e87b4bda42f0473229e9c62

SHA512
d5d34740e98802deffca3ba8fd194df8004c640b2ec91fc0eb6876bb89cb13789fb248247cccf8bf09e4dccd8bdc26431c8e962d1bb8370fe74847e28eac507f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
dd4b8fd1fedb134c5c6622ccd5a6d1fc

SHA1
59c6f83b5e9f657f8fea7088c330e53366516806

SHA256
a0de1841fe9add8320551cb99d952c4642689fd03d5bb1b2535f47e54170d96f

SHA512
d92522213ccf3946c8f0e4758edf552e668e67470ee04eff50a1e571707c94b9a0297a295bec597653bead7f4c2e01b8e9db3d7e984e875a2d339cc38f907220

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
bb14c2581d7159eb594dd4dbf2e5c668

SHA1
7f0224a02f19305d1b86973d4d4c07a3cb21ce88

SHA256
8d9d5c523dc28bd01153b941aad2264bfb41da6ac14a7802e60be0aa06af26ff

SHA512
0f2acc78ab5ebd82a5bbc78d812497eabb5074f3e19ceddd7300a400aeb5102e6294bf91408e7b925a1d64dc01c96f52b647b36159076f65226ebca39fdd21f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
9f8076413c4be11c4a39a1fb5bd601e3

SHA1
2acfc2edf333da79e81973a2e8154ada2ef6d2c3

SHA256
ab6094ac9f7b4b44b7ea1cdbe89f64af7bcfdbee0fdea71fd636c176cf5909e7

SHA512
dd35df77ec242895203484980bd73f64fdb447b97687fa99db500fd7ebb7abedcf9667857df2e626c8842843c2230d6a747a58e9739fc32149cf73e1b1653d64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

Filesize
120B

MD5
a397e5983d4a1619e36143b4d804b870

SHA1
aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4

SHA256
9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4

SHA512
4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
b0ff949cb71516ee35e44b1211664bd5

SHA1
50b9761acf0ad4b5367fce370869413e2c5d52da

SHA256
5721e3f1d2825c69f889f2b1c60a204bc88663e1ea8919e8887d16f79fc8c63a

SHA512
2a71a48ee6c081f97aa7f3257e53e7e61d240eb7f6034d6ff4f0ec35e98f595bb7ad358318fcda74c93d6fccdd1da8e0ce302f472911102919ff201c5a5df646

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
6b04b15dcad31897da96804a05295fdc

SHA1
16bbe74f95ca47b7f251fff080d1f1623ba24e2c

SHA256
d9439f0ab929eadd324279ec60a757523aa9ad61232b58e47fa1379d5fe43f7c

SHA512
4043f88b00e9e65cfcf86bef7feac704eb1de82f4fc3c10c15a078181381e44006cc986ce173adc56c41fc9c35939f340b5e1b08525b23c1346981413a293b64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
332677d5dc63a29eb9cffc04e495a59d

SHA1
4593cc0b1bddf3bea4dd2301ff4909ba4b387116

SHA256
6eaf2cc9a64d9c5860b785b671e7b1287058c825197de137d67ba3f7653fa6ef

SHA512
69529da2344fa81482c7e3d1e08f821c8f7e5db5df3f844e60b8042b3b993f53cf0c0ad3f23c8f71008861213b96d5c2a9b7fb601add847be830a0df6d24d2b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
e2228f19e659c247341a060d1bbf6271

SHA1
21bddf0eeeb966801e86600a949964312c078dd6

SHA256
4d6c4dcb8e641fa588410c434becdcc650f3dd0b393b78bcb3d159bf7271ebe6

SHA512
69e06744739d4b17d193a5caa17fc730c65e3604244d3db5eb3f2a98edc07187bb5e733f45f1f1c1811ea9418a85a1da50c8928db09722c46fb8eb720f8da251

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
8c5a045e63d108a83997ea8aa17291fd

SHA1
c38d825d9e23fb8eca2197533821f517b596b238

SHA256
72f81e91c66be579ad5ef599a44d7139d3d36b2c62927b584ff5ef512d0a6dcc

SHA512
bdbd181dc9d78f5fed65c1d163403de7d608675fbb8ba5c7300430b74c5ff591088da5a9a4ff44f84d1e00ff5fbefffc68db0c7aa918657f46738876353ec97e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
a7a79f3716b4d1a8bbbee5e56cb9a792

SHA1
a4394092c50d73cf55cb58734759b9196626e4f0

SHA256
17d8765aee23c6a8794434b1dcec7c3223b3ebc1e7a5aabc1d9c0e7cb81c5436

SHA512
bf10edde5ccd26003e4ab288c3084bdece4315f642ddf1510971f3a13aff59b894a61d35ef81bef664c869f77c524ef349980e4be32c3ff305f8e2419cec80e1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
bd2f8bbc353e4f57af63ff0dcbdb7850

SHA1
be491e6fe463d0447173bc7613b656b241bf0a5a

SHA256
8fa52bcba41520265a219bd92cedf4f16d3e23eef8d14c51903611d0f1f82424

SHA512
3249868603c2d511c48eda07db9e966bd3652ffa8b20d87257a151c4c6136471207d95fc07c88161f58caf16678468573467dc936d6d201612e6b9dabb03216e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\first_party_sets.db

Filesize
68KB

MD5
b732993fee92feef21e1c2e9aa1fcc0f

SHA1
b8bffce1a85e8f568ddcfcc7e0f66b29cfcce13b

SHA256
43bc697650b73e2fdd4b361e42fdf601afee195af55fbb6307bf3a08263f810a

SHA512
6c196ee8d757d793a4f37fd874126d1abbb99b28aded0f84d48d6fd59480079a0b8d8226acd02103fc9c08e84d29286698d91b8dd356e3793de380a04431054b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\first_party_sets.db-journal

Filesize
12KB

MD5
7e78103a2bd54b805fe054844607b057

SHA1
4080bb37a7ce455d8ed61187779e8343763ced35

SHA256
80dc4e584b8834cebc2133ab86afb1e3051fe0598b0799e83c20634e277675fc

SHA512
93c74f8e5df4ed23a313aeeb2763a1131ce4116f2739ccd63abc6d3ed00f150117e622fca1d0a5eb2bb86f2ce3da3530dba989c10e27103e8f350ad1ca3b85d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
0f3d978058a209a05891f6d192e78acb

SHA1
09ae84d63379ca35657886691a32aa5de015a9f4

SHA256
a25f2dc4c41fc8fbdb1c6ccd806b9ae5d9651ebe36d2b9fcbf4ac3a280111066

SHA512
4f35128d40c3c70c3f7a491734638429fa22bd415f6765e21719d8806f9a7e0d01880f8891c6f12649939a749e44ecf7e27bd0296ea2251845511349cd2d5fa9

Download Submit
C:\Users\Admin\AppData\Local\Temp\cv_debug.log

Filesize
2KB

MD5
f3d44628426065ae77c6a06e6c13de52

SHA1
57ed5053a1f2e304ca25838d1878b6161fabef46

SHA256
d7108d862aa955377730ee41df497ae70e7f35daf486f28229bd6b04c9aeac6d

SHA512
4831b92968005f503917ff5aad7e6f963bab62f17068924494813f63a68f51028e3524371497dea31d35b8a04469082d2a469c40978f16bae04025c9f50c429c

Download Submit
memory/4020-712-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-701-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-702-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-703-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-707-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-713-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-711-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-708-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-709-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download
memory/4020-710-0x000001EB55790000-0x000001EB55791000-memory.dmp

Filesize
4KB

Download