hxxps://u[.]to/xD82Ig

Resubmissions

30/03/2025, 03:44

250330-ealqjay1hw 5

30/03/2025, 03:41

250330-d8zvday1fx 5

30/03/2025, 03:37

250330-d6zrla1qy5 5

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
30/03/2025, 03:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://u.to/xD82Ig

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
68	2552	msedge.exe

Drops file in Program Files directory 12 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_207446775\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_173167423\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_173167423\smart_switch_list.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_173167423\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_1918832304\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_207446775\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_207446775\nav_config.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_173167423\office_endpoints_list.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_300225194\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_300225194\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_1918832304\protocols.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping3880_1918832304\manifest.fingerprint	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133877797016625074"	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-83325578-304917428-1200496059-1000\{67FF5ED0-F2ED-4C4F-BAC1-771245FBD055}	msedge.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4400	msedge.exe
4400	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe
3880	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3880 wrote to memory of 4312	3880	msedge.exe	87
PID 3880 wrote to memory of 4312	3880	msedge.exe	87
PID 3880 wrote to memory of 2552	3880	msedge.exe	88
PID 3880 wrote to memory of 2552	3880	msedge.exe	88
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 536	3880	msedge.exe	89
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90
PID 3880 wrote to memory of 924	3880	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://u.to/xD82Ig
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x268,0x7fff2494f208,0x7fff2494f214,0x7fff2494f220
  2⤵
  PID:4312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1904,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=2412 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:2552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2216,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=2212 /prefetch:2
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2588,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=2728 /prefetch:8
  2⤵
  PID:924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3440,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3460,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3496 /prefetch:1
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4132,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=4144 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4200,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=4172 /prefetch:2
  2⤵
  PID:3324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=3636,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4136,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5276 /prefetch:8
  2⤵
  PID:1056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5280,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4976,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5420,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6068,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6068,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3708,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3716 /prefetch:8
  2⤵
  PID:3848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5072,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3704 /prefetch:8
  2⤵
  PID:4984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3672,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3560 /prefetch:8
  2⤵
  PID:4116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3496,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6164 /prefetch:8
  2⤵
  PID:452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5296,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6556 /prefetch:8
  2⤵
  PID:64
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6708,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6724 /prefetch:8
  2⤵
  PID:3900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6712,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6876 /prefetch:8
  2⤵
  PID:4876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6744,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6584 /prefetch:8
  2⤵
  PID:5488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6896,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6724 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=4172,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:1
  2⤵
  PID:4020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=564,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6488 /prefetch:8
  2⤵
  PID:5768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6316,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=7012 /prefetch:8
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6264,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=7096 /prefetch:8
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=5564,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=7040 /prefetch:1
  2⤵
  PID:3324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5116,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
  2⤵
  PID:5140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=6976,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5360 /prefetch:1
  2⤵
  PID:1688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=4456,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --always-read-main-dll --field-trial-handle=4212,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6024 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6940,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6764 /prefetch:8
  2⤵
  PID:2824
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=6676,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --always-read-main-dll --field-trial-handle=7556,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=7576 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --always-read-main-dll --field-trial-handle=5184,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=7508 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6512,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=6948 /prefetch:8
  2⤵
  PID:3804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6340,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3656 /prefetch:8
  2⤵
  PID:6136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6156,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5652 /prefetch:8
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=7916,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=5504 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2560,i,6702383077507090333,18085450245258215229,262144 --variations-seed-version --mojo-platform-channel-handle=3752 /prefetch:8
  2⤵
  PID:3212

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:748

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping3880_173167423\manifest.json

Filesize
160B

MD5
a24a1941bbb8d90784f5ef76712002f5

SHA1
5c2b6323c7ed8913b5d0d65a4d21062c96df24eb

SHA256
2a7fe18a087d8e8be847d9569420b6e8907917ff6ca0fa42be15d4e3653c8747

SHA512
fd7dfec3d46b2af0bddb5aaeae79467507e0c29bab814007a39ea61231e76123659f18a453ed3feb25f16652a0c63c33545e2a0d419fafea89f563fca6a07ce2

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3880_1918832304\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3880_207446775\manifest.json

Filesize
160B

MD5
c3911ceb35539db42e5654bdd60ac956

SHA1
71be0751e5fc583b119730dbceb2c723f2389f6c

SHA256
31952875f8bb2e71f49231c95349945ffc0c1dd975f06309a0d138f002cfd23d

SHA512
d8b2c7c5b7105a6f0c4bc9c79c05b1202bc8deb90e60a037fec59429c04fc688a745ee1a0d06a8311466b4d14e2921dfb4476104432178c01df1e99deb48b331

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping3880_300225194\manifest.json

Filesize
43B

MD5
af3a9104ca46f35bb5f6123d89c25966

SHA1
1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8

SHA256
81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea

SHA512
6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist

Filesize
105KB

MD5
7ba0e1240fa041160176aae49bdf852d

SHA1
6a59f3bd74c7d95adbdfcc517640f0c1c38eddd3

SHA256
4ec7dbba5db34d797c8a627f0a824e8476a81a90159460a8a4a6cbaf9121e0df

SHA512
ac8f9c79d1561b4944b7a8b44d3fcbccd046608d54f0345a8542fe0bcdcb7f7c611878ff9bbf613d6188877bc35120788ed32c6207f1bddf6c181b811993d7fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
5a7e1750438748bd333b79a94ca69b2a

SHA1
94fd1be56969e269ce195ba29c3d464d356d6556

SHA256
6d7a64a318c25c643323d5cf1c0c80ccf2f2433e7d74b722fca90468f8f9b914

SHA512
842509c0f495ee24d152ab3f7867183d7cd64b01b5a9305405682abbbff3aa18a8ad7d97ee039393fdd1766fc17ad2df1caf711dc4db8dc7b9df608ffc0fdc7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
eec55fe349980566b1dbf1d409d28c3e

SHA1
654ce4b550defea0851f12e8ff81ae9298bb3f60

SHA256
2e81ea3d7ddfc0274f3955d5131143c481e63f2529514c5295873b393d508efe

SHA512
58e02658d08732b5f36e868331a483b5fde15475a6c5f704a19c97d920399c3f7d41a8fa163c66683bf403598f8f48f0cf9fa468f9783fcabd9136a55cec0059

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
100KB

MD5
80b5b90c4f3c45f46d57b5e1bce1e629

SHA1
367e3928b8c501a0827fd1b56083824932e9dfce

SHA256
f8f5766093e3c09b37b085fe81a7d8307c69b34710794143efe460ae62bafb2b

SHA512
395fe714443f48f04896aaabb79d852a79e6ae948fbdf1678505be724c0efd172043b36feb8716d9882585a47d23746f2dfb1cfbb18149ab9e71310ba0b055e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
110KB

MD5
856a44c7e5f305d914f73151e46348f1

SHA1
ef7198fffde31f348f41c1fce450f7c83f2724d4

SHA256
f576eb2ecc60fe36e8222e836af2b7a7fc0e2f757159e970631eb2e496b0411d

SHA512
c429e91a2cc420bede1768600604b9e3695d0f29640da2880ba9c2cd528fad536b63e40e142c48275b21c3607ea3e5677eee2c2c4332c894ff70687069dafbe7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008c

Filesize
19KB

MD5
3b25fbd9be0594e7d5dd630003ef4194

SHA1
73d1b16b7b95ec2907407f06c3f353497e29a362

SHA256
0ab699ef1483cd423e0880e48701eb0f38d8d250a4f7e63262a5a10e587f6df1

SHA512
137ca7a8f12319721e9ad5a729c14c14cd560abad62366fe47d2742ed30e9dcf5f3a3c1c5607deee579ba9407ce5b5c1c737bc74e07e64dee65e1fc2ab8b0615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
17KB

MD5
a673a4ff37878ab1cb36ed1079a6e033

SHA1
823159a712bccac71c5dbadc14f30b4f3592f424

SHA256
9edbc2b7d4862beb81dfce14ae3ae0cc1df4359c2b535a79c34f4cc5072afa17

SHA512
02f70f2c2441337733ab64539299f1739248bfb43aa4fe00dfcfa558d6b4ee8ebfec28a2146554380f759174d7b4f0d55056bac251a3e870d6fdd211c3c754bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008e

Filesize
58KB

MD5
2f235bdf2edc72828711a31542a5f2fb

SHA1
69c864f5d1d75fbf58aa34aadc9172d12168d342

SHA256
a2d6c570e58c1530d378539a81c293cce51cf26245f212a468cf308c6e6af5b2

SHA512
d9df48fd88930dfc1477492166f2eef838eacd8f138b7082a586e1adb6c2c9861c28419640c6f1722ce16f279681ba44f5e716404f7339e0a7048f29fdf9cec2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008f

Filesize
355KB

MD5
2c017cd370b98f091fa277c8ed78271d

SHA1
8375a048564a44e5050bcfc12b1f2eff5f1f77b9

SHA256
c2b3511773b754984d34120b24d5af9c8be62298105c7251a3d0d4c14c4ddee8

SHA512
f93da7b825def400c32ae5f91c5e10ebeb17bb6d8596c556a02e9c3df24754448f818dd4b9d34af9ebe9c8c20be84d391fff22a04baead3c982775195d7dcb86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000090

Filesize
76KB

MD5
c99f966767a99c2971aaad4890f0d323

SHA1
d6dd4e0199e653bd6663c5203dc3889e9b6c0baa

SHA256
ad5f0de938a628df6b0de66005e92497bb39c09fb8491ea7fc4d5afd600262e2

SHA512
02475dacf307541c4e2801b2e849585d4210990fff97bf5afe9f44f5ee46ae8ba21152295cd8baeeecba3005250d81e7d280007f0b8f57f77247a3e2588b7c1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000091

Filesize
162KB

MD5
f940229d627369addab41812491355fa

SHA1
d9841ecc9cc2d7fd90f3942c1f3d7f7fc2e5735e

SHA256
76c5142c1e919791706b2455e9de9bae2f27ce69e49e5a8f373a261ca3129fc8

SHA512
8ae717ef8fdf180375fcb04954454535b4b92ee814dc61b1281b24261792805af18248f071722c7e31a67cd53d4540eea0aa8ab91455d004c3da815c550f7870

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000092

Filesize
72KB

MD5
0c24bfb73d5151493376eb1d19031fab

SHA1
a899206d003d703cff22f20464588743d2b618bf

SHA256
3244024bcd81b9acbf69488de4d07f9d6df8ed070990ad1706bc4f510d63e64b

SHA512
b73528b77c5b60a97f79ecd9debc1d49693dd7ab4e1df756afa5c3c455a83bfb2a8686558c0962401594e3f69fe662b8e7830f9a546a3b917d4ee66903bbaa2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000093

Filesize
64KB

MD5
b91d1d2c9cff8e17f65f77e0aeca3e72

SHA1
ebb1f2282ff8d8ed410b05d5dbe782ad45028435

SHA256
f57ae381b449e4170c6b178c5d9e4d528195dc7e0c0d166b302b4293dcba3c94

SHA512
35f8647752539cf68cbf11127ebbed36e34dd1636f7f9fcf9006e625302e087582dba708f78068068dd1336a505c0a1dd4123f70a09280068f4f210a0daf8c7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000094

Filesize
128KB

MD5
63288d3a672bdbc2a3ad8045d598d78b

SHA1
c2a1caad4a829bd88c7a3f3a8212408ef97f0930

SHA256
f9a64aad7a68f88bde77193f44bd84a7dac2589a1f8d4ee2463d54f67efaf51c

SHA512
bdd2c9c1ce270bf17d63ab81da870f120ee3ecbe2f7b0365802739be8dc476899dad9db5e7ecc76d2880a7eff4db363d340ceaa02848ad3763cefa8851d4b484

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000095

Filesize
128KB

MD5
e77d4a4bbf9cc52a064b108aa40aadee

SHA1
52766d1c7dcad3121ce67a9b6cfb5de703c9ded0

SHA256
3170e3205f49d04ae41b4c13237479a3a9a222accf4cdce9f4ea6b1032a7130c

SHA512
0093642af44c9b4c70ae72138dc9d8ba60bdac1f561e2052d0207d5671d40d5d27fc27ce18c7e91465b4aea371332783abae89ec47bce6da39e775168ac63e7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000096

Filesize
256KB

MD5
f61c96a65b60f7e4c018e2850f5a4880

SHA1
f36d693611e6e167e20ad40b143ca01454c0898b

SHA256
74fb5e0934e2b922fffd0d9d91a870d851cf834fae52d6c80fba17dc052dcbf2

SHA512
f87c2170e5c6274f56ee645d441cc793a14426b5f487ca31a3a2722c7ff337ade99cb030be030fbcd92f8d5b00261fce06753ce98a77cecb3665b7a712596a51

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000098

Filesize
67KB

MD5
42304c8cb0c1405dbb8722ff0851092e

SHA1
d29d977dbe442bee281abfef45d2fe727f4e2971

SHA256
852a971f5f8d70afb548e7010a25dca7c0e97d350bee2e8009e8063eeb80bb0c

SHA512
4c0caa6d7deefffa50ab323826df30a1de5f1393810c8adefae8e93667049ebe335193650f3f40b3af5c3e5a00dd01623c0d0d7d7c88830a6732f84644225b27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000099

Filesize
20KB

MD5
dec2c4d37b3f7087b3be4b8d2ed03e3e

SHA1
81f63505d09004d905c0c84adc9844605e6b53cf

SHA256
6ac4ad2651b59806f7d477b69ea3987747db370059e50b7468d3248a5e00c497

SHA512
6dceed439547b6c8b00edc61d2e5ec0ca7bee0f0ade8036191ab87176e3d579206a6f617d24847757370528764782804401f794e450e1977d5a92676449d422b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009a

Filesize
57KB

MD5
de363e11e4577eeb398f334d5b7c6af1

SHA1
e8f7443a277c4d3632576a4d61aa1c8d57ee90bc

SHA256
8cf53084eac4fae1ce61e67a982fb9f997cefe7885270e2c60acf7904ed27df9

SHA512
ae272fd2f61b8da5e347b59574744d97572e3ec244a521930f6e0632b1b9c811d403f288022a4d9088f7a6b7321a6078dc0719b3277813169caa081ac2cbbb20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009b

Filesize
71KB

MD5
248a4d793a67c45da831f341c6e08d27

SHA1
93cbd3c8583207fc76c13a269c3aa2b50a290b26

SHA256
47af4a758c203809b381228465302f138a519c76490ff09322883f9fa7a8c5ac

SHA512
c73871c2f15bd0f9c0e2363611350bd9036411c75d0d9ad177640cacd001599139a549559681cdadd17a6dba9453e6e3c6f9b679822da1e30d06fd281000a5e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009c

Filesize
58KB

MD5
a02f6a23527277ee9ba782e2705a92a4

SHA1
8588434085234a56b0c8cef24999734bce5bccb8

SHA256
8cb910fb0e56093c0734842ca462a5fe0174c6facaa2edbb745156e880309e2a

SHA512
e2ebc949880efe3356b5e2c186cbcca20c5c1ed90545b3ea1797f73e346f814fcbd902410a29018380101c674b10c2f0201ff7569d05eb30500a6b4f3db9734c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009d

Filesize
16KB

MD5
04e1f6c4827af415993124bead3b89d3

SHA1
fc9736c8a180d55b9f22fff832e11d1f22cd0e2f

SHA256
86e848bb80d1e1586f2059d8bef552080d871057bc318c2e204ca552bc18041b

SHA512
8469b83b6a271e3205bcfbd092271918dac86f6f2c1678c737eae06b1e2468188c070a5de98945462d813b9e6ed2fc54a3c4d9a024bb43316b9ba4c32733c968

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009e

Filesize
20KB

MD5
9d5e7dfd5c74401ee1a9385a7d43d247

SHA1
e781856a557abb5182b4843643d9f8f683e9af98

SHA256
85a9f80e25c666d66d274b91574c8ae36771d9538c0e0a6635d7befebe881735

SHA512
32752d4efba3923531bbc2858a6cc7d299efb1dc149e3ca26873772fd22234ed7aca3b38fc92698f199945a05fd253e1d5a79f0f9281c2929f38987e640069e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00009f

Filesize
25KB

MD5
faed28666e4b2ec7a7c999201e73462d

SHA1
8576039a502d4d44f7547855df7bf6c314b74383

SHA256
3c752d117de48ef0323284ffd9035c724d02aeee609c39c4c29fd923277cda4f

SHA512
89ff417b94f93babc581bf239910edd2b9bb860e04b9c381e3f8939ab619b37f02dc910d610230b3be9aee59268a7132ea9d06fa3e0c8efc059361b200187075

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000a0

Filesize
17KB

MD5
bc08a4b62ed9f915412a7723b53891bc

SHA1
b59471d298597a3aa170fd1517ed3c7ccaa3fd05

SHA256
920239f06062ebd1e8320c88be06971f7475d2458d830d713d5e340f0b71e14f

SHA512
83f90c26e3af51c72588ec9acc7ee0cb4f19dbad1892cf2b0ad9340acbdeb185791d27880656a2f784f62e9a208981c669581787e1e8661fa405685fc322b26a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
9694fa3adc2a908ae58e310490ca95c8

SHA1
be063b2d555138e45535e052a9a0d2d4bd246636

SHA256
23f70c3249a8770be88dda6582dfcfd08c5b8f4c0e23cb1e781c84c4446ef219

SHA512
915efe212e59e6f188e8fe347bb72b13397471403c1d6fcb9a87d741126483316572e5f69707b0079febdf9c5612f34460c27fea392672acfb1ef3db771ef344

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58d5e9.TMP

Filesize
3KB

MD5
33fc327427c952d608f625b992c9958b

SHA1
3a59991897e0693be3c14285a77b97a413067616

SHA256
3c60e60011d9b3eb200784b7e0bba37da3a7519326261ac7d92da9eac73928f7

SHA512
d98267fbb69511a94f4285c3d49745a4ea6cd264934501f1c45b05f510fb0e65abd70d90d3d79bf0038a9ac4ea682e9c39132e6033b5436f5e881d49514849b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
69KB

MD5
164a788f50529fc93a6077e50675c617

SHA1
c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

SHA256
b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

SHA512
ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_1\content.js

Filesize
9KB

MD5
3d20584f7f6c8eac79e17cca4207fb79

SHA1
3c16dcc27ae52431c8cdd92fbaab0341524d3092

SHA256
0d40a5153cb66b5bde64906ca3ae750494098f68ad0b4d091256939eea243643

SHA512
315d1b4cc2e70c72d7eb7d51e0f304f6e64ac13ae301fd2e46d585243a6c936b2ad35a0964745d291ae9b317c316a29760b9b9782c88cc6a68599db531f87d59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
42ef6df6c029f28076cbfed35f9ff72b

SHA1
15edc4ea69afae52e748f618962b4aac7e2d95c7

SHA256
45794cbc546172a11ec504f857d064a88b3727d194fded671da828349841a989

SHA512
476a7fbcd58bc561cb134f1b48d6de92623a80f888dbc51ec4b693667a8622d530a1c160ed5556d1d02aed4dc68253a726a79790ffe1664064f87cd51a853e42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
e1ad238efa533db075b32d0261e05735

SHA1
1a7fcf2cc2a87cdc10c54d5ca8bb753561ef042a

SHA256
b6a0579a6139b87a8711c0f724ee3251d82668b6e8351fce84c1f8477d74db62

SHA512
8dadbb9acc08bea9575f36c366c4df024c3a4764206928180cd1f3431330eaa1e60c609126ca58f32ead0ece3cda31c2a0877efd1f323a8578c43194c82e3393

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
211B

MD5
3e87f2013c70aad89ddd1ae13714424d

SHA1
2b5f65c36cb9019c57732fbcef72aff8f50981a3

SHA256
6dbf8aa851dfaa1098eb3678a766735b4de5c518c7de00d96ef020d6708e89f9

SHA512
377d367edfe70611328e591262e24cef020b409a4f4ebcbc99e9fef0ea3b6a969cd8cfee143aa635204afa6b54c53dfc7642b64a1cf2a4d55ef01026ee390948

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries~RFe589bce.TMP

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
67663efddf9bcde244125c1ca3a45059

SHA1
1d5f249bda4bb34794f8a36374835d2fc93035d9

SHA256
d7d0c20f780271b4574b902ed70465e6a0370c482be5e7c218e67b5e348d1c7b

SHA512
db820d198677a2cd2ba818dda7d91dc7c81eac4aba6ddd235462815c4beaf1958d3304ca16ebcaac731a03aec6ea8821a1756e231107d136e6665f0c92011468

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
f5cd6f48e4357552f1d8bb4bb960d0e0

SHA1
6c68dfdc0c66ac3f7801ee04218110bbaf4c8cf8

SHA256
c5b4f1ccac4812d0aa09f8d0211c6bee3b0ebc429ee648bf51746accdd0a73e6

SHA512
c0c6c7d2f99133e2030428a19b22c73dd323f81aaba313e46e9cb7185057872232890bb7fbeddc6f0bc85d0c31831f5434cd0b2fa3b7ea4d9f4cb21e05b2c5f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
3bcd42151b4a0d3cd295b94a4d4af97c

SHA1
84e27978a36863cc33919342d4415153d83b76ed

SHA256
63353799d27b105398a988792611b66060ce226d455176fc4713a9be596b3006

SHA512
2c2f144fbc8fda0c2dd324896249dd85d05251649b86f53404e4542c0d8b3e39f77711e1e3fcd1882bf6ba1dff2aa8cc048d38d6a8b4c3701fe4fa4b5a32b902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
14KB

MD5
b8876eaafdd4829a0515154be1520e9d

SHA1
ba2ddda7cd3d2cc1646cd9e43a46aa43fafcb495

SHA256
9250a52d42646e41f18e44297335dcc9c06eea5f55a3fa99333fe35a020a1c63

SHA512
86c9461d8d78bd68c53d1d89182bec645cc16d3b8f6f2c3316001dd95eab4c6cd4b98373ec336ca949d20d91bb1e89b278b84f566488a14213e8970f05352868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
3ddd8796acdbba59739e3b2f81cab068

SHA1
d1010c3022f6337a94f5dbfc4b30fe0c867b336d

SHA256
3bbc86c92ce043a6692c65be81c1344b47d3a9c5e22220b84d49bd16075a7b8b

SHA512
b64be10a978be886a79a72c9bd90f20f5c76830d3b8286256a6aef4641352fedc8763e94077f7e7b2aedf28c26f5c12908f025099131e9a0f7288f03db586ac0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
64e786309c7ebd70b9290c930011abd7

SHA1
93f242898f325305a2c5fbbe576c7a02edc6833d

SHA256
9081b62fa8a6cd8e3de2ab3369c034bea3aa3434f7ef162c1f4dd19dc71c09a8

SHA512
bdd0bcd224f7ea47e8201524ea7b7d52b6c2834b529d3334be54fffa194b90f5e199e8135c0c3798d987766e439a818990d4dd2861341bef9abee13e9525ad96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
a517b863ad5f979b09480adc8bb47251

SHA1
549793f97128ed53a606fc3020354525b6466c53

SHA256
682c18359b5a7f10416b14580c78f37c11678d990e601ce733fd52d31bf3007d

SHA512
00fef987f36a89ff3db699d58345ce003bdb592510a56e21ce037451c106a46109011054c2ac38746453a4942536d1e142844aea5e7b57515428fef28a5c6e83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
110fbbd68a211475e0f02fc23d4685e4

SHA1
a165948b8e3cc5f7c1a58914da1149fc1ea77c56

SHA256
b1cb90f239cbbec2964f6cbdddc30ce09243f4ab03570206af942d120ebb31ec

SHA512
708b6eb7112d8b64bb9c1a43748b7c465a8fca9e53f0ba5d68341ce0236cb54e92b321833f92f5f8349e64c157c51ddb29c254854bf506046e2bfcf16277b51c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\022f7806-951c-409b-a47c-826684869cf3\index-dir\the-real-index

Filesize
72B

MD5
08557bece11d3471a4100b3a96eb715d

SHA1
13950ad7cd3a59a547e3bb9a10203014d0b84bb3

SHA256
be326415bb3a807a8d1d6a31a2921ccd2a7eb26f388044b52674e562173e2413

SHA512
82e165ac74fa8c4b66dd2dc5f22ab416990a2e7ff26d95cbe2061888611764e002185bc2dc4056ce157c8580f311c3f80310c3f2fe806a2bef71c630fdae1614

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0a5c8c0d-5c4d-4ce7-81be-a5dbcb772005\index-dir\the-real-index

Filesize
72B

MD5
ce4a03d51c605c40a3e9f5273123b28f

SHA1
bc19da97ae14bd97573c91a9c3ba58bab87a976a

SHA256
d5b83a7568012ded477db293eb59ab596e219ca9dd5efd802a74b8d9dee34820

SHA512
a063e84351c934c80c642bbef346e0e124b161b642522fba69dc87bae0ded2c9ceaeeee97cf1b008866d9e0b0bb41fdda945f159dcb92fd5a913e92911bd9e4e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0a5c8c0d-5c4d-4ce7-81be-a5dbcb772005\index-dir\the-real-index~RFe5890a2.TMP

Filesize
48B

MD5
1ed233a8e1313d90fd40fb6b1b61379f

SHA1
8a337c744ad4ecabcc90bcd8fe56cb2eb5ffa139

SHA256
5c7f1a97c95b43e524016984a3f55d8b9570e9872b13df4b7311f64bf2a961e6

SHA512
7800dff2002fb512fae88accf6f52ee3d8879c9e5eed2e35764bbe4ae20407d772f9c4ad20f928542bcf002580df22b9e0a942340a079b4606cd911d49b58cf8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b6a380d4-5862-40a9-a645-ceea7f421bc5\index-dir\the-real-index

Filesize
2KB

MD5
33a9b75766640fbd6a9eb75b3f9c8ae2

SHA1
77961c188aec56e739720d5aa049be7ca858b295

SHA256
087e664de4e752f2c4cbf8316e20fbcd8fd7252bf4e9fb1e47e08267681f1c72

SHA512
8605346515a461d75220a298fed3c11589c203aa83558ae0827b975d8d06fbc4ad734a33a1fbe57dcb328311b25c39a466b367f44341011f7c9536af18223a3c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b6a380d4-5862-40a9-a645-ceea7f421bc5\index-dir\the-real-index

Filesize
1KB

MD5
1c6db28ceb478e45ea4c3fccc6007ab6

SHA1
ce7d0e2af239f2deff6d30f1c5df20ac2f7ce385

SHA256
4376e5c42f626d6d53cd08c5c34515dadb46952ce452e2f063d883113917a60d

SHA512
4f5f084af5ad0f20307abd902ef054b50b26c6c53dcfd5445203fb747daafe8d31434749b8f879edae772d1f36c66fd44791dbf158dfb4a3c35fdc0b49ad64c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b6a380d4-5862-40a9-a645-ceea7f421bc5\index-dir\the-real-index~RFe5797bc.TMP

Filesize
1KB

MD5
0d74ffeb9aab2a626ac4f0f9648801f2

SHA1
ede3eef5263179d3f37d13c43ed3dcc7fd7ea007

SHA256
257687ee4eac382d6327ba1b668471b08240b3a496b995bf9f116281395b1489

SHA512
145bfdb9cc7164357a89e1e9818acf977632961ecdf9f78a847695ec41ec75bbbad09420bbcde5788d9109cd3c91906390e071adc031b2ac7259de0692bdfd29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\cfabe267-edf0-489c-97f9-d9101df6ee0d\index-dir\the-real-index

Filesize
72B

MD5
699e865bb606a19075c03c9cdb9ff532

SHA1
6365bbb7b3f9c7b6e7ebb13ba65e9fb85c3a06ae

SHA256
c28c7fa68e06a87222b6aabaef63cc208b5900e93f90fb6f4a3e0138ddd686c9

SHA512
08dcf34fd09174913a6f3ec2b9e60cc1306f05dc2c66b17e7cd60ae8f34f38f5f8748144c2405870dd296eac7a8c29525048420ae0378b5f892d4cd16d6a5da3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\cfabe267-edf0-489c-97f9-d9101df6ee0d\index-dir\the-real-index

Filesize
72B

MD5
e6bbe9a12c458816ac0dd65acccf8902

SHA1
b8a523c6a4ee825f63fe856dffd11014363b26fe

SHA256
86b155235ddec2460a3fe1b89c54c89156c9e5f3825a130bdd1f95e05d3a3895

SHA512
ed8145a7d8f449a1efd4c22d692ca80d1efe3e324ee5e183feae850ceec0034b34625911ef336b3f58d8c2ee41b991002bf8b22505fea56acc9b03a28ac4e430

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
327B

MD5
6ab44bf3ef7fb761e45ea29a09c46dec

SHA1
048536085e0561b46817dff61b4e2ef2f979f628

SHA256
936fa8e7158a3c4967f96a292d60c1fe30aa8c252c1fdf6b03a47582000eebd5

SHA512
32f2d6f518f42c9f540bbf0a16ad57f76657cea1f56e26fa6f4d2f0e10d7b5c6b20ecdbd4f6ec2d3f11e7cabfff67613c0c7b2c9d52c12d170803e16dadbc952

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
253B

MD5
136626e2f2ce9a66600760012cb7912d

SHA1
59fee705d007b666374d5c13ef352a8fa5c5f239

SHA256
979aaa2dd9dd256120680f49ee86383a81d320aa9848a73ad51475767bfd749e

SHA512
b1137059c798a57ae93e63d3e36907440b4980e31a99da167b37b7fa9b66ef473e23f32f7df7bc2e1bcbb0fde02178a2bc211736f899045ef095da960fb3f7b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt.tmp

Filesize
322B

MD5
01148d9b8d23f3005d6195809a522b22

SHA1
49bb3365a2e2c71826974d43e436ea1881ae9c1c

SHA256
5606269577b7ef02a1d6f71c748176e5c0c2e27bce05835c476beda45a036c60

SHA512
d5129a0d98fb480972621ec4009f4a416775d4e3f98ea240e07986a43969a7f5278eb051056839756d6d4275f6a3c4deb4997cd65c43fde68aa720c613f74f99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
6b4421509949d3023b5194c88b2223ec

SHA1
d023e5d4293ec549c8a235a423f0cd692d7d66f8

SHA256
9adccefa236d18d04fd7ea62a5d7c1b8844a100ea8bfb085e3a6777f3656b78e

SHA512
6c0ee46480de908c9cffbcb84c8916c60337153e8f01a4aed84f1224f76e2162197556bad15d4b22d17c02ac2b7d7879609565a40884f8090ce3eaa104a9be08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
40edf680dc75e01e0b78d12ab8754fb3

SHA1
ea940816dbea1c6da114488593c0af72d47f195d

SHA256
48ccdec6dbd9091c52065655909651cca3eda02e40a71a08625a045e35461121

SHA512
1d886df45fda36e10bc12809a340a1f8a305f9c1cd3c813cf078d7ef2c203ab2d843bea956446fa6750bcb6f2e8f75428132c5260a753ce8ea993dd7c2d43fc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580f7c.TMP

Filesize
48B

MD5
c3c42802a5f715f78d7c51b006d247a5

SHA1
2a96d7f969f7bd94f832308170d4e09bbc20d727

SHA256
b1e4c59065f972a2d57a1c3ff24727fdc4c3925f947bb8021a5a6fed7394171c

SHA512
94dd0631379d195a5102edeafabc744b6efdf7e9bedab3246bb24de8a1b7eb8a650655edc84de7401eb64e9ebbb2dc43c604379380934b5b0413808e52342b94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
4KB

MD5
323160979259f5138eae47b243a8e13b

SHA1
3047eb9bf450fc1969988168a3958083c7a868f8

SHA256
d41ada66fd0298a83656718002e554952b88ba21b6266ea45affaef32a519711

SHA512
45e44fcf204c524766d24aae7c784ab5f27b49bc039fcdca1667a08a005ef8870d265bcdcd5290e474ccf7e4f9c57edb99c204a82719812eb3dae27ab9f3ed86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
8ab04c07cfbd17b31796c79f5ad17c6a

SHA1
54600c7914f734c228775b2c5080e31bc71935d4

SHA256
232bfe2acb8a91dcd8df2339bc64a9d7cf42a09e99859fadc059ff23e1282f5d

SHA512
3d4efb78eb437ab9c40e3778fc22631ec7201b897134fe24873359931282d4a259d2c65cac744764b972c89cae54f334de5189de22f795de4e5bed4c118c7961

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
872B

MD5
ce2a58c91cc7f042bf9ce02e331df82a

SHA1
6399ddb265031b227f5b65382da0d7dab6fc6569

SHA256
fb290e2f5429619c779d9b65125907ed5e7951b9d06892a90109646d55b9bc9c

SHA512
b31e715e9c9b708bfce5ee774d70229ef9578551e9395308ac36421f0effcc3dd66aab3b1862bb9311dab32c5aeb7c1fcb983d7774bea8247241fb16fda30968

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog~RFe585c83.TMP

Filesize
465B

MD5
1d8db60487a3c28a605c76e5e7d53e77

SHA1
9db51d398ad64a4230a24786e92251c128936f08

SHA256
71ee3de6075cc683a187bdf9a4cc5c3fc8531f2b2c9893b96c54e7765d0de32a

SHA512
483f22bc2af3abafe076ee77823a54548120d4edd77b3e2836f4a24fdb74c6f2946c046c29595980d6760913fe848215a8a8cb56f981e4d5d29e4ca13cb5f523

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
22KB

MD5
56a63f182b2938fbe3e59fbf9681dc08

SHA1
b76578ca24fb20b8bd5dafad4296e5a46735a5e1

SHA256
36edc2510fb072092e4c6b95efe4521857d9dcb7f0b45afdf5e8ef02e5d19593

SHA512
b17246b7c61e26fce1f211311b578d6b3d22c03a042137bb2bb5b23018ce5290a8fbf7a34b2f66fa30b2027296b8a570478f66a144385c320d63c1cef64434f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig~RFe585bb7.TMP

Filesize
3KB

MD5
c7569efb2fa9fe93c0ea2f0896f54036

SHA1
e231c700b778b624f6065b035e5803fdd8b4db4b

SHA256
2422f055fd21adce7a027c3eaab1bbc474345a26cb1b9762b3d7572ebde67d3f

SHA512
c394da9a75cca87f6e20cb2abbc2e087d3e374b613bbc960f255ebfc8f01d4349fc8a487ec56ff8141f47566cf021dc33196e42b6295ce5399ff78e5ce4b066f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists\2.0.0.0\office_endpoints_list.json

Filesize
3KB

MD5
94406cdd51b55c0f006cfea05745effb

SHA1
a15dc50ca0fd54d6f54fbc6e0788f6dcfc876cc9

SHA256
8480f3d58faa017896ba8239f3395e3551325d7a6466497a9a69bf182647b25e

SHA512
d4e621f57454fea7049cffc9cc3adfb0d8016360912e6a580f6fe16677e7dd7aa2ee0671cb3c5092a9435708a817f497c3b2cc7aba237d32dbdaae82f10591c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
30KB

MD5
181a8f056bf17f97e2584addb26e3037

SHA1
bb9cbd7f898e16d3a0f3b5669cfb305975c5a579

SHA256
373f53afeeb05df78682340eac53fc8b623b56608bce35a84f8831447354467c

SHA512
5711bc0b021c227e9667cab13f98c199ce9013a0c8f0d8d549bae18c7a406179a7edd37c3830058785a279553cfbe3167cc3b88adf97fd9979bc1236bda8fb96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
6KB

MD5
e358c7a8bf414f015513b07a71e9dc0d

SHA1
0209f1799989ae2ab6fa730d88a0cefc5c422783

SHA256
335a23a0483dd8f492a3dfbb3707bef189d451e7cbe9283a2c152b31a09da6f8

SHA512
03fc9d1e72db0dff070e8f385670430cee4eee5a13ea0ee90069a9b9bfb3e9adc157ef20db8d29c65b963910f7f9a960c8ab5f306c4e85f1d7ed5220c6b19d86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
7KB

MD5
f3726d17b5a4a58b104fdeee0b9fac15

SHA1
91436093330fa8fcf067a096c93810c45cc9904b

SHA256
0b5d1017f8c1434535318025b42c98e218db219a7fd2ec84d9a128839be4486a

SHA512
6a8f7bfeb5e0214d7af4da5edd0cd6208ae3655f23bfd56e1b3229478ddc81d1ce2602898cb0f2bc1a9d4cec7b561ff86964f7621c6d9cf54762cb9b6488710d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
39KB

MD5
e1448c1d8786314449e6c10f5b1a9fc7

SHA1
d6ce8f6b9c7dad1b62871e8353d23f4d45ac2e86

SHA256
ecd16b8ae7af330935a3dedd0c4372d912565089bf4364b3a2639fc07fb0255e

SHA512
38c33e3d4f93ec318cae3a92ff2c71d7ff45ef2079854a0314a9e7e11dd3f3434832e48f1e9cde38a3fcecd1abebfcb8d618e5d65005c52905dfc6e1e84c89da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
210084a618788ea92802c2a7b8bfbed0

SHA1
6012c6c89f701914892c019f4c5e510330444742

SHA256
b5fec22db0905b8710398ba645793d520305c10dc2a170554a5c0c9cf8e51733

SHA512
d6c889c11a6f8f7566d8c0585e3bbc50f10b3af6ea0270cb5d96789037373d814b258ff5dc32955f533a572a3058ef9bf3ba6024e0ef22ef2b20cd55c601a6c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
0bed6fce015de2943282813e469f8eb8

SHA1
61221067a9072503b2b6e3314cb8f639f7d5fcd9

SHA256
9c181ae358844bb412cefeb42b17ebb4c0e836faec9a06b4c910dfe36bd14e9d

SHA512
cd2584867676367cc9f5e1266bc9112db2dc9fac842e7c10eb9ce10d4a84992408107ff952d44a0132b9f54d28798538618622080c813f5795671efed4b39992

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe586889.TMP

Filesize
392B

MD5
d582e72ec5c8a7d372fc349e68dae0fb

SHA1
00fb21b5b26c4c45ea7d53a923165770368d7536

SHA256
8223d1337a26788c4adc0299476bdb8db4a4422c240399ceb7cbc5ca857e782a

SHA512
864b79d55037155c4f61c4fed9c6aeca44f381685a4fdac4359136b81f1e6ca11ebcbc8695abae0a7bc17b57d13fd18d4ce61b218d714856ec4e26b7a5c740ec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\WorkspacesNavigationComponent\1.0.0.5\nav_config.json

Filesize
2KB

MD5
499d9e568b96e759959dc69635470211

SHA1
2462a315342e0c09fd6c5fbd7f1e7ff6914c17e6

SHA256
98252dc9f9e81167e893f2c32f08ee60e9a6c43fadb454400ed3bff3a68fbf0d

SHA512
3a5922697b5356fd29ccf8dcc2e5e0e8c1fd955046a5bacf11b8ac5b7c147625d31ade6ff17be86e79c2c613104b2d2aebb11557399084d422e304f287d8b905

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
4dce8cf3b8afb6ad6c880daa3fc5395a

SHA1
556d81d925afd9cdafabbfb6b5376619999e040d

SHA256
c168035f9a644e3ac5f52e5a354c184d9f97671e445dd27e41c1fb0b3cf3f075

SHA512
ae36d13d78e5965f99fddd03f71a242c2b2f73a29afd9c9dd4ce7dfd96076261041304d78c5d89342ebcee6314ba9f2a91c059270a9eb3df9ea77d0529235a6d

Download Submit
C:\Users\Admin\AppData\Local\Temp\39ceba77-8318-400b-9dba-8e0c462bd055.tmp

Filesize
10KB

MD5
78e47dda17341bed7be45dccfd89ac87

SHA1
1afde30e46997452d11e4a2adbbf35cce7a1404f

SHA256
67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

SHA512
9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\58b1cbbb-cce1-4ae1-a0c4-7e60bee1cf3b.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3880_1599081061\7bf8261a-c918-4f76-a5bf-959c791693a9.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit