f9541ebd11ec03e291abd701f3633a4c798e49e7ca4ab03534840c169864c714

Analysis

max time kernel
226s
max time network
226s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
01/04/2025, 21:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1053910953.html
Size

19KB
MD5

28587aa1c4d45ad9e351d9627198a7f8
SHA1

15603b7db75ddc6df8ce5dc39b90929da90b20ea
SHA256

f9541ebd11ec03e291abd701f3633a4c798e49e7ca4ab03534840c169864c714
SHA512

e54d1e568590bbd89a08d65c639876938bd0ba97a62c686d60af67c56803b5bc5c519407eb2ad795f209520bd1b2c74c6bd8e385ce4e91127c1e6f138450f64e
SSDEEP

192:0SRSqRNIbYNOWJjHK6QfwftF8+g2ZHllYYy/KTTu67nUASPbGQJLrbpjY9cX4nyd:0wNbO6I2Vt77YaQJLrCLnlyg875

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 2 IoCs

phishing steam

flow	pid	Process
229	4272	msedge.exe
314	4272	msedge.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\msedge_url_fetcher_2372_1411681007\GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_90_1_0.crx	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ko\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ru\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\is\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\dasherSettingSchema.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\fr_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ro\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\my\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\service_worker_bin_prod.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\bg\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\kk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\hu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\el\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ar\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\pt_PT\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\km\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\et\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\sl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\id\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\en_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1977050416\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\offscreendocument_main.js	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\hr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\no\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ml\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\en\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\iw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_752356723\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\pt_BR\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\hi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\gu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_587056902\sets.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_344735738\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\tr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\sk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_752356723\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1665127050\deny_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\sv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\hy\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ja\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\ur\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_344735738\v1FieldTypes.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\de\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_587056902\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\offscreendocument.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\be\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\az\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\uk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\gl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1665127050\deny_etld1_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1665127050\deny_full_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1977050416\data.txt	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1665127050\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_344735738\autofill_bypass_cache_forms.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\fi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1284296977\_locales\fa\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping2372_2013077190\protocols.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133880150235354669"	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-308834014-1004923324-1191300197-1000\{539F0D2C-2DC2-491B-80ED-DE2A6739F182}	msedge.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5636	msedge.exe
5636	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe
2372	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2372 wrote to memory of 564	2372	msedge.exe	86
PID 2372 wrote to memory of 564	2372	msedge.exe	86
PID 2372 wrote to memory of 4272	2372	msedge.exe	87
PID 2372 wrote to memory of 4272	2372	msedge.exe	87
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 4332	2372	msedge.exe	88
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89
PID 2372 wrote to memory of 5004	2372	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\1053910953.html
1⤵
- Drops file in Program Files directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x264,0x7ffb149af208,0x7ffb149af214,0x7ffb149af220
  2⤵
  PID:564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1892,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=2272 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2244,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2580,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=2716 /prefetch:8
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3504,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:4580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3508,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4808,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5028 /prefetch:8
  2⤵
  PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4788,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  PID:3024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5376,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:8
  2⤵
  PID:1200
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5548,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5588 /prefetch:8
  2⤵
  PID:1228
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5548,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5588 /prefetch:8
  2⤵
  PID:5424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6012,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6052 /prefetch:8
  2⤵
  PID:5396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6072,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6040 /prefetch:8
  2⤵
  PID:5236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=116,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6288,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3720 /prefetch:8
  2⤵
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6288,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3720 /prefetch:8
  2⤵
  PID:2156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3668,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3656 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3664,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3604,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6096 /prefetch:8
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=5156,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6508,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6496 /prefetch:8
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6352,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6360 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6308,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6632 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4992,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6672 /prefetch:8
  2⤵
  PID:5128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6660,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:8
  2⤵
  PID:1552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=6696,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:5140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=5836,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6888 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5260,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6812 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5336,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6676,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3488 /prefetch:8
  2⤵
  PID:3960
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6644,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=5016 /prefetch:8
  2⤵
  PID:2616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --always-read-main-dll --field-trial-handle=6664,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=7008 /prefetch:1
  2⤵
  PID:3076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5176,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=3400 /prefetch:8
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --always-read-main-dll --field-trial-handle=6976,i,16407286250693183225,13339028492719367166,262144 --variations-seed-version --mojo-platform-channel-handle=6688 /prefetch:1
  2⤵
  PID:2596

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:4708

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:6132

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1665127050\manifest.json

Filesize
176B

MD5
6607494855f7b5c0348eecd49ef7ce46

SHA1
2c844dd9ea648efec08776757bc376b5a6f9eb71

SHA256
37c30639ea04878b9407aecbcea4848b033e4548d5023ce5105ea79cab2c68dd

SHA512
8cb60725d958291b9a78c293992768cb03ff53ab942637e62eb6f17d80e0864c56a9c8ccafbc28246e9ce1fdb248e8d071d76764bcaf0243397d0f0a62b4d09a

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_1977050416\manifest.json

Filesize
53B

MD5
22b68a088a69906d96dc6d47246880d2

SHA1
06491f3fd9c4903ac64980f8d655b79082545f82

SHA256
94be212fe6bcf42d4b13fabd22da97d6a7ef8fdf28739989aba90a7cf181ac88

SHA512
8c755fdc617fa3a196e048e222a2562622f43362b8ef60c047e540e997153a446a448e55e062b14ed4d0adce7230df643a1bd0b06a702dc1e6f78e2553aadfff

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_2013077190\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_2013077190\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_2013077190\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_344735738\manifest.json

Filesize
119B

MD5
cb10c4ca2266e0cce5fefdcb2f0c1998

SHA1
8f5528079c05f4173978db7b596cc16f6b7592af

SHA256
82dff3cc4e595de91dc73802ac803c5d5e7ab33024bdc118f00a4431dd529713

SHA512
7c690c8d36227bb27183bacaf80a161b4084e5ad61759b559b19c2cdfb9c0814ad0030d42736285ee8e6132164d69f5becdcf83ac142a42879aa54a60c6d201b

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_752356723\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping2372_752356723\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\autofill_bypass_cache_forms.json

Filesize
175B

MD5
8060c129d08468ed3f3f3d09f13540ce

SHA1
f979419a76d5abfc89007d91f35412420aeae611

SHA256
b32bfdb89e35959aaf3e61ae58d0be1da94a12b6667e281c9567295efdd92f92

SHA512
99d0d9c816a680d7c0a28845aab7e8f33084688b1f3be4845f9cca596384b7a0811b9586c86ba9152de54cafcdea5871a6febbee1d5b3df6c778cdcb66f42cfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\edge_autofill_global_block_list.json

Filesize
4KB

MD5
afb6f8315b244d03b262d28e1c5f6fae

SHA1
a92aaff896f4c07bdea5c5d0ab6fdb035e9ec71e

SHA256
a3bcb682dd63c048cd9ca88c49100333651b4f50de43b60ec681de5f8208d742

SHA512
d80e232da16f94a93cfe95339f0db4ff4f385e0aa2ba9cbd454e43666a915f8e730b615085b45cc7c029aa45803e5aca61b86e63dac0cf5f1128beed431f9df0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Autofill\4.0.1.15\v1FieldTypes.json

Filesize
509KB

MD5
c1a0d30e5eebef19db1b7e68fc79d2be

SHA1
de4ccb9e7ea5850363d0e7124c01da766425039c

SHA256
f3232a4e83ffc6ee2447aba5a49b8fd7ba13bcfd82fa09ae744c44996f7fcdd1

SHA512
f0eafae0260783ea3e85fe34cc0f145db7f402949a2ae809d37578e49baf767ad408bf2e79e2275d04891cd1977e8a018d6eeb5b95e839083f3722a960ccb57a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
01cc3a42395638ce669dd0d7aba1f929

SHA1
89aa0871fa8e25b55823dd0db9a028ef46dfbdd8

SHA256
d0c6ee43e769188d8a32f782b44cb00052099222be21cbe8bf119469c6612dee

SHA512
d3b88e797333416a4bc6c7f7e224ba68362706747e191a1cd8846a080329473b8f1bfebee5e3fe21faa4d24c8a7683041705e995777714330316e9b563d38e41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2ed6c377-f060-417d-ba50-4921ece4cfaa.tmp

Filesize
17KB

MD5
b80c10c07bfa50fc4434fa370ced1704

SHA1
150ba0eb396ac90b2f86febae4a3c0bd214c0743

SHA256
29e9d6d35b1291e17af8391d29041165a9d1023a9090730cc2ce62e9d35d29a2

SHA512
bd3b2d2e9eef442bca81c5c2b0056673c84a06ef8565b58de9fc50e6e6ba5cf6d2d559212c3bf3722b9604b74319ac5e812004386bd87e80fa92ee6a61666697

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000099

Filesize
23KB

MD5
abac554041332fa43561973f20e95bbb

SHA1
dfa651e6f602d9e50d022035ce5f705ce63cd895

SHA256
10b50775fb4fcaca9de2ec46af763f6d86b4f6544084f875ddaf0427c5dfbbde

SHA512
cf2296d6725a50e3274225d066d400f5a961b58821398ca27ce31d3993f745ef06db0a9ca2b0d3cfd1b5b2b09124d3c00dd3e950a1368b454b8d90edc4e13a98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000fa

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000fc

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000102

Filesize
120KB

MD5
6168553bef8c73ba623d6fe16b25e3e9

SHA1
4a31273b6f37f1f39b855edd0b764ec1b7b051e0

SHA256
d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66

SHA512
0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000106

Filesize
119KB

MD5
d45f521dba72b19a4096691a165b1990

SHA1
2a08728fbb9229acccbf907efdf4091f9b9a232f

SHA256
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

SHA512
9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000107

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
a1524a9a3e72f5e4399e56499c30a4a3

SHA1
7bbd5ab5043a81fcdbc2d7e8aecf433416318305

SHA256
24699f902efd173cf222db9f14dec9272e78553d17d0faacf7c9abaccbf2af47

SHA512
b700c5f4f884ffbdc757f254d6c8867b7dd3410d86db16132866766b7f3b0b59766c7672e51e1f3c310041ffe63a7f145ee1156fdae8de092a6a9d8ccb8ace76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
1a7a1fde8e85a11a20718485d5160d4a

SHA1
4a45c8d7b82a0fc7557b3610ebd14535ab5b8e64

SHA256
3db310cc5da5ea9b89003bd5368123b3c1e22137af156864dc0c9605639b2582

SHA512
ff640c7edc36b978c87a95d26d291f1025023ba148adb81e3ca50bc4bed1e819771bbcde22edf5b88bc28a19edfeef16d31218fd7fe0ec5ae771c7cfc170815a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
ca725f4e006f1b1bd4c35a1ae81df080

SHA1
cb8f767c1fabf0c0974a6d2ee8e1b3932dfe5f43

SHA256
a8aa7fbd855b8e609527cb278fedb882874e037e87ac615ee793f49fcb0c7907

SHA512
5c72e5a82b69330a5c5bd3e3613aaef774d465c09263561558e3c1dceb3ada8311273c7026b51af7ea74e31a814bc53d7c756f4a9ecde9d15758584dd2e05542

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
3d81914f902f1d6f1c7b883eafebafa5

SHA1
c3b110b235fcfaeb7383d3e5971a8dcf135d3f05

SHA256
83cc1221e6eddece2906e33c3804ed3c10117c12d1f6745ed936cfd42cb83ac8

SHA512
004f9b44197fc701b6eed28af86172678371028346d00b597429b891196ba9ec96d78bcb84eb07715af68a70cc975a3de4c587630379ff714d6b20c8a239ff76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
6fc416a8cd17ae67b1b9877e6b213fcd

SHA1
75a6160c438b87a8f7c8e5c6ea7b4812e23dd7cd

SHA256
70eabdcd7da8ba9b7830264ec5d16b28645654901b887e429aa986bae2ee42a5

SHA512
a734b7f06de47167d015ce2070b9f810fad0bcb6f2c98a0606cf6dc87c39bbaaf3c7efc5df0ab348deefbd8606e3e881a23910e63762d235b2a833058b8dc508

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe58aeaa.TMP

Filesize
3KB

MD5
793d7b6f2b407b3a68af7520586f131b

SHA1
7fb628ca3b752a8434fdcf53255db32cc6ae88fe

SHA256
d88c6a8846190258cf1522a888a2a97247a884a9932212fbcf14beddffa86cda

SHA512
37f6cee58fb75a8d5dbb97e857dfe23fc7203cad7866b11900b6de47c00e8ca1e4fbbf28a61a7ef0888bda12ab65d2ca50727d4e0d80f0a328175820e84e520b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

Filesize
107KB

MD5
40e2018187b61af5be8caf035fb72882

SHA1
72a0b7bcb454b6b727bf90da35879b3e9a70621e

SHA256
b3efd9d75856016510dd0bdb5e22359925cee7f2056b3cde6411c55ae8ae8ee5

SHA512
a21b8f3f7d646909d6aed605ad5823269f52fda1255aa9bb4d4643e165a7b11935572bf9e0a6a324874f99c20a6f3b6d1e457c7ccd30adcac83c15febc063d12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\LOG

Filesize
345B

MD5
fe1f2da4340c090b3555bef0b9673811

SHA1
118013c27115c5beb17d734b9e18829a58e91492

SHA256
238c11db3d8ef96a918067747a62a4906147ebe3d69b32a28dda4b4973aa8770

SHA512
f84d2eac7a2554fb82aa7047f273b3fe3f64bfeaf8f6735d58821d23708854665b0ea4bf1ecda71b808bfa72b67d9ae78dab2981507e51e81b40504877d6dad5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
78e3fc842db8c407bca4c2e0af9ed829

SHA1
892433b41e0f9b1746c3fcdd12639455d4808f2f

SHA256
fe659b50ef147b3311e5bd85011073af15d8c24d15c07020035a04118abca447

SHA512
66bf5630d803a21872a2eaeef58cad9bca1252d9e76821255186c1eb878690a3f24b4f9deed1f87e67dc79fe600f9f689e06016e63b6a57dc00128cbe7d448cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
202e617f74d69008298215d8c00ebbdf

SHA1
3aa6cc2f7ff6b582762a3522b796c8baae77af50

SHA256
dd1cc052c47d4be78c2d37f2b8ce5aaa55e9afb283446b0651c07a23423b5c95

SHA512
377940b58c934a6d7d3219ca2dd6644ab0b2d9ff5a88112f591d26f8b735d858f28de2ceeaadca5a3a066d381999189c43c4e46e736c489c4cf419920b5a78a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
255b3180888155f6cab7f4117f067813

SHA1
e445e0e79c26ef392549570dce93779e32f352e9

SHA256
321eee617f3a74933a8f6929cce8724c442995f4442bd33335ea861f9823758b

SHA512
c2e198b2b8f901ae82392a23ab209bed26928ffc1f0c5282fff86da15752945993b07be2c4f8bef0013fa1612ef57648bb388f2cac98900bceb95ec386a0261c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
5b858d6630f082764a2e58a34680bdcd

SHA1
7e644d8200a09446a3d045d9e7c485ac724dfff1

SHA256
7f014ac3c3fedbdab4e2c9c4ea363af6ab2e3110f7bc5bcc4557c925a6f7c80c

SHA512
8475e8b2bc96c36386a8263b9a34989142ba8a2f3bc02ad09cd68de5f6d7584225f90b1208df99c1be043f5fd6ee09361991b2885c3913a712ecf47c22178bcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
d06f91c19ab9887c924471e1e022aac7

SHA1
7a7e98e3989d80e7b4064a560c12d8dc467109c5

SHA256
76caab18fac6fab6b0b187f9ad3f0bf2d52a267c85c6b5d2540fc0574ac68853

SHA512
efe488138a32eba9e29306bf20a9b98dfa945ac0863cb7d220243de3a2a2d116c7bf86abedf0749035897a453e88c63f036a4ebbfe04b6a13ce202d87b0012b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
c4a81ead78da44059e7d95666e251b2f

SHA1
ecfb9013ab712cc9254ca699c03449bd4d6b3de4

SHA256
4921c12523b83a88ad4e15d4e5cbfedaf9d0f3a79ab4a47618c272db0252d3ad

SHA512
d7155601c26175747719a6b15aea291e78e5bcc267631dfc8a820c02f3fd6656b3f9dc68fdb0660a49717f0d3ed82034f3306e4da68155eb1e3ce27e74709269

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
4b5f8cb0e09085899794c3934554980b

SHA1
c402268499c33be977207c2cd27993355997c5f4

SHA256
088e4ab0d639cfa063775bed2426ddff766f46cf49687441b329a32c5675e306

SHA512
f8bc6b774a09aa118f60b160ea538338c10c8a5c079924b24da4b85fd581bc59f2bbce9cdd930dfe2098b2e9e996e8e812503586375122dc9907cc405404b976

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
7d7eef1813413d6da0845282e4e68247

SHA1
6a9f4ff8902404c9c4d8c133164c35751f257df9

SHA256
294c3ececaa093b125196d64690d22082cbd36bc4d8164518a070b2b30b3844c

SHA512
939823b71c637ec2f221dcbf5117ca907f5839b44ed9f4b5cd91bd5a48932b3ba6cacb4c6f36d01dd8ae1528150fd333ad62a0df0d53ba18e50f6b51909f6af3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
333e7fe3c524e988ad901a9ac53205a3

SHA1
a9b9c7eebac4a9e3f4ecdd0d8535d88ab116fda3

SHA256
5f83e32a92edff14e075c068a97922a09b89f395d2533214a66a3499fe5d7e03

SHA512
586797e9a2fb12fe0ac102862cf2759bd65353e013a66cc767fa87d428d2416b7885ec4babc401e814830917e979d928d419a7295408b0f1621cf4875dda8c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
54744f9d59fcd53dda561ebb5b682616

SHA1
8accfdc76bc0b3667f8096e32e36cd6cf5e6151a

SHA256
42fc8a1538a21617f574b6b37eaaa28951c634ed8111333fcc091b3649298006

SHA512
9f6eb03d4df97e7487dceed9c4e5b8dee0be47a3d22c8c0106d3d27a4f6dd185634f0a9c0fecda0332d73df96531e04d4daaf3a00d857fce7f22695bacde0a63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
f05c394a05b0a2b0e050f3b5615ba131

SHA1
ba386b822cf9c036b1b3e3f76e8384aef26f0276

SHA256
adb4ff8540f24b13285021701ea2ae989406913b7e28966d4b288e149abe1176

SHA512
be34ecca5a5bc5bcab963130ba6681e38bb7f198df5d78155b375876175d35115d7266ab20e0e1986dceb0cf4477c5b763c542730aff8d29fceddaee30aa1486

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index

Filesize
72B

MD5
7e0a4c700f9e61f0a9cfa39866943a20

SHA1
770d33a655aeec8f148e8cca3f97b0a36eed0667

SHA256
28e6185597fae916eb75f8c4e4cab22890ab869ffdcc7d50d6c9d7f24ebc432e

SHA512
e85fbb4c70406cdabcb207d906813b0169523fda9bbaabf4935137fbb57f769976d06513fce1830a6dd378ae21384a03719ad08604b2625680a4607b1726234b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\37dcb1fb-1fb2-49cf-8d91-6f59c13bf972\index-dir\the-real-index~RFe5880b4.TMP

Filesize
72B

MD5
232cbe119b3dbf663f853a159f1439d7

SHA1
3be25254038dbc88fbd723065a0d15f8ef933ff5

SHA256
bcc8c8e329321dcef7ec56e8b3da6e9eafdcc14200d421ee48378bf18fa2a185

SHA512
1cf14e01a7ae94c64bbd626e2bc555359e37be69b82727f5f1a8de5cb8d9db0fd5205f573b0b0b1ad0638d931744be8f22da5b40e566cd0429ca0c3f6f567a9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index

Filesize
2KB

MD5
05ae042f2f94a3f2303013833dd3280b

SHA1
f5e972697cff1c89a6181a82a5b686a8d8fc217d

SHA256
47750a456ef55c73792b505893caee963df827912e7d874d8e03a96516b69723

SHA512
df3c00de45d8aca34cba21b5a87421d866a89473906b7ba72a17167c48c31cd60f64aa12c63f3bc8f116558db8983fdc42f0608bf37d6bb06fa37c1d4200366f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\6be0ea5b-0c11-4491-8571-7ff62c7ad5ee\index-dir\the-real-index~RFe588f4b.TMP

Filesize
2KB

MD5
4e387fbbcd19b87b524754aa115be584

SHA1
02369448e3a04529834e20c4ffb81b7c4cc47020

SHA256
ca7740ee70352abaf29cc5e42ab21ef13ba74f270957040e76487b727cc0a408

SHA512
10cf2f8823f7d64df9c6e62d1bd7de35baac6a7955b1436e622b1442b30238812af1827fa3baeb782970c2db82fdbafcfa2348cfac7e3c75448af4c63751b383

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9461e7fe-9d18-45fb-812a-28a7e820957b\index-dir\the-real-index

Filesize
120B

MD5
91252509f2e73dded12333d9a5efe918

SHA1
cc227b90e8a418d92ef437a97854cdf040210577

SHA256
47f92193b03f63fc7d8ad23047a4667b2de3b9a19df6b52f14f2109d97d06083

SHA512
7a23dd9f85c38233c47b2390f7679812f1bf2a7c8402201a158effb6b465e5b60fed4941687fa306ab55e93a9698dcd7d0095117d58f8858c00e397dd4ecb405

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\9461e7fe-9d18-45fb-812a-28a7e820957b\index-dir\the-real-index~RFe5894e8.TMP

Filesize
48B

MD5
7262f1666f9eeff2681fc97db6d83ea0

SHA1
21f8a5b9f9d91a49673de27d2df8b448a88b35db

SHA256
8f6772f07bf69f0019b69d19bba74aa367e8908942e7086f30bfc525c4f6f480

SHA512
3a70c268597a6ecb9ca419eeb85aa0282fcc385aac23e783a85fbd36866d6f16fa1e9c121f41d59707b53a7a411a2b3e7623840b8952e6719fd4e0dc3c5e4d8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f9fd1bd4-3821-4fd8-ac64-8914ddd027c2\170ce29fd1bcbf73_0

Filesize
57KB

MD5
2d626e3f5f598f2f0415ef13ab6015af

SHA1
78dafbe06107b65a99423f157958381bc5a5dd63

SHA256
d0b95578f39b660ee8ba92a4904a9b5768fdab38cfc12fe505e3ceb378de4a14

SHA512
2161f9e62f6898d093a344fdb418b09b7b521cb72a903a39c9f705b6e1bf9faa1d5657f732b2ecfec044e059cdb5a3f91e25099268cf85e49a5ca6864c004473

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\f9fd1bd4-3821-4fd8-ac64-8914ddd027c2\index-dir\the-real-index

Filesize
72B

MD5
24b078f8d4b79e692be098d13f1e8d91

SHA1
1a1396d872d0753038a9a5c32a8f6f786eb3e8f7

SHA256
6e46ba8fefd3b16b0bd53c383f3096d2cc60173ee091754ae1c4fecd45992339

SHA512
278d7a522ccee68198609ddfe0d904c581dff02e0019405372f71eac2476751f66ca71e51011d0131bac9f13d008d1c82bfcedad215cdb3ddf3bd53230146847

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
327B

MD5
11f7884a4dec31bd7252ab40d755d7a5

SHA1
538511a197b4bee31a9b6d6ff325c5679c58888a

SHA256
d78d4a860d06caab46325f40e4512e78dc7632717f368f985db878fb4143d424

SHA512
43e59f241c49eec130a501c9943e5ddae0b1d4bc730eed80c2e7ff641cdbe313b3dfaee9ed258ca9e9f786da6b61f28f85ae4ce2a0401a7fe779158207bd4b45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
322B

MD5
8843e749cace44465f327542aa7dbb1a

SHA1
0637d24c8e941af0e55f95c0769940b43046238b

SHA256
040097122f2d0b98b0d8bf9fb6a90739a13d0ea45357c027df008f1bd0fd4b91

SHA512
4fa474af6dc0380994ff05aa7f20656d4d83849a6b6cbef8797c9c3754f15a5af3f04ed06b17c5efe9ca30edd1064dad01593ef43ac33a599e578edfdf4f16ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ba16bdc4282da9c92b126a09a47b49d5

SHA1
2873683958ccfc107295fac8ccbe34dd6673426d

SHA256
657c20b5df5ed28bb65b62f59464f5021d83a36da6414ba6b0393e78a5359fa9

SHA512
4acf99a11a69cd88c65a92f74e9a27a8bfe98159efcfbdf2eb8f50dc8e79093883541524eb2e12749922747f6e067e752280a456567d3efe3b861800874458f4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588b05.TMP

Filesize
72B

MD5
409f8c3d87efea98f199d78c157f7c06

SHA1
2b1c1d566bf152bc523b3cbc2ce98ed91c395fe3

SHA256
a2207ab025017859e653529134fb65298b9002e79c176404be810a79af28a481

SHA512
d00040cfa2dfedcb17f9486783fcb4605562cc3682ea2299ff7c3f5f04b6a3b625b8a205654724592be626f88fa335a638535309588f162d61d11811e59801a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
22KB

MD5
d5fc520101fc67cbfc9fdd137023723c

SHA1
bf9ccd72225160cdc54f7d81a9ca1829d1afd8f3

SHA256
c56fece1d79b59c054f6a8f177cffcc1a3633f93a5bc0ed04c18f8624fd8dd8c

SHA512
72307be4060c9a3aa7c59345211e402e9194402170eef57915003f296670fee8bcce430c89ba911a94961e8a3c29fd861f64285fcba36c795e758020f6e1a991

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\EADPData Component\4.0.3.10\data.txt

Filesize
113KB

MD5
60beb7140ed66301648ef420cbaad02d

SHA1
7fac669b6758bb7b8e96e92a53569cf4360ab1aa

SHA256
95276c09f44b28100c0a21c161766eda784a983f019fc471290b1381e7ed9985

SHA512
6dfa4eca42aea86fba18bc4a3ab0eed87948ea1831e33d43426b3aca1816070ecb7fd024856ad571ca2734214a98cc55e413502b3deef2c4a101228a7377e9d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
bc51f0fc8e2c2e811ba50b49b5ca41e3

SHA1
19e2ef8269733b309fa8b12322b738183e0c95cf

SHA256
8a09d551518123a8f17442b22e314542be1ef64b2fc5e3c94e7f43eca40f7ce1

SHA512
aa6b77fd2c23167f0e898546ae16d2b5d5c439f3c7d4f6e57766cf5f53600a97613a200418d4538650d0e77b5e6a77092c8cc28e1115ce797d32ca3e4a02667c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
465B

MD5
69932eb3bd61b2a4845dc95e4a3a8057

SHA1
8d676551b4b000e934968ded006c0fada3561de1

SHA256
77a22aff08734b26a2acbd3f698b6dfd6043f2dab439df8e94fc1a57a0178d9d

SHA512
c68547f96a1bbaf1c8a78e0401602ae552e0a386fd654eeb3c9fe9fdd77af764a6662ad5b6c172f0375b443b67754281e89ade7423466e02243e617d662b4d82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
896B

MD5
ab3d314f6496e8cb68744074add7fd7e

SHA1
75c7dcbae35a0281da773708bb089c22e4dec989

SHA256
6ef7df02eee214a7bbc7abe6065b49b2ea18feadd8e0f5e435f8269e9701acfc

SHA512
16b1707b2ea64b38bf3cc82e55bf3bb97b99d7d48b15cde1b474e010a2a71bae36f8044753edb8a2b11a179b7284b7a75c18859b784bf3de70c6b243948c1d3a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
7d57ffe733a53b43512ff58a0ace0d4e

SHA1
b2edb2d984c293f94279975f945f55c269e6aeb4

SHA256
13b02dcfc61bec9ebe07361dfe43c2e0b33fc501f397c807ca45c13d6ef0808e

SHA512
5ac41744e26c6d8472069d598d6cd8584a9662efb3f6c596bd8e172dd5d38a91e848b9bf538c7368b64bbfefcc84046d3ef7a11101b8c1464e483a08d5e490ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
5e5bb4976ec07f73302c9ffecc633db9

SHA1
2976ae679adf6d84c667b3dea774cdf873eaf86c

SHA256
0f266bbc2bf571da89dfd5350f89f77ed95e845091b9500d59f48137d01d55a6

SHA512
78bc1039ad7cd8403a107c8e379648abf67c074fe36bc08b2bc9e2788da61a1f87ecddae8f96d95f8a31b3e3496c1fa837d22e2038fc7bdcd5f65e937e0195a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
860f0604f09f5c35f38146beae1841b4

SHA1
57dd3b03aca226cf0d6dfffb1e9fe75421cd9098

SHA256
86223cfa6e2a1f8cdda762b1e429028bfe2caff29ec163f4d8b9a89d3c5d9dae

SHA512
7afacae5d5f529c536759a5311f3bab6f5eeaa3ea1ef2725ac82f9671f542154827195bc1fab87a3dcaf971cdef10a087ef17c8e5a679bb0c9a4a63474a4e391

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
df80e7fe699bb0c39c9f6fa5dd605ccf

SHA1
6c5f7afdb48b9058ec31ef73842cbc3f758e8aac

SHA256
cbe62d0dc5ecf967194bf4cfbe9cc1292f3d8091ee0a5093fec203eba9148355

SHA512
66fafa50a4ca9c1168bd2eaf12dd3fdd8e6ae77d9b6e063129c9aed57080a30821c933d3891375e6a4ef90cb14ef8a7e783d143f88ae7bdf305e74a6b714d394

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter

Filesize
392B

MD5
15a29be4cd7e2312cf2b256141e931f0

SHA1
312ca5c612cf4f90bd95a431ed91a9944b598c58

SHA256
4a98626f51735806b275aaedfc9f9993f543088b756938a7a5f34f03d2f311a3

SHA512
debecd3a7f2a1cb101acde0984fe930eac57e8032049ed716aa838fc7d215c6eebb3df3f229904e6bff515c3bcd55ba51c8698ab0bcb67335c3a8501821ce396

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe59357d.TMP

Filesize
392B

MD5
eec16e247dfdbff2220f844119838cb3

SHA1
76b1f502413e25d3e0440e540e867d7aab8f46d7

SHA256
7f0541b3740509150276b403986901899cad438de8944a18b9686033a40708c6

SHA512
ccf9511028b52b5e887a5bb4faf42c4bd9be780367dcf139577c790f2985e2dfe70365306b96f8a95deb2adc6b582b8214ee0ddebbb79b9e955ab4074adb9268

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
1a10a1704899bc2e8bb26235a3a88f2c

SHA1
a3bd34ad8b091d477532a8c145442aac9b9a7c64

SHA256
a3c56cb2c90105421700f9cb9eb4993a0032a7bfb34c1e9c874c171fd18fd963

SHA512
4f7fd7b478ef1b1aded09216186bf646e27681233148edac436efa598a555e44fa86ec16e014f6eca506cb90522c09673bad2816c8d1b513f7c89b66f6b53f80

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
8KB

MD5
9a9bcd388efbf5764cc9675dde8a2646

SHA1
1570331c7e2c33c757859f1cde5cf7c1cccd98ae

SHA256
f5776386a7f6585ee9855e4654cd778843781c8f1559f555f343250017dc356b

SHA512
dffd2ec3d2cb5053abf6e9200fb9e65dfc1cb1bed9fb8acbc764a160ad0cd5f28192f0c479e1d6241951fc0d043d701eec7263ece586b2e3fc6e9250bcc8ed08

Download Submit