hxxps://getswift[.]gg/

Analysis

max time kernel
0s
max time network
393s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
05/04/2025, 21:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://getswift.gg/

Score

7^/10

discovery themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
behavioral1/files/0x000400000001e423-352.dat	themida

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 2 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious use of FindShellTrayWindow 17 IoCs

pid	Process
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe
1364	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1364 wrote to memory of 2184	1364	msedge.exe	87
PID 1364 wrote to memory of 2184	1364	msedge.exe	87
PID 1364 wrote to memory of 1328	1364	msedge.exe	88
PID 1364 wrote to memory of 1328	1364	msedge.exe	88
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 1704	1364	msedge.exe	89
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90
PID 1364 wrote to memory of 2720	1364	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://getswift.gg/
1⤵
- Enumerates system info in registry
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x2ac,0x7ff84759f208,0x7ff84759f214,0x7ff84759f220
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1804,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2328,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=2324 /prefetch:2
  2⤵
  PID:1704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2496,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=2472 /prefetch:8
  2⤵
  PID:2720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3536,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=3588 /prefetch:1
  2⤵
  PID:628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3560,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=3592 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=2512,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --extension-process --renderer-sub-type=extension --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=4292,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:2
  2⤵
  PID:1548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3772,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=3584 /prefetch:8
  2⤵
  PID:2352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3760,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5388 /prefetch:8
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5080,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5608 /prefetch:8
  2⤵
  PID:2132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5540,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:8
  2⤵
  PID:2628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5896,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:8
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=5200,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=6212 /prefetch:1
  2⤵
  PID:972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4996,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=764 /prefetch:8
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4392,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5248 /prefetch:8
  2⤵
  PID:4536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5068,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=3716 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4360,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=4972 /prefetch:8
  2⤵
  PID:1592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=5888,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=6204,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=6320 /prefetch:1
  2⤵
  PID:812
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4340,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=6736 /prefetch:8
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3532,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  PID:648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --always-read-main-dll --field-trial-handle=6744,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=6464 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3140,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5152 /prefetch:8
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3140,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5152 /prefetch:8
  2⤵
  PID:3236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5084,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5344 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3492,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=5352 /prefetch:8
  2⤵
  PID:2840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3344,i,15524006775786982419,4958052772890251990,262144 --variations-seed-version --mojo-platform-channel-handle=7056 /prefetch:8
  2⤵
  PID:3540

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:3032

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
4013ebc7b496bf70ecf9f6824832d4ae

SHA1
cfdcdac5d8c939976c11525cf5e79c6a491c272a

SHA256
fb1a67bdc2761f1f9e72bbc41b6fc0bf89c068205ffd0689e4f7e2c34264b22a

SHA512
96822252f121fb358aa43d490bb5f5ce3a81c65c8de773c170f1d0e91da1e6beb83cb1fb9d4d656230344cd31c3dca51a6c421fda8e55598c364092232e0ad22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
fed4ab68611c6ce720965bcb5dfbf546

SHA1
af33fc71721625645993be6fcba5c5852e210864

SHA256
c41acdf5d0a01d5e9720ef9f6d503099950791b6f975ba698ccd013c4defa8c4

SHA512
f9ab23b3b4052f7fda6c9a3e8cd68056f21da5d0fcf28061331900cac6f31ef081705804d9a9d4103ee7d9c9bdb6aa4237987b7e821d2d96cd52da24219e55ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\43975c34-26b9-485d-baad-9ca42856aac1.tmp

Filesize
9KB

MD5
bab09ae681dd71510380f1d9c47a6be8

SHA1
ea85955a5921fb7743f66722d9e7c307fb09c3a2

SHA256
ebfb2e1b16aa691b4518d1402000d0293350f0041ef32f1f4b584baf71659d60

SHA512
be04b7408811b65b7dae63d3d68b98c11ca218c63d5fc38a39a75e9f7d879f6d760c390fdb451238d315d8e402444f6be2553314ec5e0b294c93c97d31eb24d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7590d288-19dd-4dc3-9d39-903e2b23238d.tmp

Filesize
27KB

MD5
264a7aa3e188729a66ae757fd7bd5e9a

SHA1
1582158c47e81baff912486b494107ec1b5089ad

SHA256
947128af98881fb995f4281ee2446dc8421a177c12b6f9d23b5a945018d5f2d4

SHA512
20fa464ffd903d687b8d6e7eff112e85e177529234d3d7663ca1c9748a6b00ab9c0fb33dccaebbdd4265d60c6965b70e61b8f6b8377e03d3b1d3afa3f242728f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
331B

MD5
a6489649c0837da8dcb74032504dbb26

SHA1
639cf35132b19f941de9708149ad7c41e21f8b2f

SHA256
d72c779adce03d3f8a47b195529924dc761a001e78a829441df351551b31f620

SHA512
5809c74bb9d88f4f60ee8b07e6310b165d4997ab701f6e729d8b3b721833781fbbabd63b9c1a3b41c5ee160ad56147b1591ff03d54f51657887b9940d37a32fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old

Filesize
352B

MD5
7392cc9b80d4fdc283ae4aaf5f567a31

SHA1
17f5261217f4cd7cc34b20417163e37e5de63fa3

SHA256
b06451aff9870fe30b15c148872f68c92f1520552568784dc36f4f1cae3b5f62

SHA512
bd7f6ac472fa7b6e7790890e78e1691509223a8493498bebd81b78970a351b159def291f710c708459aac250857afcfd63d4cd1df8db44764d768b631a5978d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001

Filesize
158B

MD5
ddc71d0afeb5d870a04e847722e49ecd

SHA1
4f757dbe5d0d69d1527a739872b9d51ab634e5a1

SHA256
d7c5f698c03009d6e802e8db1b84cfa6ebf9e9a5f32d759ad49388cd68743171

SHA512
68a32b1fe1c1e09ffbdf4d27d6404a34d36fb3c8ac58022f738125503b77d26d60d91350fc4eea9aaaae12edefabcac8db2a0d4185fed2577731b9db8f079185

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
3KB

MD5
5d65f5c5eba3ab0e7575a5443f350521

SHA1
b376b34177354f2b0807141766b442b61fc68c2f

SHA256
7417023206c14aa1311aafab7551f696f7960a21754603218827404e8e9364fe

SHA512
dd360659e0e6b4c8ab9bd9bdfd97adf2ca7d50c3b2e3612b388df4843c8b72a794ff90c0a9cb1ee681c64ecc151982c1e6c00626bee5f4191b3eacdffda7a90b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
98c07e1a540f3b05baa4d286b17f5524

SHA1
3961b5a1b5ba78358bb34da2b1ec40a48856d5ce

SHA256
f657062972421b6c2827b8e0aea7eb55e7b44146793625acf52ffe4396708b2d

SHA512
34d73f238d1dcaf9c52144db8ba8d07a809b6ca75500dfb5520e639c4227c543f215c2309c70aea30d4d0c36a9134831729ed65b68d80bbb1234b0372bc1079f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
b06dc0b39cbd76407316b248dcf4f2da

SHA1
12af2f0683eabb073da7703b0629d3ed1d2d8fe1

SHA256
a6e6a3cbcd55e15fd07399a1145ad511e63d7632c1ae5392a7a5d93bbc25adfd

SHA512
4d6cf2a2f6cb0937a3a380005f8a668931c5bc0270c73dcecbccc7f3761f54d72e670eddefb97c4351d2979d29794dfaa5eb456b46863f14d22a7279da2073a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
5b595b9b6ca5dd55d40e06a342da529d

SHA1
65530f85b0a8d7342778287b821804fe8a78bc19

SHA256
ce04303f19d05dfd18fd34f657de93aaf9e9fed4c6de4abe098199c0a5b53c35

SHA512
c496551c762bdbc7c40b5e6ff838c5a763adfeb60a3dc0c1418db15651a1fd7e03466a1045c47ad4f75dbfffca63b86645a9c81915a4990ee0ffb392ffa06a13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
69KB

MD5
164a788f50529fc93a6077e50675c617

SHA1
c53f6cd0531fd98d6abbd2a9e5fbb4319b221f48

SHA256
b305e470fb9f8b69a8cd53b5a8ffb88538c9f6a9c7c2c194a226e8f6c9b53c17

SHA512
ec7d173b55283f3e59a468a0037921dc4e1bf3fab1c693330b9d8e5826273c917b374c4b802f3234bbb5e5e210d55e52351426867e0eb8c9f6fba1a053cb05d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\204f44b9-1a19-47bb-ada2-d2bea1a4d83b.tmp

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
7390a8262fe57b01db7d6710f37c622b

SHA1
214a73853dba4b68216da89f29d61325c943b768

SHA256
90439d51db15a44fefe7534caef2afab537a460761abc604e801c224cd569a18

SHA512
77f640076b7e23ea99cf088e8b4691b55e2ff4dd252091f566cdd67d6d445eb3c560a8950f21bbb9482cb3b242eb8f158d50e2b0d2e1aff05e2d5aa94440cc35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
ae992d5e3887fad754ad54d53707b039

SHA1
7d4e90628dd049e9956dadc2efc6f0d4235a856c

SHA256
4a6abebb22c25ad72ceed3b3e3a7742bce0a375322606b2152d19321cec57a60

SHA512
bdcda838a45ac8d7df1892747b05669babda581f5226229669213a59c83b913d9331ec37cfff68628a866d3fe1b098de1884aa4c1d3aa63e57fc648056137ebc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
6f1d3f250dace19b75dd3881f00a4a3c

SHA1
d66beb83c3efa952294011a76bc56c5688576bc2

SHA256
1f6f79f2d302e81aa507ec105f231f601a9d13d434b53c246a3bbcc81b2aea7b

SHA512
740d866cbff08ad883808b8e0a76f19767df957bfd44e1cafe8218179514d36c17734374b486d2bf2b02d658c975db8c443b97b11ac282129104cea3aaebbdaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
844de0ebc1136d94f1655e7000804052

SHA1
d214be5d862e0158c2ece6b0fa6c8b7d2d4a9366

SHA256
61fbfd74d209b8f670b0eb68dbed305e6ce417d10fa1b058d3507c9066ddeb61

SHA512
541f1b3d4b694f71fb427a06a41c2dbd9241b4f5f380321d83473215dacc71a72d5ea5ed0d07a7281d6de945dc76d09fc5745c6bd8da6281022611ed8797cd3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
edd10ff18100523396051c65140e6e49

SHA1
33b696a03a2379e605ee3a220ab05f8b28daa43d

SHA256
f141c9aae3fc6abaf1fc330cccf13a09ce22764545f0f30bcb0be7ade5e837e1

SHA512
b7530f2773a349ef4c922266e426b58955e64fe765dadebe2d0fd6c582e24654c7981d208348b6c21cc5bc18a430824e9ca7c2ea6ef808c34d94774a8b4b1068

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
bf03a21d1b5c2a78df9d3c9bdba7b08d

SHA1
6571f2827bff4e8f2ae01192a4b489115673d55c

SHA256
6704e8e7d4bac5525eb140939ab73510fac3faec0e8dd080e76620598e1a7b32

SHA512
e6713fef0c5ef4689c7457cf54fa7f60633d6832df778f09ff215c214997618a0369b1a1be8b35712a09289ed6f25f377723adb191afbb79ed7752e5e0c76d3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
74219fca7472c7d5fe31dcdcf9c45b90

SHA1
2087d203856e7baec501caac9cbc65e788fc9af9

SHA256
ef0af2c12704415bee81d5763358d6f0a80becd385507cfa63cda67072c5374c

SHA512
a0120b5e9695fe1a5cb34ee309171da44aa55f984b683fd11b56c005adf4466cf6593e7e7d33eaeb54aa3cfc7e9aabc71389eb534d745c7f23fb2779eed33f71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b7b7e796c98bb20559bd21088170f1fe

SHA1
c88d966af58b0e70c4891e7acfd6fa0aadddf2ce

SHA256
1d3fd1d16f53450f3cfbe0e7e1c00ad6dbcb5086fa20ee1be87699443f686b38

SHA512
da4f4a2cab10d65f5dbfd6d6e84d8decb9d088dc1148a904c04fb1f6e8282709d44bec07fb065ecac8c32cd2273e1264d6c39d6e189d70a5bacee2550642ebaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
504fb0a6518eb6d26c41717bdd01d159

SHA1
4eea2f618285663b5f6c9f210af5eff6a0722e35

SHA256
8b1d4760700174bcbbce08c60c73421406c6c24a36aca989e61d17e473ad17eb

SHA512
0cf97d16c5db31468a728cc4870833295342f502d7a45e1fd1e3d348d632b79c3b3d0ed95f0956ed655dfec7cd11762f6d1e396e7d718a647084bd5cc3720495

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
8075da021e23dfad9c26648a83eb6366

SHA1
a394c7366b75dbdfc07edb02dfae140aa10622f4

SHA256
715f92d6c6c3b78a63b175c3f6a38cb4b3d0cc3d149090371b03c1cf0a057c3e

SHA512
0863154c132f8d329c8737c1742c2a56297b8f76670d2e8c530873e0b4b9beafb8b9009446833470cf35b81e953c2c00f7bcdc6663e32847c93a9d2b50c7237c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
31KB

MD5
cc906dbf06ae4a3ced26f122c211f6b7

SHA1
f79ae6db7fe0ee8096f6d41532ba313c29b97f04

SHA256
9b0528e7f1275c59f74ef9413b3cd10b1805605a3436a8105928ca080b815b45

SHA512
1d4196b25897673f1390f9dc725bb00f0aab34b3226cad91071f2a817bb9a66bd5ba364325a6692a983463df5d94938313638b070dba3c78ef891952462c361a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\bb9a4039-5fee-44f8-a618-d20a135c468d\index-dir\the-real-index

Filesize
648B

MD5
d91f495cbbd140b78d9ef3e530b726a9

SHA1
bb74d3bafd7b002096e7a5a7182da88c3617abd5

SHA256
e01ab2675a6f6bbaf6edf52a68d762590e91147385e5a8cafe054de1b793f088

SHA512
ddce638fe9962af44079fd7b392fa6c4fb1f8b41a7cf98e9968a0a029faa35137dedc23f4f13637f86f9c5e8eb97678cdd770dbc73dc863787e5383b4fcf030d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\bb9a4039-5fee-44f8-a618-d20a135c468d\index-dir\the-real-index~RFe5c00e2.TMP

Filesize
648B

MD5
5606494c44a3c81e0330075a86b8cbf5

SHA1
a940aa20bd9901f4c59e8058596832887a999c42

SHA256
87be3b1f398210139bdd6eb61622bcf72435e1f66c402f751c42b9b191caa70d

SHA512
8e50712dcf6b16e5f0c8a2f9ac31b82ed9fe93329dc972d9b56017128b15b720baa394729c8093f198dd0c143cb312631da748a9ea0850a65414a386adf68a34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt

Filesize
253B

MD5
9bcc7bb809ea2da7ef34c50dc70534b1

SHA1
5ca437805f522803f4256124eafb708ad83c97e9

SHA256
953444ec4305310ad95524270bd28b8fbae442b7217cc15eda7c1ceb218bfe6f

SHA512
6fe34f5ec99d0e277818c36de1dde9952996ae87e7b414799096bb7eab54b0a921391787faeb2cb3df5b54faca6c4758dea62bbb65ff7196d4e1c635b8766dcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
3KB

MD5
27fbb6d52504368bb34722c3c0561dd3

SHA1
b5e25135a02bf22d1b0bf1c7a7ebdfd5f231b06e

SHA256
06176e14395667373d151c78aef1f8e7254452c7452f5ccccd273402b3ef130b

SHA512
07c3a8c5fda1228a6c682610a13d063da80e87a1273a478cbf0481f3eb2ca8a03f7653a0dd30cb309b23a1b19987f5c034121d64bb3023d1a80d44861baf2f66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
4KB

MD5
3071a82583256b88034f6c648433696c

SHA1
c1c9656ab9dca49e76937b7886b259e421c4a7fd

SHA256
51d094f506b525de44cad6833180dc756bdd3b826ea434d24c095ddba8904833

SHA512
77704cc63635c9c64a32fcccd96939f342e5a37655639fba853dacf88f6917fbd5c5a6db43457aa96e82ec7811e00db837bacb1c1d2e14f731c18435f104cdf9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\favorites_diagnostic.log

Filesize
1KB

MD5
3f5011b793bdf512070fc076350ccd64

SHA1
f91b93ee75b32b7e786eee4fb062c10d6ff4757c

SHA256
5c63ea9672f758a6eef6ef8a9a14fe4ee8f5e57b103729d6c60c5d3457c11c19

SHA512
4777a4e3bd1dcc41b1f1a0a33cb3f2d6d05788895b3f2760edcf6bf2658bf95a5270211576858c6bb7cacb15e9e9675d88a3d9b4755d7e16efab6a6ef0cfaa14

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
14KB

MD5
09c731360e9ea46c5ccf61bfcc5abf67

SHA1
26fbe5a72ddccee5cb5fcafd898afa7d1543b6bb

SHA256
caa67a26c36437b972dcd15c97dce2ac702cd4514cea1623bf4ad02c8e08203f

SHA512
b347c195159e0f9ead9e2c0fdd34d90a0e75112b121bfd2841c95a91c1e51546cd1e7fc811e56a6eb2b2b70609a30b00e42c5dabfbd875bba49cc9298cc0a47a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
33KB

MD5
cca0d7d4cb38d9717e4691325e2078fe

SHA1
e6cea7e4b67a56766d81423ed912259ce0b4cf06

SHA256
2a3498cc613e750581ccf656ae623fd01e7ed25ea93bcbea48b214933d795d98

SHA512
1dda467c31ec64769a46ea5f2fa43677cab9abb84ac13b19fd532fc8afe366d1255870ec5a37300f7c9af126cf6928a0c8d441ab131e600e77837e40e6cf4272

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
14KB

MD5
d468489e6388e53bf01954e96bd46be1

SHA1
e6212acb96801a05306a58a3cd0479a02c346593

SHA256
aa591e62ee416789711a13d91b89a1cfc46d05ca11710f020802e0d6eaa9c026

SHA512
e214a3922b6a48feb57b684e5fd857882d61d1bc2707763c96651c85cd10f638b3057eb432c744ab2188b3e12ba7caf8c2136f70e072129e48a634c9ecfc3170

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
14KB

MD5
dbbd0ab270e092bcd4aeac3c42c50671

SHA1
9ac3cc5b14857f825815b051b14780cd7f516f15

SHA256
b32c55c9dc7a42132247a3121fbd391ceea11b0e78126fc5c1f5d0b123891253

SHA512
7c56ac6f7aec7e420f04f4bc754a4b8546537de50b50bd24491bcdfeffb0fa2a7a36eb1b887502f1d4666b9125c8bfbccdb0d606f559a8eb236768d89bdfb5bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
15KB

MD5
8c0a4998e4ac9e5ba8d06c06d2d5b75b

SHA1
df81575a7a58042955dce0b91baaef9762706edd

SHA256
e48f3a0caff76a94ea2dff5095193bd125417897abf9ff0efd7017274cb8b3b3

SHA512
5428f11ec61c3d3c6afe486c1ead509bde326f7d855734e20b39ebe5dda30289c7414ea5156064b4cb7613509af0272bdd89f9efc1420b10efd73959891b91c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0ef2d04dbeac5691c2901fd964bbf4b7

SHA1
af72b9fb4364e56a26de7f64106b3686bbbf659e

SHA256
0b9b19f12423db2b75b71357696fb785b1777acdd88a7ce66b26263201540a75

SHA512
31872836979ad81d174ce537abd1ccc50a23639d1c44c7883747c1f2c75b0bbc03b10636b4a410e23904138d18a0bf59c65863f81a3731adfd04d05e473434a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
7KB

MD5
1703eec022aec30ea229f41674ea2ddb

SHA1
3a9aa99e8a17b350ad466c4a0b3544985682ba59

SHA256
d803748a19a1998cc941f02c4b8267f0cab0d2efe4fd4ec4014c2b487106e0c0

SHA512
a4283b9b3a58a928ca402db93d6e4a298a9475c4688e63bbb73448482ccc2783d83fa84ddd6a020dab049bde191a325352a2339a50e715ed7ed17161c4788a28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
6KB

MD5
a34ce6fde9488264916f344faa1b49bf

SHA1
9718130a507ee73720d768da3eae9232bff454f8

SHA256
5537b79c5d36d6f92e55af44303482e61be180d86477d1e4533386c70fe3f70d

SHA512
512a06a4d48bacb9211a3b17a154910d8f7c0b6050797244617e3f63e8b973ca49a4962169891503d64fe1c83d19257ff22e9d8ff48b89bfb36b1d0662d99615

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2538a9378aff0966cf2b2308ffd13f0f

SHA1
ac380e478064bdd5fbf276f6816c343687139d15

SHA256
c309e81c3ed3128112d675f2dd4ffebbb145c3e784874838f1501387978290ba

SHA512
71f53788dff73a88a8c0fae55f2aa240bc01280bf12f7ae223b2fce547d4b3a694bf48dbbee2f2a7e4a08c9616949deb64178fe70855fdd0c1844ddc129063dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
33KB

MD5
e79adf47a51e7dd8cb6cd24da8518f5b

SHA1
2c08a46821cdec988000c2e12a0334b86406c550

SHA256
763c36a8ff36b601d87587c036fdcc69e1706ed6c3e9464b32b0d43a469cabde

SHA512
381daaba419d599d12f0b77858bc239ac95d30a6e48105c864796486a4a1b30d25dbe4dc40aac562b7ec9a74cbd782f668c9c2721437bb9194a7929d60859568

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
dbc9139a8f8d2f93a741f68fa5718145

SHA1
5a150c8680dd184931f9cd94fc192381f6bba435

SHA256
2ea966aa458b44a90fcfa7d6f7a40ae408a8b206fba234866495bd4da246fe9c

SHA512
c56d5f080f54874f37d1f39bbaef9b875b9b5bbe266cf68d202309cb1e00ee33a33b07900e24dd0de42aa46e498c60cdd1b1652c9fb367c4aa615bf939ab2707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
c49eff6235cd6c0be1ee91f1f61dfaca

SHA1
d20d0259c465cdc09771e701ab7852da85ae567a

SHA256
c57c3a9020806c155ff3c372edc699b8ecb4f55e11dbca00d4e8d620a93efa25

SHA512
701004de0b6e7a2601269cea758596d2e83927b48094c6693c1918a5826763f7a9b273086f21b123cb292443f47ebf54410a54b8d3f14079816d53cce5a9f3ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\635d4d68-c8eb-42e4-a313-e7cb7f78177d.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\958542ea-a230-48d3-878a-431073080d4f.tmp

Filesize
10KB

MD5
78e47dda17341bed7be45dccfd89ac87

SHA1
1afde30e46997452d11e4a2adbbf35cce7a1404f

SHA256
67d161098be68cd24febc0c7b48f515f199dda72f20ae3bbb97fcf2542bb0550

SHA512
9574a66d3756540479dc955c4057144283e09cae11ce11ebce801053bb48e536e67dc823b91895a9e3ee8d3cb27c065d5e9030c39a26cbf3f201348385b418a5

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1364_973268493\1667fa82-78bd-436a-9702-5b6f30d1c9e4.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\Downloads\Swift.exe.crdownload

Filesize
1.5MB

MD5
a8de46bf0ea9e9f6c43ff17bcd045dd6

SHA1
bb3ee328b3cba9f397dd16f9a13b26c455f210f9

SHA256
00f1ce8dbd26d13248438626c39a334b7755b761ee350d41ec8a4d26ecdaea96

SHA512
a99aed3ea623dfb8decee11d4a0a95d5b19da26c5114cec2b57fede51815cc7fe3e304fbf6b8b26cf42b0c89caab489639922bc98e6566f379f31d498221d207

Download Submit