hxxps://learn[.]microsoft[.]com/en-us/windows/win32/inputdev/virtual-key-codes

max time kernel
41s
max time network
41s
platform
windows11-21h2_x64
resource
win11-20250410-en
resource tags

arch:x64arch:x86image:win11-20250410-enlocale:en-usos:windows11-21h2-x64system
submitted
12/04/2025, 21:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
58	4028	chrome.exe

Drops file in Windows directory 3 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	msedge.exe
File opened for modification	C:\Windows\SystemTemp	msedge.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133889679915398914"	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3437575798-4173230203-4015467660-1000\{09D84429-F387-4126-8505-930DB79D9AD3}	msedge.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
5780	msedge.exe
5780	msedge.exe
5780	msedge.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe
Token: SeShutdownPrivilege	4116	chrome.exe
Token: SeCreatePagefilePrivilege	4116	chrome.exe

Suspicious use of FindShellTrayWindow 61 IoCs

pid	Process
5780	msedge.exe
5780	msedge.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe
4116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5780 wrote to memory of 4068	5780	msedge.exe	77
PID 5780 wrote to memory of 4068	5780	msedge.exe	77
PID 5780 wrote to memory of 3792	5780	msedge.exe	78
PID 5780 wrote to memory of 3792	5780	msedge.exe	78
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5768	5780	msedge.exe	79
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80
PID 5780 wrote to memory of 5712	5780	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://learn.microsoft.com/en-us/windows/win32/inputdev/virtual-key-codes
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:5780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x338,0x7ffc5918f208,0x7ffc5918f214,0x7ffc5918f220
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1840,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=2240 /prefetch:11
  2⤵
  PID:3792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2212,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=2208 /prefetch:2
  2⤵
  PID:5768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2428,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=2512 /prefetch:13
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3416,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=3472 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3408,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=3468 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4804,i,1604160624695566666,15302887847264052000,262144 --variations-seed-version --mojo-platform-channel-handle=4856 /prefetch:1
  2⤵
  PID:5348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Windows directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  PID:1620
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x268,0x7ffc5918f208,0x7ffc5918f214,0x7ffc5918f220
    3⤵
    PID:4660
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1668,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=2132 /prefetch:11
    3⤵
    PID:3764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2096,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=2092 /prefetch:2
    3⤵
    PID:2276
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2408,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=2444 /prefetch:13
    3⤵
    PID:1908
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4284,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4308 /prefetch:14
    3⤵
    PID:2160
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4284,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4308 /prefetch:14
    3⤵
    PID:5336
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4376,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4384 /prefetch:14
    3⤵
    PID:3240
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4320,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4632 /prefetch:14
    3⤵
    PID:2568
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4600,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4676 /prefetch:14
    3⤵
    PID:2976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4620,i,7750221467826527921,16022127708257041711,262144 --variations-seed-version --mojo-platform-channel-handle=4720 /prefetch:14
    3⤵
    PID:1440

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:2996

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:3144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:596

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:3016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc3597dcf8,0x7ffc3597dd04,0x7ffc3597dd10
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1868,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=1860 /prefetch:2
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2216,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2228 /prefetch:11
  2⤵
  - Downloads MZ/PE file
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2364,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=2340 /prefetch:13
  2⤵
  PID:5680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3224,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4160,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4180 /prefetch:9
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4652,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4688 /prefetch:1
  2⤵
  PID:5528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4856,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4828 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4980,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=4964 /prefetch:1
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5208,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5572 /prefetch:14
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5736,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=3548 /prefetch:14
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5832,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6072 /prefetch:14
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5824,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6096 /prefetch:14
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5576,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6136 /prefetch:14
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5668,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=6132,i,11360336354970929289,17424572463465902906,262144 --variations-seed-version=20250410-050051.531000 --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:4348

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:4716

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4316

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
414B

MD5
34ced33bc6c9edbc9c430daeb1104a08

SHA1
c377d485e4693e01ae8c39c83588b09c9d30b61b

SHA256
9205cd19215e298fc53ae1941816486c2d0d35b10f51c9eb934cda9afd8dd301

SHA512
2927add32236a83cb845ca8d159532b8cff80be6c8885a7a121d2750d94c449c46423fde5cfcfcec92b1f09ce895ab8b0bd5ccc89b5e660a0099c71bf46fce1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
2b7cba8d3fb9057965eef5e5b0e4e702

SHA1
a54b065ce5cd09f9f63b466e392b2580ec26a802

SHA256
5d5f013cfc508aa697261bdcd93b86bf155e6ee16a297e03cb936224b3695e38

SHA512
997f7cbe0ec90bb96e10a6cda079ca0ad5bdac7c6ed4573c67ea1d10a9cbf419be08957f9cdf7c9d09d315ac7daa76ddcbe9d931a541eae3f70f57ef5e63827b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
035dac18cc093f159b5edea54da2627c

SHA1
0b24bce001f92c1671a2713a0a78028c35db2c54

SHA256
2e89fa84025a71f12d12cf494be234ce4c2a13382610128367a62bc565ffd3cc

SHA512
862a75b6003cfe91c670452647a9be09ee3abdc0f769ec6f0bb04372f89f5301327787cb0fdb06cf83a160be161551631cd1c6b682688e150dba9b791fcdf9ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6507b47137d0075c8dee34dded7d58b6

SHA1
bd367ec07628cadf4e4b098e2f252604cbcfd7bf

SHA256
5e3ece8f03d72b2f37254fb15e01d06a427658332a0b40bbbd0fad9abdff929f

SHA512
eb7468351a6e678ec1a7641e13f5812f1c9ade11be3cf250fdf65742ed762c312dda555059b1f4f08401bcd3566a9a1bec6f185ae76b494272858786668aa143

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b85eb891966baa7a1aed389fefca2871

SHA1
44100a6bc551fabca3604bddf5f86e47e5eff88c

SHA256
c9411455f9525b21701eb13a1b796bd2f0689d197c0ccf9846337e02e465fe2d

SHA512
27bb5b17a6a470e07733133c86de5474a8e88d83f2ab74f3872479a4e0c719f946bcccaf43f9af58d141035a8729005c196ae04710448270a8940d9911b9aae5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1d3304528cc70732f8b7a3a7063478b2

SHA1
89c29b25df3e98e0e29b34144dba50a02828b542

SHA256
f8bec817b933808b3552bc4ce0bb8779e8544b6ce2783d9f37d30b8b55423c5d

SHA512
6525928d5da7eec5d4c5bba7c6fd408af2a007e4ab9753298d195398fdc5e45979740d813baa6948e216b48d4908da1b9c1ebc213281dbed5e261757979f3f23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582ad4.TMP

Filesize
48B

MD5
776d260900982f2847d36113f8dac71f

SHA1
a919ae0ae3061cbaede46f469f707c596c38f617

SHA256
3193775fb88f804f3254d140412b59dcc0367f95e41f1560f238c97a99980bb6

SHA512
3c0c50c9fdff4a6b100e7cc2ab84fa636b166aa78373cfff5442fc1f811f6de54d24120174b5a9be042b9e6d570e3ab6b6ccaff6c0e0c87c403ef28e8f0d8797

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fde30ffc-1a12-4386-a522-5ce334c2ab92.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
bf52f3b5afa527b0c295187ad7cce358

SHA1
785d33a8bbf8238ba92676db828c355b611da4e6

SHA256
8444cf7c55d7388bb2b6d3667b95c3e1c05210ad998af025c3bd46b00caf03b2

SHA512
fbfb747188f3067729d28c977c77ed55af1a1ae99c348fdd40099fa87cd19aede6dd64d4a67f13df0cd23eeaa33edf8738d49de9fc441a659b828cb0ea2f591a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
a54abd2f4d4744858f471c5f856ceddc

SHA1
b9c583b2a8f4372faea41b4e52235ada3d87a302

SHA256
fa0783a17d720869290e0f8b5ace0fb9592f48a0725ca8c2ceb7b7d7beea1c10

SHA512
edef92135c3e5df79acb727262c01d4e6989f7d04dc1e2487a020cc05b1e15e47338626fd0e916c0bbca547e2e84a46c0dd05004ddcf9843d970b1ebd4caa231

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
27d02a9170feb143c10bced3f0c7ad50

SHA1
0e807524dd428900bf3c6b91190740adb8e7e660

SHA256
f7b57a37dd1bf12371382fb12cd8f0ebb8cbc86323a10903d62014195e3142dc

SHA512
80723887c4cd5aa3847d68d3bbbfbaa29e1858ee08bfa2c51369c31e44eee1b627a2ae8cb1f2a5ce75a5a91d7ddfe4ce8f3dcc5da818e4f2dcbc2f746bbe9589

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
d839324b96ff216c961865d2484aaaca

SHA1
0ce820c998537fb2aa9a0934c2df6c0b9ff2612d

SHA256
3c34a71a3422c9d73cc4736073ce4bcb6fa0a85793002bcbf1fd88c856f68328

SHA512
0e7c381881ec7ff8f43f2452cfe0158d54e33c4bbd9af0f36aba5e09bb15f36e7539107fc25e567edc4859ed4b9dbdac42d00b4d4de32606a942be2133f743f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
97f2f16e577578f42f808dfae605e5c7

SHA1
fecfc7d53b824fb02323e381a5de9368761f7438

SHA256
b36160c16b8c33b407c520d3f5d94d86063609695d8f600b8fdfb12f5a9a2c3a

SHA512
76ebd48ebe56a93f9ce09529f9316e262c6b1606515dfb0ae583d60f4f45b467f9187a8153d7170c917195173a8b896ba7e1980472931ecdce032fedc2e527be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
910086ceb95820bcdfd650efdb3ebf62

SHA1
4518b979b9b6981c1a4550fa5b368e554748c473

SHA256
22d783a7616ca752a20550ae1e50c1b4c29cd336fe11cdf44eba989ed5725c08

SHA512
8e1c1fe03e83fdb707dc9fea653bd2957305bd2d24b2d610a03511a9cfc721a376c22f28edb19a877f0067e93a6ceaf33e81eae7ae91e70034a3f1055d9e6464

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
20d0ffb384d5e3378ce3aa702f945a20

SHA1
2c285228b2040d2288d9fd540527375d3fd261a3

SHA256
eca7d510016ab9fc1fcd7da83518626538099e47030a12f8a23b88e22d7658db

SHA512
85c0fe848cc9c9f15398502d23e52bfe6e95d155c6b41991394d3dd2c342cb7a53f64db230ec7a761dfa0a92eec9dd29733d6cbd5fc4971efff2e337a134c05e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

Filesize
59KB

MD5
7d4a9f2a4cd7c60873b975ed5a0a0b0f

SHA1
366365e95c040bab714e6f6660cd46c33421f88a

SHA256
04edb0d47ddf3ca59b83e00e3f6617013bf4de7122f13e124b54b76574fc48f6

SHA512
90ef67064453172f2a11da49281c44094b1848febfcc4262802ac6b0b833ad28a79831ec0a65666b938764c339f3db0473d905046a93c59a5fc51a5d1b5d7226

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

Filesize
33KB

MD5
1478de9c94a368d7ed03d50bb6005cdf

SHA1
afdcefbe26aa59c0e4ae668cf422adcf589461a8

SHA256
81cf44a40792ce2cc46ea896bbf06a91687ca4c25faee4e67e470a7d61a77914

SHA512
dc980bc3355ddd8096f8751c9bb51f1e296322eaa5d4a9f20588690c3e799eb9aaec823fdccb098c53f4be978614e7980c419bb9ce7cf6b66c3db9515d9bf80c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000084

Filesize
69KB

MD5
938aba7aabbec04a0180a78f3213cf7f

SHA1
32af549e781ce0183da02afb98e27e476e129b96

SHA256
f998860d950a9aa57a97f1d57378194153712be01683ff502c44b9f516ac36bc

SHA512
2d8c2ffddb0bea4396817545f08184111ce614b897e3dc18b2f0639e9a8113a5450d396213bdf70c830b7b8217af7c4c7b8143d2e4a88964533216b9eae08ced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000085

Filesize
89KB

MD5
7a6ebb3193c0c23eaf22c4df76dbf3f5

SHA1
8c782bad9eecf80387a61bff578bf5c20e70ed80

SHA256
b78264730ff0cb3d2b2eec16a9b129a9b633c704f5178613ca7271be967fcecb

SHA512
17aab5b91a271555fa983312156f2e99d0bff3ae02963b2e73a57b30c4fbb5faf482acac34b77d8dfc6daa28d2c1c2282eba921f7c32fd791b0a98a9e2532083

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000086

Filesize
506KB

MD5
28ddff24e4ed12d19034048dd693e051

SHA1
f53dd3dbdd4643273399051b9dd0f187992e606d

SHA256
904402faa420609a73320f5b75f8f81826159f9bc20d67d56d5fad963091dd0c

SHA512
78f5ce9a540e514a0618799f221de79e32aa903086f99a56e504b0a9f270e430f7a3963173181007fac718a601c6b10a70c6324132ce2b0f5552a52437ff91af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000087

Filesize
272KB

MD5
5f524e20ce61f542125454baf867c47b

SHA1
7e9834fd30dcfd27532ce79165344a438c31d78b

SHA256
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

SHA512
224a6e2961c75be0236140fed3606507bca49eb10cb13f7df2bcfbb3b12ebeced7107de7aa8b2b2bb3fc2aa07cd4f057739735c040ef908381be5bc86e0479b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000088

Filesize
21KB

MD5
caf225f7adbe3c2452a62dd3fde23661

SHA1
cbf6ac9c6cf00094fc79e189096a6baa3ff40631

SHA256
026b86f6177fe1eafc143d0bb1841929df81cded8df3894dbca28b940c9153c7

SHA512
455c1f42bce6849e4065c84cf6368f828e2a8cc3f853129e0f2f019d36a54c1e282823283a6cf4b29ee792d29a99648e3a97a4e9290997263048e9fdeb56a57e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000089

Filesize
28KB

MD5
e35d41d29bcacc8474c96fec87ab3760

SHA1
04c4cd7c7b0efbe9a3831b1ed2db8fe0dc468818

SHA256
2f0454db4dd937f7fe4f0b0d1969f4057c631ec5e102cb3209f79b08dfad40a1

SHA512
12e19dba0a58f9e7a50f5bc55ebebf58fa9bddf8ea2f25e1c14ad15bc1ef65f4b087846ad8172d714dbc76995c9188abfad08bfaa650be08a5e8ca0de51ed619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
31KB

MD5
10a3bf6e6cac566e16d57d26835df69b

SHA1
f12d0b459f4f1f5af1e227a074218bb6012eb0bc

SHA256
1e7e4d23dc95b01cfc94093235553b37e9ffef82ed1f89f555541883a98c7f03

SHA512
05e2769b63b6e48684edfeda80115c683de4647537abb4b76fa87799a914e2ae5825e6fb220ac8471db3d071d74c1ecbcdbef783abe2bb732530407a92b9c65c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
7bb55f5fbeb964b2ccef5012bf0928fd

SHA1
8ef5e2dfd25f01c377faf5c3695004347a424a4c

SHA256
ee8963fe392bbcf135ef220631e5ca4273e4f447d25d0b58c9804a165adc254d

SHA512
c1b6ae92f87face56f648f205d06a9aa3fc253108319b539d65174b171aa113c8b7033f0d5866a8ce2a72634b42862f433207ff890310dd3a13dca308f966f9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57d2ff.TMP

Filesize
3KB

MD5
2d84399d9c47a1459b0c4a9dc3e76464

SHA1
ec36a119169b149b623fbcaf4f99fdf8a41d4612

SHA256
6806a04b31e15131a088759af80902d20a5da1bc90feeed5cfc85cff95765138

SHA512
0538250b91ba0ab17eb0ae809b9c892df1d82c81cef5cf2c92ac30723a437111edb3186daa3dce97e6243b91f3f7ffd76d3973fdd978427af04300d9f991bb0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

Filesize
343B

MD5
22e4666574ab692f148d65d1bf4371ca

SHA1
8ea14f44a04b8397ca402a25529df062022575e9

SHA256
534ef3be669be779675bc6e6b93e30f367a395b00eb63d55bb5f94ef548421a7

SHA512
a8e30fc424fd96145ab06ae5fbdd1b44bfc1ab584bcd854d544e281ed7577c9c9491d6817cc56d8c1889b07b1ef065d0b733cba32bbc6c91a763e06e21049f90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
b99beef6a8731bc13a64ac2838a9373f

SHA1
5f7f6c9ad1b5fc48d1a293e27d940a800f2bc387

SHA256
13060cdf75060acea3fcddf65c7c4767c00357248d18ac148bae13235bd6e9d2

SHA512
6c8247512c6c63cb300b73a0d5c3a836f2f3e24c71c9ab1bfcf6dc7ab03171a87f0444aa2c273b1ee291cbf2821196956da3cedb859ca9efbf390b71bd1e8c7f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
20KB

MD5
4578ac0571ff13e01331c0c453e5f719

SHA1
c0c5392ec749b3da6a43a734d10025cd478a60a0

SHA256
d8a9d78e58e86f13fcf035f91000ca252162534937f1c19894351ad93bed4af1

SHA512
dcfc3de4b7f3062ccd582c48ab5c2529e53a945bff3c4ce85ea5ad552aa705525d3bb84f8bf8df334d10b5dd6e8148f22605e9bc1d6ecb9e050eb7214ff19892

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
d7813577d6dab5ef0988274871d0fc00

SHA1
a9f92d79f95096845f35cb9694dc04bce2006a8a

SHA256
4d2be9476ad75d0f2bb23e5530e36edea098c73e9a3289769be1d89333955049

SHA512
e368e180025fa1b2f32177c12c23fd44f314bec5bd549808dd00735b18494e493198a043d98b467ba6e728c4a4c9162eac43009d98c5f78e99675bf88ed586de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
36KB

MD5
375515dd8aa9e402192af91d9299d6e9

SHA1
2fcf3f8203ce517ed676f06b2357443e3e587c03

SHA256
0222982c14b9eb515e1fbdf0f461cbde01b53facc30b657b12caf48032dd70c7

SHA512
57921ba4956c9e26973f8da702388ae546b5b82ce40db214f163477311831f32f763b045e2e1a03ab2f77dd66f064c5b21c069c0220da6ffd62f370ff6eee29e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
331B

MD5
cf4e38c486fe5fc68b2d8b885a29f3d5

SHA1
db2c44a963032eb1aaf55e7f377260bc3f960aec

SHA256
1575c82ebd8f3f8cd8b9187d174f9d91a533e3f26f89cedbf07395ff7dd6d742

SHA512
8f303f59b4a25e4d47ab2587ce96828d1e47f172d0ba337121d07c8a5d3665f1b7a5587ef453008d390b5d061ee202b27fd2dbb61b6807175d501850fd2739bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

Filesize
20KB

MD5
58365ac41e255d5d4d730af6a97eeee7

SHA1
c248591cdd4917007c99dc97ede2b695ddb6aac6

SHA256
40c2db5f9fab9a2abc7b4a51221c9ceb4d3f565af1f43b296217aab7adb49c92

SHA512
f740ce95139a370c0c4e74943840d5202185d8564448b154a78028fefcd5e9517b9eddf146e34ef0f2f23a0ec24377e47822ce8316ed28593d41087d69912b03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
fb59590160df073937ccabe75f38b22d

SHA1
b90521f611dab01534b981ef032ddb94033c85d6

SHA256
7acf889b30c0a6d7f1be076aa651613a11246d4cb92e6fd6023cfd7f81e540a7

SHA512
dc2caf60153413fc953c930577cf670428dafd8d6f52578765a77d9e1a1a33aa3b6b9c5026b5d3299497addfbf3b05f475e24beda00f05db6901f9fb349da415

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
188B

MD5
189e4200b8ba0f696aa1e6fc16092b27

SHA1
e0923b29d5e426ff4069a24baa4468f50eb5c65e

SHA256
1c4411a017579c8ae6bff3bc36ec78dc8bf251b1e6955c5a758f4f108ad0790d

SHA512
ba3866455f1b8f94a58b074b99042da71a3da86eeea8f80a79768d7fb2c9a39769a9a482d41f406d605882ec39f9d50112ce15c066373bafa311553b6a5b6826

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\cc1ef071-91ae-4be6-89c8-a5a32693b5f5.tmp

Filesize
2KB

MD5
e2e11e3ef3002ca510c473e4a03df275

SHA1
f9e9cbacabd27ec87a090f35acd07ab52ef94453

SHA256
65eada4ef60b904d60d480a6ca6a4277c700ce657f046d565749c6ba694310d8

SHA512
341f1223f616f87b5e84a5410ff4fc40be2bcb39b168c4b78cef7370a6cef977c14507af25546557d63bcbbd200779a5c51ea297872b8d3e6d4a84586507abd3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
9efc8ebe08120b242e5a90941326eaf6

SHA1
535c674e9e7b9500e1013841f1984b03c33fa744

SHA256
33e7326e06caeb9ac52b84d782ccbcd8002f331f2437cc774e862a2be670a31e

SHA512
a0baad53f5f5270bc7fcc0b892cb64a8be5044c5663ebb897fbcd5643cd5bf7a77e0f746f175f2eb5ea6075ff8fb26257ff78664b14857e2eced163b2d8d6971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
37KB

MD5
8b10955a1ebdb4cc99139c97b3bedae7

SHA1
9580a7b1a7ba85b511e55e28c74ae06cdb4dc216

SHA256
87da2e24baa9190d70c581ea794cbd138aded85e2eca98b765263849833e6b68

SHA512
f2eb9713a3b82ca14905847660f7840dab9d18032bc9a64d563b3e7cce2eaaf0e347a725e954394884e10b12141d2920968c0d7c7a7370b943b429e3d7bd1a9b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
335B

MD5
3547916c083c8a5e86befb41e2675691

SHA1
9d32cc35ed6f0941a55b37da795595e1e4257524

SHA256
8980f95d10baf518e243cb09c792b559a563eee7be99662fadd78e178cfd1d9c

SHA512
75c7911f3aa2a23f2a5ffdd27f57c03aa9562661d70f2e5be260483a38339098452dc4ec555500e51a090ddfc98f425b42b2fa32ddf75006db30d662322537e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
ba2095a6b02eedd1bbe3a89e60e1ad99

SHA1
ed9d93fe96ca5e134d2c94bed499d0c92ef97b36

SHA256
313127fde619653f9b484f3b17f36f9eb8db6d2e77d8d46a9191e2b4971820ca

SHA512
ff62e3711ed0294d00bb755dd3cb8ecf5e4ae98d7f22f262f89aa71c95a4ff5522cbe1bbff752f5df6d33588cd223c1782168ddaee64323115892d309707fa2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
326B

MD5
1daebbdc54b01991420e394ffe742620

SHA1
00d06c321c75afe2412a2462a4a9a750506b4cd6

SHA256
5927371c1acd9e0ecd56854dd2ee5265d04bff1ac59989279cd5c492014d0309

SHA512
3a3cb8289d434bf196dd0bfa4bc5089ea8e98d3c5ed7c784e71c82db40a17710d89cd08b648807a8ae91467769bfc6eddbef37805c752006b04a04c5d94276a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
24KB

MD5
73c1d56f58cbd99fd7f3ba83c4565cc8

SHA1
4b583e2fb92eedc74bc5964721ff4c9be7a4689f

SHA256
1d320876edcc88006d8df135277b68d86e8194fffdc9df4669dfffeda7d882e3

SHA512
f44421f7ae72465d836724d4c93f7dc01e3770d50fd6e310008a12c992374f15880d7544145f06c61d8fa16fea39f66aefefca2a0ec7a4180b47ad209862198c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
5c929c5111a5122327d0767194bcd6e2

SHA1
2d73cab09ec50e906bc0ebffe95827b801ef4099

SHA256
21ae0ab568199e2ea7fd3157f3bb6f14853fbbd336675f3213bfe0e59985346e

SHA512
c8fb9a979d01d59c2b22288c92b6853de19e23534afa673a45d05b237deaa210d6063c84ae75ec865d330b5dad6270668eaaa859e1b3aa43ac329e063beec296

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
228KB

MD5
8bd543b6f17b02efa349e4d034a0b8e8

SHA1
f4b4c8e71c7f18915132503caaa9906f8643f11b

SHA256
70d9bb3472d12a07ffa41f21f8e3570906f315c87bde69f94251797c8eaea4bd

SHA512
4750be4c2d6e81c7f7ab9880dda3980f73810868387d0a22491d83345e19d4ffc865eed5e32e30ead17b548981b864573b0a5ab550243724701f51698d6870c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json

Filesize
13KB

MD5
cf9a0cd1d5f9c8cdeb87ef3f7d30d15c

SHA1
c543e62aab24c205db6014414161c13375e9a71c

SHA256
b24f36278e4c85a8fcd66021d48c69d6b07be605673e02f0fe185bf3319f47f4

SHA512
39ad5c5753e5398906b94ab039d2eae7fe420fe35a53f190bda84d4f9262f3b14841cdf4ec76cdbff6a4578a26ab1e6c4b11ba326ec8cc38a2e2904a6f2c0d8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
c2178bc8e2a6596502595bdc8787875f

SHA1
85095995f4353c11e31e09142286c0a6dede7aef

SHA256
20ed01afc92563773607a502c3027637f1efe958a132cdb03a021788d45f1738

SHA512
7de83da0eb67645c2a2e9f4996c496897bd980c89d8e00adfa92091e803f709ba636cd4a536022c926ae649102b3b611c3cfeb95bb1317048cb36fb5fd7f29df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
333892a8d14a3d1ce1cda7f95c4d8e3e

SHA1
82f30dfd34128a24405b49d565fa17edde68b5b0

SHA256
96ab5e0b72d59ebe2a797daeb27d84c5af926a811e8a4a6dbfe5250fe905bfeb

SHA512
71330e89a9f7d416e9398450f09405286c418ac2d45f725a63d42b98a64c33920f64694f87ab9bb06d640dfe1c6b641c17d4fade2bc82307390a2a27240383c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
38b76083c5da5891aac08e11e5a07ab2

SHA1
97ae002dc83735cb2cb6b160c3ed9d3ecf3d6497

SHA256
4fcd8b0130576c3e48a63a9810e571e9dc11085ab1eb3c88b299d90c50fd7ee2

SHA512
0ec98222af1eaaf3613a9d1721b6e3654854aa53fb79272bdf606a9e17aa43457a6ae6607f6c50ff3d9686adba987a0b8e63848535f229226fff831ed285f13f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
d360da0d5fb4559ae2d69a5d7a20547c

SHA1
bda4305e9e4a664f6e556d140a866447a08051bb

SHA256
38c4f816eeedaad6db7be4f74b5ffd4b48b0de09d34c95d745cfab1b6bb2a1c5

SHA512
8a7d61aa36ccad104c44af532d343cf6bdaedfbd7b95c18cf8595bc130ec320027eef2383a7dcfe3b173cd7325548d03ac34d5f945c3fbbec57dcad86dc3d57a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
1b3823dd0d74e8af69576cb1b7c2170a

SHA1
f4f5b54a6fb1b7475087617afea36bfb660f6689

SHA256
7fb3a1657b9c7a8a973ddb51c901391d3d76ae795e5dc90a2c5e97831ebb6bbf

SHA512
588d61d0a4465af258568276f1fcc14ca360b5361561be77322bd0147e58af0b8bc6c3d290028af6b380289a8cf2195946bd4ab88d40cc41a3f0dccbe923ad02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
79da0b55e16ae6e98081ada63efca1fb

SHA1
23894c1c728257692a59605cca8bf476bd5e861b

SHA256
0acf1fb020eb697a05b744f6620e5c603be6f7ed278d7492be2b6dcbf87dd622

SHA512
6a17194eefb11f65385310247e80cafee655054ca1304e59cb6be047ad4ae51113e6c5545f8c846c11fd00b0758c690feae7446987e3237af6cc67a05d3884f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
5647522e3a1130c4d9230aa4a1f06681

SHA1
3367be586d3b2ce87c6dae7b86ecc3c3986f2bce

SHA256
4c469ab82339e19c592dc20e831b7c718ed615ddb014a83c0f09133427107df2

SHA512
774cee66e209aeb0cc395ef0cf137e7de5335e87625a78bb0c6cbe4f48d45e78c252e1f32b1e1bef7522dabf1de19a1d1b9fd226425d3b08ab9ce061996f7a42

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
40KB

MD5
bff16e9d8735139b53efe288c7925595

SHA1
5e67b9c0e01f3c2d582b92e8a1a6c5d9fb751950

SHA256
c07b26816276858d32e2fd33622764b936f51143276fc8a6af59559a83cfa561

SHA512
6cea8d03fde11479ce085fb57730047e05f4d3f3c75d9ed4584eadfdbbae5eae59b011216c124307030517d13116619277b54c96d672f2c2eae89c4d1170cffb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
47KB

MD5
e56f840f843185961e8e0382b118abd3

SHA1
20dbdd030807e2cc2685abf89c4035c4e5406954

SHA256
def1a10948db0ae4d70077f5f85a0387d8650262cd3d0003d4f5d02c9d55ff1c

SHA512
cc5973a1d5c1ef1c5f362a3bb257bfd433c20347a24880b345287ab5140b0b0e3ca5f05a61f863e1383e1ada0a4912ef5eb87b8bc7dfe7fe848f5c10b047df6a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
47KB

MD5
a1393f77393add5ea562de62d3d0f10f

SHA1
317df985633b1bb0fc214baebccb42edb5bd3a9a

SHA256
284ac9c3fa54ebd9a00d422ff3eb0a2f3a57f10be791d2ae2f03c2ed807f8ede

SHA512
5dc4469ed0d72013d98e85a7d2d9519f22cb36af42ccf0cfc38ca9d413cf05a5e490a724bff4f77875ecce23631e85e0c01e38d82f43b8cd737c9ecc87a8b203

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
e144056b0604925d62dcd7f25bcd4180

SHA1
02a6c87e60fe02c9240ec42250adb6017b14976d

SHA256
20da63b9df862a60bc69335409f834f4724b3b5a0f1739459f1edb5b4fa838f3

SHA512
e6619e880b52ed102cea5ff4bbe9393b3a042d9446078b4788ab07f47daaad2ae8d43f9a89b9a5749a83b6bbd90d090d037d1348e28b0cc69081ff25a3755b3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit