Resubmissions

15/05/2025, 12:20

250515-ph86xagj5w 10

15/05/2025, 12:18

250515-pg217swxfs 8

15/05/2025, 12:17

250515-pf8glavqx2 10

Analysis

  • max time kernel
    103s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250502-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250502-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/05/2025, 12:18

General

  • Target

    https://github.com/Da2dalus/The-MALWARE-Repo

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file 1 IoCs
  • Drops startup file 2 IoCs
  • Executes dropped EXE 2 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Da2dalus/The-MALWARE-Repo
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of WriteProcessMemory
    PID:400
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2c8,0x2cc,0x2d0,0x2c4,0x2d8,0x7ffbb851f208,0x7ffbb851f214,0x7ffbb851f220
      2⤵
        PID:756
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1772,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=2912 /prefetch:3
        2⤵
        • Downloads MZ/PE file
        PID:3108
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2232,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=2228 /prefetch:2
        2⤵
          PID:6008
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2408,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=2916 /prefetch:8
          2⤵
            PID:2440
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3488,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=3532 /prefetch:1
            2⤵
              PID:4548
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3484,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:1
              2⤵
                PID:4556
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4824,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=5112 /prefetch:8
                2⤵
                  PID:5928
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4828,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=4832 /prefetch:8
                  2⤵
                    PID:2348
                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5764,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=5788 /prefetch:8
                    2⤵
                      PID:4444
                    • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5764,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=5788 /prefetch:8
                      2⤵
                        PID:3212
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5864,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=5828 /prefetch:8
                        2⤵
                          PID:2736
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4264,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=6208 /prefetch:8
                          2⤵
                            PID:5108
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --always-read-main-dll --field-trial-handle=6068,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=4288 /prefetch:1
                            2⤵
                              PID:1512
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6668,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=6684 /prefetch:8
                              2⤵
                                PID:5164
                              • C:\Users\Admin\Downloads\DeriaLock.exe
                                "C:\Users\Admin\Downloads\DeriaLock.exe"
                                2⤵
                                • Drops startup file
                                • Executes dropped EXE
                                • System Location Discovery: System Language Discovery
                                • Suspicious behavior: EnumeratesProcesses
                                • Suspicious use of AdjustPrivilegeToken
                                • Suspicious use of FindShellTrayWindow
                                PID:5940
                              • C:\Users\Admin\Downloads\DeriaLock.exe
                                "C:\Users\Admin\Downloads\DeriaLock.exe"
                                2⤵
                                • Drops startup file
                                • Executes dropped EXE
                                • System Location Discovery: System Language Discovery
                                • Suspicious behavior: EnumeratesProcesses
                                • Suspicious use of AdjustPrivilegeToken
                                PID:2660
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4000,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=4888 /prefetch:8
                                2⤵
                                  PID:4936
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5048,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=6708 /prefetch:8
                                  2⤵
                                    PID:3212
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6676,i,17013127587806185226,5639508729967830615,262144 --variations-seed-version --mojo-platform-channel-handle=6768 /prefetch:8
                                    2⤵
                                      PID:4580
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                                      2⤵
                                      • Checks processor information in registry
                                      • Enumerates system info in registry
                                      • Modifies data under HKEY_USERS
                                      • Modifies registry class
                                      PID:5816
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x260,0x7ffbb851f208,0x7ffbb851f214,0x7ffbb851f220
                                        3⤵
                                          PID:5256
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1744,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=2244 /prefetch:3
                                          3⤵
                                            PID:1612
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2216,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=2212 /prefetch:2
                                            3⤵
                                              PID:3928
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2576,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=2792 /prefetch:8
                                              3⤵
                                                PID:3328
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2712,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4236 /prefetch:8
                                                3⤵
                                                  PID:4768
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4212,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4732 /prefetch:8
                                                  3⤵
                                                    PID:5204
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4212,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4732 /prefetch:8
                                                    3⤵
                                                      PID:4060
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4800,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4836 /prefetch:8
                                                      3⤵
                                                        PID:5304
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4780,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4884 /prefetch:8
                                                        3⤵
                                                          PID:3248
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4744,i,4152772991386540019,3705336999806367973,262144 --variations-seed-version --mojo-platform-channel-handle=4916 /prefetch:8
                                                          3⤵
                                                            PID:1316
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                        1⤵
                                                          PID:4524
                                                        • C:\Windows\system32\cmd.exe
                                                          C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                          1⤵
                                                            PID:780
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
                                                              2⤵
                                                                PID:4580
                                                            • C:\Windows\explorer.exe
                                                              explorer.exe
                                                              1⤵
                                                                PID:2836
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
                                                                1⤵
                                                                  PID:5900

                                                                Network

                                                                      MITRE ATT&CK Enterprise v16

                                                                      Replay Monitor

                                                                      Loading Replay Monitor...

                                                                      Downloads

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                        Filesize

                                                                        280B

                                                                        MD5

                                                                        36326fcbb6119326e7c8aa24c4156548

                                                                        SHA1

                                                                        ed128a9727e1d58b970e732b8c66fc827b18372b

                                                                        SHA256

                                                                        ac41191dcaf36d91f7bd9a077bc59b1bd7218daa27b263d1da6a548f58264987

                                                                        SHA512

                                                                        ed5c79f1edc0c65a1cf0ace91ea5538245c1569c3b25ae3cdf033ffcb55d37e7b09baec36570e82fc1525c24224cea08a53abab7e52db6376f48f099ffefd1fe

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                        Filesize

                                                                        280B

                                                                        MD5

                                                                        96ff0a7fa01fc7a55913b4beb9b070e5

                                                                        SHA1

                                                                        18f8133e7893b66eb7e3b90564361a582c0b4769

                                                                        SHA256

                                                                        8f7daac3839ab1809e153de8814eee620b457472c149bb944ae38925660c815b

                                                                        SHA512

                                                                        e0260e44e53ffe39c0989db033631910ca4833d841deb90bdc6aa053c78ed953c006c3dcc772919574a5355dceeeabce668fd4e86326ef976be6f531e0897c2c

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                        Filesize

                                                                        280B

                                                                        MD5

                                                                        4d36c9029c3ad3b7d38cdf01f2b93110

                                                                        SHA1

                                                                        7681e2416c97eb9081bd2570a1c731b66093c5d1

                                                                        SHA256

                                                                        5dc8cf6c72f742baf633b849e6fd9dd617f16e20559735d6af5d44e24ea9938b

                                                                        SHA512

                                                                        22db37f8fc178cabe6b92c8f9a61d496d68f8ee3a62822edabfbd13fd3f9b4c97d72191d05cbe473f108c9cc5d381bdee4a030d68928c065ee0d086af696878f

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

                                                                        Filesize

                                                                        44KB

                                                                        MD5

                                                                        0dc7deb9d429199eb077403c9b66ef48

                                                                        SHA1

                                                                        84fdbd8a2e3b032086c7bde795efdce9d576d764

                                                                        SHA256

                                                                        5ba6ca9cc760eac6bdc0a67b783091a22b792026732a13dd71eb5616011b47f6

                                                                        SHA512

                                                                        f8d3016aef35658980cc53020dfeb025e5529f0ed5ab5a2dfb7e73056e0a5b378e8cc100ba76b5d64b6db9fd1c87d91313cf5944f4e3788eb4be8bacd0afb574

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

                                                                        Filesize

                                                                        264KB

                                                                        MD5

                                                                        bce06a8a02c5085421ff2032094f699c

                                                                        SHA1

                                                                        60d4760f122223a0d258c6fa14bb32fbd4eeb6c1

                                                                        SHA256

                                                                        7edc9f42e9255938a06d7145e23167afd6bafca27ad3ce4fa8019a3ad16e0760

                                                                        SHA512

                                                                        7603a36da0e53062473c7559520620246e57d71f4d04609907432db4f25b203c788954fece8fdc4d2fdec0666048fd501f8b7ac849b2eecbfe4cec381081e48b

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

                                                                        Filesize

                                                                        1.0MB

                                                                        MD5

                                                                        33473b8ec1407a3ea695f5e0c22fc2cf

                                                                        SHA1

                                                                        4acebf301f24731478381f3bfa731b079b3f1896

                                                                        SHA256

                                                                        d13f36770622abc4d2b3eb0d4acd0529d876135cccf88f52cf9bf20b80dcff59

                                                                        SHA512

                                                                        9b07109aab02ac096a22489a984436f2a4c33d9b8ff347aebce056376b43df25155b61f950e0521a0157c8dd5a24d137de32ec634a77c41a7dcbf70ad3245811

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

                                                                        Filesize

                                                                        8.0MB

                                                                        MD5

                                                                        4945466bdb08badb2d7f523afede3e75

                                                                        SHA1

                                                                        f39875992f97ab89fdea7dbfcf61640ac9a863b5

                                                                        SHA256

                                                                        a7a8dd30e09d840a201e68d731e0812e9f57833db4d6c14791178dfbc0b6607e

                                                                        SHA512

                                                                        9f3c4df12b08c4d94914c1a50ca1e19ab7a81b0366eeadec36f3db56fbd777660189fc79c9fceac4268acc38fa571d58acb7d134f384e40b35ad0994beb6aa58

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073

                                                                        Filesize

                                                                        46KB

                                                                        MD5

                                                                        bb8ffd17bc2c03b89d9b76025acd8a80

                                                                        SHA1

                                                                        526f36106bd0843753bb63269445d73ada4cac7e

                                                                        SHA256

                                                                        7720db5312bc3c9f0d8489abc4a259cf57ef84ee4d29678a1f24808441d3f32e

                                                                        SHA512

                                                                        931db226940fcbffffcf55d1192e5cbffd317571a8b6a30b61560b83e879e1964517a78b8532ffe4abb9c039fb7d0d646c3c3f206accf0b9f4ee44b2ebf1a31f

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074

                                                                        Filesize

                                                                        20KB

                                                                        MD5

                                                                        7defd708966faefe5c610f256994fb99

                                                                        SHA1

                                                                        12cbe5e32a480c679457f2738e75aee2618a946b

                                                                        SHA256

                                                                        f7a1e98ef42e92cadc8f6232f107ecc0c1507ad11b4e242c05db82ff0ff4c3f6

                                                                        SHA512

                                                                        25e62926be17e22d979cda3f5214bc4911bbf190bcc7e73f264cb9f97707139fc4779359c1712abddaf3c9adb30f21c006473eec2dd4f9f387281826e247ce40

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075

                                                                        Filesize

                                                                        38KB

                                                                        MD5

                                                                        06683093428834519c100588d3bbbcef

                                                                        SHA1

                                                                        d36355db08f9186fc9f502735a5dbb966d139e92

                                                                        SHA256

                                                                        a976b59f11b8e9bfa80d88e3b53e8d2073c3f039a0544066e73f4b58f4ba38a9

                                                                        SHA512

                                                                        06cca8f8cd9bcf4ed5c972358aa9bd683213f1d58f6a76a5bd3201592ea30803fe56b5fbc7047607111301a67ed1a332be9549578cf73dc04a7f7698c40e4181

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

                                                                        Filesize

                                                                        37KB

                                                                        MD5

                                                                        0ec7d765a850c648ac69e82df120c240

                                                                        SHA1

                                                                        a8b67bbfddb5ea5b1e7b125c4ac68961bc4cb4ec

                                                                        SHA256

                                                                        ebefb4f1a94dc2bca30408097e87440dc87406e56c6af82c86fd8902d6f3c592

                                                                        SHA512

                                                                        dccf222a5ebfe85213cac5be0ac3295d1c63313a1d65a8b1056bf6354fd4e8d59d09d28b24220e1b861087b34c197cbbdad3e3aa476d31256191a031f92d8710

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

                                                                        Filesize

                                                                        22KB

                                                                        MD5

                                                                        6a726a217a318999ac0aca3d010bf812

                                                                        SHA1

                                                                        2a75cfcecd66d8a78a763a2178a8566b61c49c9e

                                                                        SHA256

                                                                        2ab8d1161abd32099dcbb3967f8e31962e08f7c665ba6613372fb07715b74338

                                                                        SHA512

                                                                        30cd88837085b0b244469a891c86ef30a3cd5a8f5c35fbebfcad6fded35ee9e49677c5325c55af26f21eb5cea6390549fc9e1b402e9b8bcee6a2b950ee8161b0

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

                                                                        Filesize

                                                                        27KB

                                                                        MD5

                                                                        f813ad92abc739744e185e3990efc308

                                                                        SHA1

                                                                        6391306a6bfe3f30fae3611151c848277c33c31b

                                                                        SHA256

                                                                        28aea16c149f5ee078b34c03cbb8c0eee86663923fc384324cef00f451af764a

                                                                        SHA512

                                                                        3ac8cbb479063ce2ceb339684f86dc87d0a444face209e55de9c68c17c81642fbeec4b64ccea7f424e18b77add3c0caa4bf5d00e5d6f39728d4d61c74120244a

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079

                                                                        Filesize

                                                                        18KB

                                                                        MD5

                                                                        dd9f92d1a1ee662c1472c992ebbe36fd

                                                                        SHA1

                                                                        8b21e6a4915b02bbd247d8846c6a742c120ed880

                                                                        SHA256

                                                                        fb67845b981f637821eb9e809b9fa1c62d41b1bdb0f84247a5a1297dd6b4e154

                                                                        SHA512

                                                                        e5ea698d8345800a7edfbbf0ac800a6368dedfff9df79d4cf13f507f561312ed6ff68268038be7e7e2ed6d0009ce20ed7d7662eb304e49fe7b6cd741ec9091d6

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

                                                                        Filesize

                                                                        46KB

                                                                        MD5

                                                                        a1dcd778b8c06c4299a307532ecd6a40

                                                                        SHA1

                                                                        722771bfa67e4bb8d614a33bdd1e49b55f79c47f

                                                                        SHA256

                                                                        a5f807ccdc864cbed778010004bcf2b3510776ff7963c91fb94daa85aceb8986

                                                                        SHA512

                                                                        7849c1641343912c3cd4f1f312fc9eeccd4a0030735973cb56b308b204250ee5209c726628ce17926bd84748f26df200993355440b90455c3cca7b71a3fcf740

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

                                                                        Filesize

                                                                        23KB

                                                                        MD5

                                                                        c8efc94f0b1d5d2fcd022f0ddeede705

                                                                        SHA1

                                                                        6b834927dc08786d9d000e9f4ab0ff1eeac4b7bd

                                                                        SHA256

                                                                        4bccb0cbcc1711921c11e91b01a6e6291cdcbe7e5a56745ce29f0b08bca88d73

                                                                        SHA512

                                                                        592c59ad5854fa25deefa5cedd7bffbe1de6390d0c28e710cefd67a61c5f78ce4864c087f5640e1c14fb8bed8190515a4de4806d893693407ead261a83afa251

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c

                                                                        Filesize

                                                                        59KB

                                                                        MD5

                                                                        3790b068a1c536940b9640a7e3e04b9a

                                                                        SHA1

                                                                        e400bd69288b03dfc60d6a1aa6116bd7c33ad664

                                                                        SHA256

                                                                        e6dc0ef47922b83aff1287cec50e76c3ab5c8d5a9c662f46230312ff2c0d69bb

                                                                        SHA512

                                                                        9b5b60a42b266dfa457ceb9af65675ec86ef0388841356e4ab481cb6f69ab3853c92f9d2e9c63ae9ecc6b9f2544ffe619972a2d9e034a95f2649211fb715a31b

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d

                                                                        Filesize

                                                                        55KB

                                                                        MD5

                                                                        60c6efabb021c8eec4ba448974887f11

                                                                        SHA1

                                                                        1df8405943257b9356bae8467615d45151931aa2

                                                                        SHA256

                                                                        709d97f82663324b2c441d42258d4aa6d8a0334f03c1935b0b43c9cad3ae4305

                                                                        SHA512

                                                                        714c8fcc3343ad259b3b9681c53063dbd99c0023bcbae51f0f607dcff8cde51cc926d6cfe93be8eb6e2e159ae0405bfc9236df984b47083449130a4c0d7f44de

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007e

                                                                        Filesize

                                                                        88KB

                                                                        MD5

                                                                        a2e53ee908dc616b23256e82e73343f2

                                                                        SHA1

                                                                        c40b4ad46f6433a900536b7abe1d6544d4ee8ec9

                                                                        SHA256

                                                                        dd1a1e2058a992fda5828a86ac635b5efdb488e2aa45daf66f180ed95ef0a857

                                                                        SHA512

                                                                        3ef3cb8b808e747928df27d5d931ae7a68ec09c05106880680089d4e356bb06acdf6d87cc1a3529c9a6d19e1eb991e563bd6392e8197f6716c1c44dc5b444d6d

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007f

                                                                        Filesize

                                                                        99KB

                                                                        MD5

                                                                        2c5d93f83e9c4810d3fd8257c06f3b56

                                                                        SHA1

                                                                        a33a8a4c75381a0e83e31ff46a2e57dccef1db3e

                                                                        SHA256

                                                                        82eebff2d35e1abd48d48b7ff1908e33059281734c7827b006093fed49e5fee9

                                                                        SHA512

                                                                        0a03771731876243893af94c7cdb64517647a72830a08ef79055005be8b652b47e0ca1066e3898cdab310f6be18e51901da1c5ec822440f6e69d6b2f5a2aefa0

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000080

                                                                        Filesize

                                                                        17KB

                                                                        MD5

                                                                        0327116a94be68d508a8448c6cb18b93

                                                                        SHA1

                                                                        ce0682ca6ce1533114f8d71c8fcfb0f2ce5ab012

                                                                        SHA256

                                                                        3df6bb07a6f5af60c8c7e71039bef70a4d811e0a11de0c5eb91705f0872740bb

                                                                        SHA512

                                                                        68417905044c6e9f5b664bbef69502feb198d355cda42b16e5e40e06a5803b6fca84c2e655f2a658321be2fb13bb9c2a0a6c7be38b48b736d61bfdde16ca6bdc

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000081

                                                                        Filesize

                                                                        35KB

                                                                        MD5

                                                                        e1a8c20930736d2b93a50694cde8be62

                                                                        SHA1

                                                                        89f919d542549d634d75584572f353bbbf4dac27

                                                                        SHA256

                                                                        07c5267470e727178ee7d1864eecd9e66186e4e2b560c02d198bc63b2c699be1

                                                                        SHA512

                                                                        95e1f4fae8bd416266c1d63f335f0226d81bce97d9a226afae503e9f08837f445930e4356ae7835d30c44e40fddaf1ef4940ae34d5c229e1e675842eeeff62a5

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000082

                                                                        Filesize

                                                                        19KB

                                                                        MD5

                                                                        c9789bf27bdb48a63bc96d8945d2a941

                                                                        SHA1

                                                                        50df256f4e5dc9e9dc4f69897dc41206a8f2c807

                                                                        SHA256

                                                                        f0cfc25adfda0c1d4c942156dcf67b1e4d6ac41da107323ce1cea84a425d1f8b

                                                                        SHA512

                                                                        e4e8a1569ad4dbf9eceb02619eec4c00172f5e32ceb3c9f8ab9f528af2118e67d71f55cd432fa51a14edc08c5bdc596f994ed1d2c5453aae0457f7a499f5a2e2

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000083

                                                                        Filesize

                                                                        72KB

                                                                        MD5

                                                                        a4bdb2f218e0bde8351b20121bd3b3af

                                                                        SHA1

                                                                        6baa51f73148657a09afc2d6fe8418aeb51d8a7a

                                                                        SHA256

                                                                        9dff37fe970c48070658f5ef2faf40102824f0080afeb0e7903be054c1e3c726

                                                                        SHA512

                                                                        4aa99749d939740bd9369e40b9c1b0b88eff25bc0a0a35383654c0983a704edecd1f3de24b7ce1f875d4856a623278f2cd0eb7ed385a15db986f7f514a0c207d

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                        Filesize

                                                                        5KB

                                                                        MD5

                                                                        b87c04be8348a57c07c8245d2787df83

                                                                        SHA1

                                                                        06deadd0fb58d25b5ab16ef372d724ecbccb64d1

                                                                        SHA256

                                                                        8f0731ea81a44400c101b8790fae87740b7b2ad3fb75e1fdcd76bf514de373ac

                                                                        SHA512

                                                                        00cdfb85cc84007e8f367e5fb19e525732949057bf0d8374574dbc50a31e2c3ef52c32fac093984eea6123b6545a504704a8a9e8e44d38f18075609e7f615721

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57eeb5.TMP

                                                                        Filesize

                                                                        3KB

                                                                        MD5

                                                                        0a14165ba488c1740b2f9ef7580d44ba

                                                                        SHA1

                                                                        6bc101bb59049e75d5f364885e59ec2f58c29b68

                                                                        SHA256

                                                                        cb1ade0ccb2106a198077f1edee519ae8f3230a34c843be163d9c7a5a11c7b48

                                                                        SHA512

                                                                        9ca39d780b1cb853eade3e40bfacf81e0d4d392f3736a3d9ea23db5e69fbb52e13fbe0061cf7aa6d3c9e69428140c1c6c4f082426af22fe5fc0b09103df3e422

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1

                                                                        Filesize

                                                                        264KB

                                                                        MD5

                                                                        6c05a1c4dec1181224b7f9b18e62a827

                                                                        SHA1

                                                                        146f73405a235a2575c84ddb51bfc59f4170cd5c

                                                                        SHA256

                                                                        25e068178d9551299dbfa9f1ab90b992e65b8badfaaff251916d306efea3d7c6

                                                                        SHA512

                                                                        6edf87e81fc18fdc58dbba2b1dd74acf47bd6848d40e5eefa11d8d4bc97ee10a94e4d75af3562acfdfcce9e7e2ae19edb7114774d5ad500b1bda8f4decea5164

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                                        Filesize

                                                                        2B

                                                                        MD5

                                                                        99914b932bd37a50b983c5e7c90ae93b

                                                                        SHA1

                                                                        bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                        SHA256

                                                                        44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                        SHA512

                                                                        27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

                                                                        Filesize

                                                                        20KB

                                                                        MD5

                                                                        0790c2aa11f8d0aa3a44fc4782cecc5c

                                                                        SHA1

                                                                        f6f51906d6e62ca7443ee24657f3845e745b7f9c

                                                                        SHA256

                                                                        5bd755ef7da449f50fa8f3893ffd2a0429c5b9d3cf912219a250a926aa415b69

                                                                        SHA512

                                                                        1467f0d83d3973ffe5c2044341996856c7c1472f51e96d6c45f967306ee0175dbabdedd7a4194c8561a379af6d26016daab4c0d2523323d96abbb8654c4deadb

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                        Filesize

                                                                        192KB

                                                                        MD5

                                                                        95c73c6f6c862962ae412ef9c545878b

                                                                        SHA1

                                                                        fa27ad25fc35841467ee1cedbe7b159f6ec23517

                                                                        SHA256

                                                                        1b03bded58af578b39bd33add18d1d7aa709e5a2d237f3d43db433d522922728

                                                                        SHA512

                                                                        5f0120a1aefd91b4c54b749c8426243ddbfb2744e8db01be0168f22055290656e4ca72604f340cd812cbfdcb22600296177fb2a44fa05bfa2ceab790bf9144e3

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps

                                                                        Filesize

                                                                        108KB

                                                                        MD5

                                                                        06d55006c2dec078a94558b85ae01aef

                                                                        SHA1

                                                                        6a9b33e794b38153f67d433b30ac2a7cf66761e6

                                                                        SHA256

                                                                        088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd

                                                                        SHA512

                                                                        ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                        Filesize

                                                                        20KB

                                                                        MD5

                                                                        8556221d05939d119098f047a3f74383

                                                                        SHA1

                                                                        84e41c8d82a4b16f1e5c73dca26c0df3814b6a88

                                                                        SHA256

                                                                        41cb95e67b2bbe701d068de24a90cc8aabc3459ecfec3ec6eddf36bd37d8838f

                                                                        SHA512

                                                                        89e42fd8f584ee8246434bdce7ef82c4b4519cdde45f95ff11675c09b06c21a5719a095c52b65d03f1a9506de258b78c3f757362d21bf4a71e17469ad68f4996

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                        Filesize

                                                                        3KB

                                                                        MD5

                                                                        c66d4f09639bc36461280ac425191d80

                                                                        SHA1

                                                                        909c4cbfddb5d0fa5a50e86cec0e47bb785572f9

                                                                        SHA256

                                                                        419dd5d19d8d3b348358eca1655e33f18c1a1a186ed761b9db73a53a0048a211

                                                                        SHA512

                                                                        e0e8438c527ed1c5b90fac45410735c98d12149ec2781db67b4017eee973e9de45b06187500ada925098ffb610d439fbb7fb392bd8a02d6d9a64c5b6196fbcc3

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                                        Filesize

                                                                        2B

                                                                        MD5

                                                                        d751713988987e9331980363e24189ce

                                                                        SHA1

                                                                        97d170e1550eee4afc0af065b78cda302a97674c

                                                                        SHA256

                                                                        4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                        SHA512

                                                                        b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

                                                                        Filesize

                                                                        40B

                                                                        MD5

                                                                        20d4b8fa017a12a108c87f540836e250

                                                                        SHA1

                                                                        1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                        SHA256

                                                                        6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                        SHA512

                                                                        507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

                                                                        Filesize

                                                                        1KB

                                                                        MD5

                                                                        682d548226f7de04be485f9303671213

                                                                        SHA1

                                                                        20302b523987f498b6d24c67ad67128e8df9120f

                                                                        SHA256

                                                                        b47b5ccf30d4e2758b225fa040bb1cb10fd23218229270a35391d037615a4506

                                                                        SHA512

                                                                        c88604c23ac95cf541509ea0c5195a4e991a663dc86b02ec52fd681d50f04c65c61ec4e16c0158a96b87e2acd8793ac2f2588cbaece79de7e37bb8dfe1320d93

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                        Filesize

                                                                        17KB

                                                                        MD5

                                                                        2fd546b249982789932e99200fbf6128

                                                                        SHA1

                                                                        be4d06bef249cb946b2047fc45ed32fe506c5a1e

                                                                        SHA256

                                                                        87a8d11218b803e01c06a5f036524ef92b40ecf57517b420b843b5e6d4d89986

                                                                        SHA512

                                                                        7b49f0e99cbd26c18b11eaca18c5cbc1a927cdcb03278eb38da7dd2fc767cee287c6688facf244e64d09feea3c270f82f75a9483981189de75a321aeb2d09156

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                        Filesize

                                                                        16KB

                                                                        MD5

                                                                        f1211a1b328db2e84e2f536e0e9978f8

                                                                        SHA1

                                                                        afe5a2efd1de75d4be0fe15c5195d6d020390c12

                                                                        SHA256

                                                                        96e3d745b955ef63c84e6442ce97a468c93c6f490da5ef7a57d3836fbcac73e3

                                                                        SHA512

                                                                        ccfb6e79006d055185374e989fc151379e9fea16a985f08f0f5c4bbff3f0f8419bdc9b7004f22ee611b8040601ed53e6e913e74166551e4bbbde5cb1328c6d00

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                        Filesize

                                                                        36KB

                                                                        MD5

                                                                        c85771d81440d198a423f1225589e0e0

                                                                        SHA1

                                                                        00480d552c2ed41ccdf4faee3090259bae2ad45f

                                                                        SHA256

                                                                        7db83841766157dd49ce66f194d5a74151926b4fc6d7c4b6a8fc217e869982b2

                                                                        SHA512

                                                                        66b66da1b9b98ff7f6326f4dfe958e8086709e678174fdd3e6ebaafb0e7ad854cb6158a8848f5c5fe969b45d321f09af7e6ac7a4aa14c6354f96bd068e970496

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                        Filesize

                                                                        335B

                                                                        MD5

                                                                        0d881399760fed248d5c33f837fb9042

                                                                        SHA1

                                                                        074c4a7cca02d1d80db7cc14fd9f95a1cd46baa4

                                                                        SHA256

                                                                        6c32db7d2144ad321edbac8da50bdc3602395589f5fac3886cba592b986c54ad

                                                                        SHA512

                                                                        9c6c72984538712694340f0f2dd79701e48e72b019dce20b863fd02372499fc031e0b35db77431183d8d6c55888bb8e54b954dfea778e755f9ac925e59226d76

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

                                                                        Filesize

                                                                        112B

                                                                        MD5

                                                                        3390e68f542221fdafeabfbbdf46c9b6

                                                                        SHA1

                                                                        86a181330b82567b70914717dd29867a8fa81ec0

                                                                        SHA256

                                                                        349c26e3f15d1535f6b3b38223de6023f5a8d62a267bae5051e7b9def2b4705e

                                                                        SHA512

                                                                        1473e8c40c30729c340b068a79a6ffb207691503dab3b40c46dff3c22899ed5446f97009cbcdc414b4b8a0d0b89719ca57898578a72ceb884769ebdb615bf786

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                        Filesize

                                                                        347B

                                                                        MD5

                                                                        7a28accc2d44724127d4966cdcc4f19f

                                                                        SHA1

                                                                        294ffe7679aa9b8c5f3876451fbb8a21d3a487ee

                                                                        SHA256

                                                                        319dfb8364aa15082781469c7db923d8a850be778977f2166e2a9758bd8267a3

                                                                        SHA512

                                                                        5d5d68a1ca27ba1c64e1afae37ab511e9787e94eeb8f8ac887ae8570d461943553deb54da3ba03e7e2f3536238d2c6787c3d5bdf52ec167ac9e7cdc51ffa2a1f

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                        Filesize

                                                                        323B

                                                                        MD5

                                                                        0a71e8e0e9c8d4bbadcabcfc018466ae

                                                                        SHA1

                                                                        37d202ddd94d982e7e0d44b4257e63c7cca8a3f7

                                                                        SHA256

                                                                        c1c10065190b6e7c21874c0351a8924d1770c134522eb67ae62a81ea04b86205

                                                                        SHA512

                                                                        897441af0bb79133c351c363cd9ca129839d82bca317f39ff361ff2479cfe48a2a622dd6683d93dd28867cd247cf6c2140e34497aa1d8ebe481688eff5879467

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

                                                                        Filesize

                                                                        22KB

                                                                        MD5

                                                                        b54ed3062e77da540c89e02ad2b48a0c

                                                                        SHA1

                                                                        00578ef2296e5e2a8872b46c5e7bb93153cec1a8

                                                                        SHA256

                                                                        027bed01170fb6bf9eae37948a9366eea9ebf9906562a7ccf4fd752aeebe92b3

                                                                        SHA512

                                                                        052413c1da1f5cf39329be5df53d36abfacf9c93d2bc9d2c5d20aa77275e30a971410ea5edb34715eb0fed8d12c690b0c4ae488c6dcd930ebff3a4f62a14a677

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                        Filesize

                                                                        128KB

                                                                        MD5

                                                                        7f6192fe0ef27db342251d2a01c961ad

                                                                        SHA1

                                                                        fc93f08f701490aa2ce487ed35662e27db94e200

                                                                        SHA256

                                                                        97bdf9396956c4b41b443a4aee51e263eeb4fea669d2138681073c55c251b238

                                                                        SHA512

                                                                        cc60ad5b47d479510d1eddbe4aa939ac749572a35d36dd9545de9fdc89b6bfa1c06813e55f5851c53c611107c0581d9e8198059168957d67f53e59889a77cb5d

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                        Filesize

                                                                        13B

                                                                        MD5

                                                                        3e45022839c8def44fd96e24f29a9f4b

                                                                        SHA1

                                                                        c798352b5a0860f8edfd5c1589cf6e5842c5c226

                                                                        SHA256

                                                                        01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

                                                                        SHA512

                                                                        2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                        Filesize

                                                                        40KB

                                                                        MD5

                                                                        93bf575d21d43a5c32d754cc8cc07295

                                                                        SHA1

                                                                        ee741bb4677ad2fe372fea54055eb7b4f8d097b3

                                                                        SHA256

                                                                        6754584d74404a28764d0118fbfa28b5cf080b8e7b73d928bda192a8dd14e91e

                                                                        SHA512

                                                                        d823a90a2341d6c8f2ecd99bc70728050673948a1f7cbc39708c21875e6d468c4f8316f99318a92f4286b838eb93a72d63c653bf248aa88b76a094236fd4cb98

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                        Filesize

                                                                        48KB

                                                                        MD5

                                                                        07dd98194d704fc007d4fcb25b6c8e08

                                                                        SHA1

                                                                        1e830959b0d544298a626e547a633585c38b2f1d

                                                                        SHA256

                                                                        f8514eed6e1ca1a593227cf9b028d8d0c35432021a44cf9ff60558401365c7df

                                                                        SHA512

                                                                        c9ba35541dd17ddeb8570d99124cb3b7b089208866804bbc035d39908b13e93a829de14f8014cb77d792b685896f787463ff91311af9667970b54e923395c3d6

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                        Filesize

                                                                        54KB

                                                                        MD5

                                                                        9ea5677d400486c6e6b02ed6244b61c3

                                                                        SHA1

                                                                        fb8e4a03e69b46397988b20093b63e84690dc43c

                                                                        SHA256

                                                                        88e002046187fc646854f08625a1ffbd8e538ccbe0690be9ef8e3cda8ed26f48

                                                                        SHA512

                                                                        dcb3be1077fe064df72e75d6b1df9c976c25b9d4b0b8ffdffd85b4a8b8eb8cab2ff8e841a7b0f3cca7864e0fca24f3ba7049cdd33ccb301d97e2837ed17bc2d1

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                        Filesize

                                                                        40KB

                                                                        MD5

                                                                        4ba7b9cb923cec2cc0439735f6b8cc71

                                                                        SHA1

                                                                        06a22d2237887a8e3506acfb46519e686e63a8d4

                                                                        SHA256

                                                                        39484f72dff2f06331793863b53153333ce6ce28ba5126208daf1851be37ca55

                                                                        SHA512

                                                                        5b77c98221dcecff1b9a13655daf588b9ade8277c8b53e97438a87725877e59f43e2488fb96a32bbd75b82b7bacb62fb92d778f170e6ca9a051b603045a575a0

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                        Filesize

                                                                        54KB

                                                                        MD5

                                                                        2d168a4f29069484d0360695c912f51b

                                                                        SHA1

                                                                        86e9f83842e8add96b3392d37f4950537639f2d8

                                                                        SHA256

                                                                        0bba8082b8eda86a665da4f4cf51b840ea8154a73c13cbe9010b604c79a4b7c8

                                                                        SHA512

                                                                        f7ca14ec6d64d09392a958d9d23842b1147549857c77c3044ae4840ae5eb9f5bf53ed808f2f5e49fa9e7d35c55720e0034ce5f7c72d061e6582160aab4514aae

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

                                                                        Filesize

                                                                        264KB

                                                                        MD5

                                                                        1ae6f0a3d99922ff34ab5c3631e396c5

                                                                        SHA1

                                                                        48fd16ac071d5f84bf1bae0aa65ce9f307230c30

                                                                        SHA256

                                                                        1c5784f93d7cd67e1fb37395ab8f9111f766adea796276095b423fa311c6f581

                                                                        SHA512

                                                                        a5fd306b8b49d0df5fc59c2076af67a5825ae76e80914ec35b827c2ce46e9df59e17c6ef58a8d7fdbdbf13af395e22b49c68b7630531137dfce628b2115e4efe

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                        Filesize

                                                                        86B

                                                                        MD5

                                                                        961e3604f228b0d10541ebf921500c86

                                                                        SHA1

                                                                        6e00570d9f78d9cfebe67d4da5efe546543949a7

                                                                        SHA256

                                                                        f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

                                                                        SHA512

                                                                        535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

                                                                      • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                        Filesize

                                                                        2KB

                                                                        MD5

                                                                        cb9ce93a39854087b15dd96da7ec88da

                                                                        SHA1

                                                                        e98b462a7e2db1a3f43729f147f5071ac0382e7b

                                                                        SHA256

                                                                        6b5e06c1bf235fe4f93ea03949874f02fbbef7dc4d7b839bde8f31185959f16d

                                                                        SHA512

                                                                        3de3ec1c3947254834966a87b17b700ab79d256a914cf9d74605aab0cfa1651f8a62b41dd7fbcf1abea4849b4cdf41ba2f352d3a32d6bde9ff5bd418a0695b70

                                                                      • C:\Users\Admin\Downloads\DeriaLock.exe

                                                                        Filesize

                                                                        484KB

                                                                        MD5

                                                                        0a7b70efba0aa93d4bc0857b87ac2fcb

                                                                        SHA1

                                                                        01a6c963b2f5f36ff21a1043587dcf921ae5f5cd

                                                                        SHA256

                                                                        4f5bff64160044d9a769ab277ff85ba954e2a2e182c6da4d0672790cf1d48309

                                                                        SHA512

                                                                        2033f9637b8d023242c93f54c140dd561592a3380a15a9fdc8ebfa33385ff4fc569d66c846a01b4ac005f0521b3c219e87f4b1ed2a83557f9d95fa066ad25e14

                                                                      • C:\Users\Admin\Downloads\DeriaLock.exe.deria

                                                                        Filesize

                                                                        20KB

                                                                        MD5

                                                                        79ae7f747206567fef8e19ba1eb0217e

                                                                        SHA1

                                                                        d2cfecd6690b291379f019cfe335b7d12a0e8445

                                                                        SHA256

                                                                        e16ab8de7b7a53c1a51d3acd0f9b137a6f36da7935a951017816e9363420111c

                                                                        SHA512

                                                                        7ea13e0c3ce6997b18584e4911a0c55417616f34fac78f25118db7a2fa32b2f604cfbcccf2656fa0734f4bf20663299c28e52939b730b35afae1c9414e03a64b

                                                                      • C:\Users\Admin\Music\desktop.ini.deria

                                                                        Filesize

                                                                        512B

                                                                        MD5

                                                                        e1bc4f7581f17635f7728f1bb161f215

                                                                        SHA1

                                                                        0d8adb6920fcfd34bb7c72cacc96129b31d540a3

                                                                        SHA256

                                                                        0fb8c2320e0c8302910e3125cfa7a78e4da73c7a085f04408d2ecf433a283fc7

                                                                        SHA512

                                                                        0e4cf50ea39beca432d189b23a7ad63929cfbd371eeb8309680930b3194763f73fc1c662ada1df1f5cc6afd6efcede610035178ff2acdb986024f0a4f8a74e3a

                                                                      • memory/2660-426-0x0000000005B40000-0x0000000005B96000-memory.dmp

                                                                        Filesize

                                                                        344KB

                                                                      • memory/2660-421-0x0000000000F40000-0x0000000000FC2000-memory.dmp

                                                                        Filesize

                                                                        520KB

                                                                      • memory/2660-424-0x0000000005910000-0x00000000059A2000-memory.dmp

                                                                        Filesize

                                                                        584KB

                                                                      • memory/2660-425-0x0000000005AA0000-0x0000000005AAA000-memory.dmp

                                                                        Filesize

                                                                        40KB

                                                                      • memory/5940-422-0x0000000005110000-0x00000000051AC000-memory.dmp

                                                                        Filesize

                                                                        624KB

                                                                      • memory/5940-423-0x0000000005760000-0x0000000005D04000-memory.dmp

                                                                        Filesize

                                                                        5.6MB