Edge Downloads

Overview

Evidence: Edge Downloads Description: Collect Edge Downloads Category: Applications Platform: macos Short Name: edwnlds Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

Browser download history records files downloaded by users, including file paths, timestamps, URLs, referrer information, and download status. This data is essential for tracking file acquisition, identifying potentially malicious downloads, and reconstructing user activity timelines.

Data Collected

This collector gathers structured data about edge downloads.

Edge Downloads Data

Field

Description

Example

UserName

User Name

Example value

Browser

Browser

Example value

ProfileName

Profile Name

Example value

URL

URL

Example value

TargetPath

Target Path

Example value

CurrentPath

Current Path

Example value

Referrer

Referrer

Example value

LastModified

Last Modified

2023-10-15 14:30:25+03:00

DangerType

Danger Type

123

Opened

Opened

123

TabURL

Tab URL

Example value

TabReferrerURL

Tab Referrer URL

Example value

StartTime

Start Time

2023-10-15 14:30:25+03:00

EndTime

End Time

2023-10-15 14:30:25+03:00

HistoryFilePath

History File Path

Example value

Collection Method

This collector queries the browser's History database to extract download records, including file paths, download times, source URLs, and security flags.

Forensic Value

Download history reveals malware delivery vectors, data exfiltration attempts, unauthorized software installation, and user interaction with suspicious websites. Analysts can identify downloaded malicious files, track attack chains, and correlate downloads with other security events.

PreviousEdge Cookies NextEdge Extensions

Last updated 3 days ago

Was this helpful?