Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://www.mediafire.com/folder/7z8jii73j03wu/Roblox was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-29 02:17
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-29 02:17
Reported
2024-02-29 02:19
Platform
win10v2004-20240226-en
Max time kernel
103s
Max time network
108s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/folder/7z8jii73j03wu/Roblox
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc2d6246f8,0x7ffc2d624708,0x7ffc2d624718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2544 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,16548377825681513437,8910097966885180325,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| IE | 74.125.193.106:443 | www.google.com | tcp |
| IE | 172.253.116.95:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 194.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.116.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| FR | 18.161.108.4:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| IE | 74.125.193.100:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | 94.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.108.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.97.161.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.193.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 44.232.46.124:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 124.46.232.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| IE | 172.253.116.94:443 | www.google.co.uk | tcp |
| IE | 209.85.203.157:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| IE | 209.85.203.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| IE | 74.125.193.106:443 | www.google.com | udp |
| IE | 172.253.116.94:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 94.116.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 172.67.199.186:443 | the.gatekeeperconsent.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 172.64.96.6:443 | www.ezojs.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.96.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.56.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.145.39.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| IE | 209.85.202.156:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 3.77.12.39:443 | tlx.3lift.com | tcp |
| DE | 18.157.70.126:443 | btlr.sharethrough.com | tcp |
| DE | 18.157.70.126:443 | btlr.sharethrough.com | tcp |
| DE | 18.157.70.126:443 | btlr.sharethrough.com | tcp |
| DE | 18.157.70.126:443 | btlr.sharethrough.com | tcp |
| DE | 18.157.70.126:443 | btlr.sharethrough.com | tcp |
| IE | 209.85.202.156:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| FR | 52.222.144.51:443 | tags.crwdcntrl.net | tcp |
| IE | 54.155.211.205:443 | ad.crwdcntrl.net | tcp |
| IE | 99.80.32.224:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 184.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.193.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.12.77.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.70.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.144.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.32.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.211.155.54.in-addr.arpa | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 00dd9556a61be02b313f3bca6314529a.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| IE | 172.253.116.132:443 | 00dd9556a61be02b313f3bca6314529a.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| GB | 92.123.240.21:443 | contextual.media.net | tcp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| FR | 52.84.42.47:443 | cdn.prod.uidapi.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.203.132:443 | cdn.ampproject.org | tcp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| IE | 74.125.193.154:443 | googleads.g.doubleclick.net | tcp |
| IE | 74.125.193.154:443 | googleads.g.doubleclick.net | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| IE | 74.125.193.106:443 | www.google.com | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| IE | 209.85.202.148:443 | s0.2mdn.net | tcp |
| IE | 209.85.202.148:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 132.116.253.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.240.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.42.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.193.125.74.in-addr.arpa | udp |
| IE | 209.85.202.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| IE | 209.85.202.148:443 | s0.2mdn.net | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| FR | 185.235.86.56:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.67:443 | ag.gbc.criteo.com | tcp |
| IE | 209.85.202.156:443 | securepubads.g.doubleclick.net | udp |
| IE | 74.125.193.154:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bucket.cdnwebcloud.com | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| FR | 3.160.196.41:443 | bucket.cdnwebcloud.com | tcp |
| US | 8.8.8.8:53 | download2344.mediafire.com | udp |
| US | 8.8.8.8:53 | 148.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.196.160.3.in-addr.arpa | udp |
| US | 199.91.155.85:443 | download2344.mediafire.com | tcp |
| US | 199.91.155.85:443 | download2344.mediafire.com | tcp |
| US | 104.19.215.37:80 | otnolatrnup.com | tcp |
| US | 104.19.215.37:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | neural40.cdnwebcloud.com | udp |
| IE | 54.77.96.80:443 | neural40.cdnwebcloud.com | tcp |
| IE | 54.77.96.80:443 | neural40.cdnwebcloud.com | tcp |
| US | 8.8.8.8:53 | 85.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| FR | 52.222.144.119:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | www.ovardu.com | udp |
| US | 172.67.174.4:443 | www.ovardu.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | 80.96.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.144.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.174.67.172.in-addr.arpa | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 18.192.17.50:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| IE | 209.85.202.138:443 | www.googleoptimize.com | tcp |
| US | 8.8.8.8:53 | www-static.operacdn.com | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.17.192.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.85.84.104.in-addr.arpa | udp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| IE | 209.85.203.156:443 | adclick.g.doubleclick.net | tcp |
| IE | 209.85.203.156:443 | adclick.g.doubleclick.net | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | www.bitdefender.com | udp |
| US | 172.64.147.169:443 | www.bitdefender.com | tcp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 96.16.109.56:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | 169.147.64.172.in-addr.arpa | udp |
| IE | 74.125.193.106:443 | www.google.com | udp |
| IE | 74.125.193.154:443 | googleads4.g.doubleclick.net | udp |
| IE | 172.253.116.94:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| IE | 63.34.206.49:443 | dpm.demdex.net | tcp |
| US | 104.18.130.236:443 | cdn.cookielaw.org | tcp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| US | 104.18.130.236:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 56.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.202.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.206.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.130.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sstats.bitdefender.com | udp |
| FR | 63.140.62.17:443 | sstats.bitdefender.com | tcp |
| US | 8.8.8.8:53 | cookies-data.onetrust.io | udp |
| US | 172.64.155.63:443 | cookies-data.onetrust.io | tcp |
| US | 8.8.8.8:53 | starget.bitdefender.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | bitdefender.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 66.235.152.225:443 | starget.bitdefender.com | tcp |
| IE | 52.31.24.3:443 | bitdefender.demdex.net | tcp |
| IE | 52.31.250.174:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | assets.adobetarget.com | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| GB | 104.84.71.26:443 | assets.adobetarget.com | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | 17.62.140.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.24.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.250.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.clarity.ms | udp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
| US | 8.8.8.8:53 | js.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.71.84.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.174.119.20.in-addr.arpa | udp |
| US | 151.101.2.217:443 | js.sentry-cdn.com | tcp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 151.101.2.217:443 | browser.sentry-cdn.com | tcp |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | o4504802466004992.ingest.sentry.io | udp |
| US | 34.120.195.249:443 | o4504802466004992.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9f44d6f922f830d04d7463189045a5a3 |
| SHA1 | 2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c |
| SHA256 | 0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a |
| SHA512 | 7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d |
\??\pipe\LOCAL\crashpad_464_ZNGSXNQLMZDVZWTU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7740a919423ddc469647f8fdd981324d |
| SHA1 | c1bc3f834507e4940a0b7594e34c4b83bbea7cda |
| SHA256 | bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221 |
| SHA512 | 7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 008018c0f66ef42e11ff57b29238f4c1 |
| SHA1 | 8c6bff8cff01ba80cfd1bbde6fee1a65edd2ab96 |
| SHA256 | bd8b7eda77d5f1d1a9c8b80e07cfc9a1d42a7dc3a0a89fc33037b45e6d7e3e72 |
| SHA512 | 06ec5172680e6970641328e65e3495fbf15d58e6879f950ab80f2d06fc9e0b1bda89393218df421e6a4258e63c128ebd48c0a21519cebf243f9e79c49ce11ee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b6ec050193d8888f57d5d01cdcb59354 |
| SHA1 | 63dab97e2230db29a610f2df8d5f8a184eddaea3 |
| SHA256 | 42c6539a5a674010959fff0164f24f04ec600e1afccd2f01c6efd807c8d42371 |
| SHA512 | 5ebebe85842061012c218aca57cd62a986e8d2eb95c596b37728210ced5a2f642adc00549c8477c7ca81a27da01d7e79b44fd84c4f4ba7eb75e07c62ac3cfe96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | acc4f81181509a973923df71ad11fbed |
| SHA1 | fac4618fa884e75257714a95a12969c8b37542b5 |
| SHA256 | 5d27ea65faea5d679533c76295e0cf8b4499331d9c37f299aaf6cdab0491010a |
| SHA512 | 65108c41cd3858328f61ab1ec84033c72df1bc66f5860d4c3300047285176d9c0891eae8135e7b8abff687db8c8c3bcf3d65929cfc4b220865b0ababc2af4dcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9367dffb540534e225e369794d3df0b6 |
| SHA1 | ae87c54ff02785d9963685e252973c76d0bebf08 |
| SHA256 | f4c6188a5116bd8e1bb99c5702515f82239db04a8334568acb5c80965749ea2c |
| SHA512 | cf76e74289a375fb6be43d8c04bccb49611664b5886721bc7ac5227b547fc93455333a061090c65f7918b5749dc7b01a3def08c0c90e138c27157da34971f10d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b2f4.TMP
| MD5 | 26906c0c8226674f24b0b83ac8042544 |
| SHA1 | b41562eb6af379d6e85a658d8704042773855801 |
| SHA256 | 6b8c317ffeba01112cd84903c2581b69c999d5581e2fad4e804f8d358bb6c946 |
| SHA512 | b1e4b58c41118c0a91fab4ccdf60b3f1079aa96e7280d4829fded541d512dd57675c52dac0ce9ca0165689215267b1c85cf3514a09541fb601af9ad7fd344f77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a6affb7f0831e724eed102c890c81f34 |
| SHA1 | bfc9b99f44b730510fb2274e4e2acac8c496b8dd |
| SHA256 | f7fa096fc5b2ec799412c2154eb53f15933e2593109fcbd9ef5b56f1d7282694 |
| SHA512 | 490ba7e2d265de8f31bec6e99695ffc7c4c1e4e79e99460b93622100537b7d94788d676fee4b4c8d19c24fa4dc1155f2d2be0546ea259d0852ac9d36f5e9bad7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c87eabab03c59d5f2f2f1e32ca95aef9 |
| SHA1 | 57223dfaf4f8bf5153c8af2d847c6d6ef62b2c05 |
| SHA256 | eebc8574f6fa0bf9632e19de4ca743041abe5d5809eff22550f1520687aa14bb |
| SHA512 | 6c91a0f19f2f253fb71f29f278ec761885b8b80fb80b9d0fab68b7d76a1ef8851008b4bb9225c6168c2d29fa31296ce1efe31b77282ca281fed52696930703b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 30b1722058bb74b56b586811489f8de1 |
| SHA1 | e593ddecc52f45e5d36487a5300a7aa037d0deb1 |
| SHA256 | 90eff3381a7bdf7e81a2f176949a697938782c0a6a97dbd8785f327e0400ae0b |
| SHA512 | 53555983fa97a80392627e681da8c4b8fd5061c81e2681bb89ee7396cacdb3cd6405e107c22ae7a073a3fda8929f2084256802bdd9c88b72930cc3b6fe68c025 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 471f0c51771921e99fe575e8fa187fb0 |
| SHA1 | 4f0e7f3db762d840ba68e77929f0ebd4b995c197 |
| SHA256 | 5b68d0565810350a299cb92edbe8a5c6bbdbe7cdcf9812ffb071ba1b8664bb2b |
| SHA512 | bfca70e2d4124cd8564cf016944d6050991392e7bae26d6dd7327fb5e6ccd5f1aebfa33c72ea8bdfdeb4c598353391afdca8cf759f0e584b11a007712dc52a8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4b739e665ebce94c6b87081480f84c63 |
| SHA1 | 6ab75b8b6a827946c2856778d5fbe2a51b371cd0 |
| SHA256 | 08e1a0bdc92a4223f59fd98e72ca1a6502b696fc52f4e63da8f78d0f87447d40 |
| SHA512 | 393fbb1a5444d0be46a94ea069328c6fe8696b2ea6eb70ae16112814eb2a554af0e3635fd5e9f4714595449ce87fb4bb7543f21c8214280de175116b0d3c57b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 542d6c2baaa5a03664be8e49c47f2037 |
| SHA1 | 5ca19290ae33ea2687a417f9275b88c826e78ea7 |
| SHA256 | 99de4a9e05f05b968a83dfad66f2041870fbf76a25905f66a6798e86e378c8af |
| SHA512 | f2c77f1a6a1853b8f68e8c534f126ddb5c44c7ff0fb19f5bee4375bb067b0b9118c7b7732ab84edeb1c36d94f23126e02c06da3f7bf5b52391e8e93d48551bd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e68486f05ad647864405f1d334aa15b |
| SHA1 | 1e5c1ad96665151d49777f8f3b233fe372867eaf |
| SHA256 | c11b0d3ee05309215746681305c46c61cd89847c8cefa0598c088a06246562f6 |
| SHA512 | d309e57357a5278c48524fd4ea3f474e2f04e337bff6b7741df2c9cba88e15ba956c46f8e1ed64c7fcb090ea6d7ac0f932be4f2a7dda81700b8655131cd0147f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9904167fe9a3ec95700f5658773951c8 |
| SHA1 | 499dba8ebeabfa03ecf571862e89f52595db7ac8 |
| SHA256 | 7efbfb5560050a5738170ceaf00578e31a97429845498beb3b46492acf0a67a3 |
| SHA512 | 1e36dcf41e08dbb4d8649829639e146ce78af429b633575234f94740419f5ee27582dcfa5eafa38c69cf374dc04bd10c0fdd8dd5efff3857aa6e0c7604785932 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6a42ad14fdff3bb0b8fa8457c3acc9c5 |
| SHA1 | 46e487188c7ba512fc169e46cc1d19fd325f2d1d |
| SHA256 | 9d9d8b488681a8b15b0324675612afa4c805f3fb461de06dd234c6b874bf1b29 |
| SHA512 | c9b976bf2180a865a4c5a1bb54d542a352cf6498b935702af3ae0a87271db9c888fa76f9c5de2902ab0eac48cb2c9f11a79bf24dc27dfe1bc4dd0c85e21d0f3e |