Malware Analysis Report

2024-11-30 19:01

Sample ID 240322-w79mashd91
Target https://youtube.com
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://youtube.com was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-22 18:34

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-22 18:34

Reported

2024-03-22 19:33

Platform

win10v2004-20240226-en

Max time kernel

1800s

Max time network

1685s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4624 wrote to memory of 2384 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 2384 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4700 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4624 wrote to memory of 4856 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab57746f8,0x7ffab5774708,0x7ffab5774718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5112 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2f8 0x414

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5156 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1376 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 youtube.com udp
NL 142.250.179.174:443 youtube.com tcp
NL 142.250.179.174:443 youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
NL 216.58.214.14:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.251.36.22:443 i.ytimg.com tcp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 22.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 201.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
IE 209.85.203.84:443 accounts.google.com tcp
IE 209.85.203.84:443 accounts.google.com udp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 35.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 84.203.85.209.in-addr.arpa udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr5---sn-q4flrnez.googlevideo.com udp
NL 142.250.179.194:443 googleads.g.doubleclick.net tcp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
NL 142.250.179.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.179.196:443 www.google.com tcp
NL 142.250.179.196:443 www.google.com tcp
NL 142.250.179.194:443 googleads.g.doubleclick.net udp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
US 8.8.8.8:53 202.191.194.173.in-addr.arpa udp
US 8.8.8.8:53 194.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 196.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
NL 142.250.179.198:443 static.doubleclick.net tcp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 198.179.250.142.in-addr.arpa udp
US 173.194.191.202:443 rr5---sn-q4flrnez.googlevideo.com tcp
NL 142.250.179.196:443 www.google.com udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
NL 142.250.179.174:443 www.youtube.com udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 142.251.39.110:443 play.google.com tcp
NL 142.251.39.110:443 play.google.com udp
US 8.8.8.8:53 110.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 128.230.140.95.in-addr.arpa udp
NL 216.58.214.14:443 www.youtube.com udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
NL 142.250.179.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 88.16.208.104.in-addr.arpa udp
NL 216.58.214.14:443 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 216.58.214.14:443 www.youtube.com udp
US 8.8.8.8:53 play.google.com udp
NL 142.251.39.110:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
NL 216.58.214.14:443 www.youtube.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e0811105475d528ab174dfdb69f935f3
SHA1 dd9689f0f70a07b4e6fb29607e42d2d5faf1f516
SHA256 c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c
SHA512 8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 47b2c6613360b818825d076d14c051f7
SHA1 7df7304568313a06540f490bf3305cb89bc03e5c
SHA256 47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac
SHA512 08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac

\??\pipe\LOCAL\crashpad_4624_TFJGRERTXJVBIBFO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fecd85a47b6a41754934aca22ce8901f
SHA1 aea3526f6839163f3811f164d7b8c56fdf4e8b22
SHA256 a042911bdc9160eb3a3a5030dd455a77d69f8cbba1fb3ad8055342854ce28d79
SHA512 cdfc7eddd12946cc4e590d232691847354ec6d8d103fb18f3a6d25e3b63b0782c2cc91357b7f189e2f42c7649cb7f43d3b656fe6de2b525b44a228bc4cc21d5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 56be1c0198959a9d07fcff51bd99ce32
SHA1 78b38b4ec70e6b2ca33da6814e3b533ecb86db3a
SHA256 0e68217b678767f0802e5259f371b863427f3d463945aa0fa0fc51782df5341f
SHA512 29af6762c52030a1a382af4006070a914530842ecd7be2438f2fd9649b5566ac0048d62657352fd2a2cde064b79438bd89ceedac7d61bc45d3172ba5a1580e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 fb0ec513f16a0c7b60451c473c681236
SHA1 5d235dd5c3f7213fa55f110f0e0cd72055f35cb4
SHA256 ba16705d97fc3a6509847647306db832b2fa0a6f2f066fb9465ce24756a00053
SHA512 6de7e0c0bf9db422a4ba5fa16bc753927764e7a662d55b8cd391824f586431dd2d6cfeb9cc92903e89c6d087e14336cedba60c7d269872700bbcbf22f5fcd02d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d85e58cc9d4059b84e0059580fd9b2ea
SHA1 01f7da7d84914f118171553c9773f9ab7f90a3ec
SHA256 91583db442af15fa73f0e077b8268ca2e146e145c580389df69c632ddda955e5
SHA512 f47704f7579213c9462017b1fd8663438a104ded2d4d45a1dd2a203fb84d94abe1b44004becb19bba13ba5250cf6b48ccf2cc0543cd46269042e79f67b9714c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a8d4a6775375fb771b3dac89256ee1c8
SHA1 655fb22a7ab70c2a62723d7c35ba74e521a1e6d9
SHA256 5b5433b0fe1d84da802196c0570fe296647743d678f5cfa14715dc9a61cf3627
SHA512 359211b5ea72c2bb65ecdda3a6a9146005cfcd3387ac5c89512768ae9f52afd72e305c9d43511c687ae846f9de82afa6b8a3e70adc1e2e8125b5e76e5f2bab31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a2e4b3ddf7fa6de38aff667329f812aa
SHA1 7d447abcc4210f027b3bd721739ee0a38fd4238a
SHA256 22993a19de628540f0f79eca1381c1d62068b885e78466acac815217ba7cf29e
SHA512 d4317f5b1a27223b29d122255f487555ddf66cc2b176e49059a69d008b9beb4d0cc74c636b5b3098c3a3f6a9b7549df0a57b0a0a866b4ce1f4ad6c508700ea6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 272e997d9b98fe73648bf19fadb645bf
SHA1 fab6c1f4bd7e6c823b63fe13e46ea1b26ae3087c
SHA256 d0dfd2255b68c6fa60566e36525ed56124be195594d2c70c28673b8d22e5e23e
SHA512 b98f9c8cb5b6ca19cc506e500b632031935d35fbd2ef82472612ce51b120f69fc78b8167404d0939fbaf3e335ecc61586196180968fa75e021dca8d2a7b56dd0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578b67.TMP

MD5 2dd155b9bbca4bf5c517b4a210f1b934
SHA1 4ca86dbddf6e7305143eba8fa1775d49e3725f1f
SHA256 72d71a9e96723f9bca364a74d4fb080898cdf117b6c2bf251ce8d75956cfdeea
SHA512 0468bbe1bf772073fd7c9099d41591e67f98a6b7d0f9a868f3b3ccbcfb61f9638172a75e495d6ea0469366d8abae3f564be5804b3a156486becd73e6287d3f4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 29de90ad57f2716b0c0e66a44821710f
SHA1 e7cb9ee97f0e6ed3d23ac837a38a6eea99bdfccf
SHA256 446d80752ef9bf7bc01af0599cf3085590a994168b2ee05d5ce94042e1702541
SHA512 d4911456aca0ac9769dc741eeb2f17c08f6f0ad167993d39b8af8580cc86358aabbb079b4f29f9b059dcf45f6af03f9164b1be3270e5ddd41f72d16e7ad9e6ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b45bb36a-05ae-479a-ab6e-7d8fcc36c7fa\index-dir\the-real-index~RFe578fec.TMP

MD5 0e567ce176ec123dc54d21c95dbe03fd
SHA1 46269df97dd4eaae50b9439428d7a2070a7f6a73
SHA256 4b0c711d892716c3386fd584457a6a43879f95bec5da743f7b4d2d4cc3498c53
SHA512 ce82d8bae4a51846e74f40446d86c6a9b678b8e4dd0adad8b4b33eeed6e90cd1f59759d509f702f5112bc0bb065a36374e825232bab3df5ad47f25283694150f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b45bb36a-05ae-479a-ab6e-7d8fcc36c7fa\index-dir\the-real-index

MD5 1c0b1a00fbf31719774be41004a85d7c
SHA1 e52497b078c4d5c84d2011d081510210089ce387
SHA256 5a2b28237fa330676bb70122416fdf86f9ff952f8e75d01fbf48b8a0983d4ee5
SHA512 6ad6881ce6abdc27a6e4808116de8f8195202b414c6a39b401a81c0466a0b1845a36397b81de70efd4cf0e6deeae7aebedabfbc5513e0806b51345401415ed4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\84f62182-8618-49ff-9573-cd1dde9c18d7\index-dir\the-real-index~RFe57928b.TMP

MD5 96202958c462b70a5bec6f609270d36b
SHA1 6ac0b2a3e3699e7b40a1a8e4202a45f58cde4551
SHA256 66faff43cd45a97d5e0312990251ff954e3c94d7f3f34625374de28280fabaf6
SHA512 c4747e8dd675e1abbbbe4b0bab740081904206c2acf853c6275d41e0ed88b780df0c10900a91c65b1dfa3533c25609365ef8fc3b969b356021c24e5575403911

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\84f62182-8618-49ff-9573-cd1dde9c18d7\index-dir\the-real-index

MD5 519d67a45a4070aea5bf7e5c0badf5f0
SHA1 0a9191049c884fe131a1e5240c068ce72a4a410b
SHA256 4bfcf0b7725eeed9cd4fa7e8adc4474b761843278ca3a83c59ca57bbcd8b0a2d
SHA512 38681c5142e15adaa4b5ef88bf0671524243f77a1f6b5e10d6ea9d1533d294d378a641780a09c7256db95761b1c044c658824aeb1aa62169454f0a87cccd615e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 735f4b42fae07f5d76f6c2bec12f6582
SHA1 24ddffa33073cd3032556d4f593bae9c14c752bf
SHA256 3c73d651124260e7160cc4b3a1a1eac409d28983d1991fa770a1aaa3c8a2c766
SHA512 bbe331bb124373dc676672969465411abaa6dd61f77feba341e5094eb5474809e267a64ce37dc42785323a1b0bffd9f1feac909d6a69905ceb033aefebb79d20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1dd73587d8e40314432c73a6fe70d027
SHA1 f8e02095907cc45250305201c9b99039594e545b
SHA256 4711821d23dc61b0fbdd92cb2733e69878b112ddaf92926e486e494441cfc64f
SHA512 d386942279853849402e1831b349ef5895e0afaa9582413f1d81ba6082a6dee9f2eb4f75581d14128ce12f16a3a4efe01ff8813cc66a679912bd25b1a821547a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 71d44035043e519af922b96647349ed1
SHA1 bc67e21d9d6b077444aeb8ec2644d97986e87509
SHA256 89708c8e8421c490123edf4e7c7b78946470adf6c44a9ca4a02e18f2ee334da6
SHA512 b0954598f9908d4e14c2b808c05034788e59dabeed72956fcf91be17380e49afd8c4d6e264bf6ec6c66daac5a8023820c1511e2c779261505dfbe89018f65faf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0dfad7005731778f827ee372cf7d6f4f
SHA1 5900a6ac912b5d3ec56612fdde47ee3304b3373b
SHA256 8ff4cb2f46c29ef7f69f86db1ac3fc861eeceaa44528f7596638336d7e003ea6
SHA512 e2ab6743554059f0307fe4563f1d00a7583dd3aeba66c27b55ff7bdb32b2ba70f370c8236d0b5234e43cc45ec41e60f2412a8c4259c8ffcd17c885f5536fd4e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b6d8a3700cd68741382c512a4fa90aaa
SHA1 219f8bfb591e864d33d3eddf6caae9286013b621
SHA256 b5b7a0b73b68ea59d53fe7d5c0713fc12716f4c154184fdc09a9ecbe28bdd306
SHA512 57720a22d4bac602f7c48083a10dba8cc3c1c0cafbc444f8b654effcce45f8d04b59527961d511901d2305fc4ab5057516c0738ba2e921c7c8f3d785c93854ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9d6acea289f1e8d3a5ce30d8dadbb8cf
SHA1 3f3679b394e89a9a7738d36de9f57e396d66439f
SHA256 77474d6a4224e005c950f6f37c60aa18dd001339c3ae2043abebb71ebf68992e
SHA512 331e2e67da523e19cda45cf5c47d162cce08ea0c66ce1592c947f4f200575c516788ad13844d85343d9a6e7d557467cac0bb5cb37d0420cc87d48f7f5f38772d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 a67582d70b68075f9f5e8076cd8c2de8
SHA1 6741ba09b639fce95e68ba6500f325875fe1462c
SHA256 8ca32a8d624f50fa827b5883aa02bacc2cea61b56d47cd986ea695a8e87aebae
SHA512 bfd9f662bb0b5719e84acc7872bc68bade630c2312aa566bd35456f36e4ec05c13d306fccd08cbd640490a328669dd42aaf849a2b14316f0552c756fa198a76c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 305edeb614803b69786d0ccad1778e7d
SHA1 d4ab255b1da35a4b38962b7eae225cc875ee5192
SHA256 02b9df82f8a6ce3a89f75176d47ab53eb44912982d2f85507b3b31de08e5275c
SHA512 e35a4e664e21de419adbd0fcf45d4038516ceb66e2d8b6e0b2e7da99015636a41f9cc49c6c3cac55721df8b00ca15e4caf135fba7e0f78dacbec014f319d7560

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 92a2fd374fb07edd0ed76e3dd91563b7
SHA1 e23eb423d32f9ab836c26a3496bfdd92bc9387ec
SHA256 5ec1e0cd4d0bc8663cff94d7cf59adf2d4f94c2a236dd36e6fbfab85188af2a8
SHA512 25e15381aeebca361f996b2738ec9dd03f33e8ae62578a1134c6661ffa11c66add3ceeb828428ce70c160fa3358034fee68b93ba3b41d876476106613fade3ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

MD5 b30874b91004d9d20e6cbd05b4e55bbf
SHA1 51e18f30c2a137aabc5b5fe3a1ae628c29eac5fe
SHA256 48d56e642c01cd162b10e98180db4b794f1f249f62a8710c391054deceeb08a3
SHA512 b476134cd15bbe1765971e76ffe8e9e8953684ef095c03e59a0ba28c90bdc50fef16eb32e53bff367a912f088270266fc48e8dcd9cb91b895b3321e20a04867b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 dcd55d9625670a508df19ed0ec7a0291
SHA1 1b03515edb7abeceb7347fa6a8556136ce99bc4b
SHA256 d2cb7e75217d779c9d26b653a6a18aed24d7205faf7e1141cf9d901e46ae7aba
SHA512 0b2092c0786972a4eeb5a151ed620a75b6e9df66d44ef87bc1b1c3b1b3fe8a942e569fa709873cd2084c625382f807fe73bcdcc88c2c1c5271551935e5cc8fdf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c05dc33eb0913b33877cf44a641f3294
SHA1 ff63f6b7f750f8a81193d87a399298e61f492e08
SHA256 3ff9bb99eab9be7d7d446e2a6d94f17f8916da5adea27c0a56c4851b8f71833f
SHA512 f5f7fbb9431de28b51fa977a0dcfca20b1f93a62674d2cc70ae5558fbe33a78fb06207e6b81f538d5cfe90986e9f8eb81a31b7b0d80b96cfeec78dcb2373af57