Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://youtube.com was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-22 18:34
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-22 18:34
Reported
2024-03-22 19:33
Platform
win10v2004-20240226-en
Max time kernel
1800s
Max time network
1685s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtube.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab57746f8,0x7ffab5774708,0x7ffab5774718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5112 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x414
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5156 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,17826036765469288703,3274152042799077093,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1376 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 142.250.179.174:443 | youtube.com | tcp |
| NL | 142.250.179.174:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| IE | 209.85.203.84:443 | accounts.google.com | tcp |
| IE | 209.85.203.84:443 | accounts.google.com | udp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 35.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.203.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr5---sn-q4flrnez.googlevideo.com | udp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | tcp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | udp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 202.191.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.250.179.198:443 | static.doubleclick.net | tcp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.179.250.142.in-addr.arpa | udp |
| US | 173.194.191.202:443 | rr5---sn-q4flrnez.googlevideo.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| NL | 142.250.179.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.39.110:443 | play.google.com | tcp |
| NL | 142.251.39.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.230.140.95.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.39.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 216.58.214.14:443 | www.youtube.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e0811105475d528ab174dfdb69f935f3 |
| SHA1 | dd9689f0f70a07b4e6fb29607e42d2d5faf1f516 |
| SHA256 | c91388c87878a9e2c530c6096dbdd993b0a26fefe8ad797e0133547225032d6c |
| SHA512 | 8374a721ea3ff3a1ea70d8a074e5c193dbba27ba7e301f19cea89d648b2378c376e48310c33fe81078cd40b1863daec935e8ac22e8e3878dc3a5bb529d028852 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 47b2c6613360b818825d076d14c051f7 |
| SHA1 | 7df7304568313a06540f490bf3305cb89bc03e5c |
| SHA256 | 47a22bea2e7d0154c59bf5d8790ec68274eb05e9fa6cf0eab0d648121f1a02ac |
| SHA512 | 08d2366fc1ce87dbe96b9bf997e4c59c9206fcfea47c1f17b01e79aeb0580f25cac5c7349bb453a50775b2743053446653f4129f835f81f4a8547ca392557aac |
\??\pipe\LOCAL\crashpad_4624_TFJGRERTXJVBIBFO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fecd85a47b6a41754934aca22ce8901f |
| SHA1 | aea3526f6839163f3811f164d7b8c56fdf4e8b22 |
| SHA256 | a042911bdc9160eb3a3a5030dd455a77d69f8cbba1fb3ad8055342854ce28d79 |
| SHA512 | cdfc7eddd12946cc4e590d232691847354ec6d8d103fb18f3a6d25e3b63b0782c2cc91357b7f189e2f42c7649cb7f43d3b656fe6de2b525b44a228bc4cc21d5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 56be1c0198959a9d07fcff51bd99ce32 |
| SHA1 | 78b38b4ec70e6b2ca33da6814e3b533ecb86db3a |
| SHA256 | 0e68217b678767f0802e5259f371b863427f3d463945aa0fa0fc51782df5341f |
| SHA512 | 29af6762c52030a1a382af4006070a914530842ecd7be2438f2fd9649b5566ac0048d62657352fd2a2cde064b79438bd89ceedac7d61bc45d3172ba5a1580e5e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fb0ec513f16a0c7b60451c473c681236 |
| SHA1 | 5d235dd5c3f7213fa55f110f0e0cd72055f35cb4 |
| SHA256 | ba16705d97fc3a6509847647306db832b2fa0a6f2f066fb9465ce24756a00053 |
| SHA512 | 6de7e0c0bf9db422a4ba5fa16bc753927764e7a662d55b8cd391824f586431dd2d6cfeb9cc92903e89c6d087e14336cedba60c7d269872700bbcbf22f5fcd02d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d85e58cc9d4059b84e0059580fd9b2ea |
| SHA1 | 01f7da7d84914f118171553c9773f9ab7f90a3ec |
| SHA256 | 91583db442af15fa73f0e077b8268ca2e146e145c580389df69c632ddda955e5 |
| SHA512 | f47704f7579213c9462017b1fd8663438a104ded2d4d45a1dd2a203fb84d94abe1b44004becb19bba13ba5250cf6b48ccf2cc0543cd46269042e79f67b9714c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a8d4a6775375fb771b3dac89256ee1c8 |
| SHA1 | 655fb22a7ab70c2a62723d7c35ba74e521a1e6d9 |
| SHA256 | 5b5433b0fe1d84da802196c0570fe296647743d678f5cfa14715dc9a61cf3627 |
| SHA512 | 359211b5ea72c2bb65ecdda3a6a9146005cfcd3387ac5c89512768ae9f52afd72e305c9d43511c687ae846f9de82afa6b8a3e70adc1e2e8125b5e76e5f2bab31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2e4b3ddf7fa6de38aff667329f812aa |
| SHA1 | 7d447abcc4210f027b3bd721739ee0a38fd4238a |
| SHA256 | 22993a19de628540f0f79eca1381c1d62068b885e78466acac815217ba7cf29e |
| SHA512 | d4317f5b1a27223b29d122255f487555ddf66cc2b176e49059a69d008b9beb4d0cc74c636b5b3098c3a3f6a9b7549df0a57b0a0a866b4ce1f4ad6c508700ea6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 272e997d9b98fe73648bf19fadb645bf |
| SHA1 | fab6c1f4bd7e6c823b63fe13e46ea1b26ae3087c |
| SHA256 | d0dfd2255b68c6fa60566e36525ed56124be195594d2c70c28673b8d22e5e23e |
| SHA512 | b98f9c8cb5b6ca19cc506e500b632031935d35fbd2ef82472612ce51b120f69fc78b8167404d0939fbaf3e335ecc61586196180968fa75e021dca8d2a7b56dd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe578b67.TMP
| MD5 | 2dd155b9bbca4bf5c517b4a210f1b934 |
| SHA1 | 4ca86dbddf6e7305143eba8fa1775d49e3725f1f |
| SHA256 | 72d71a9e96723f9bca364a74d4fb080898cdf117b6c2bf251ce8d75956cfdeea |
| SHA512 | 0468bbe1bf772073fd7c9099d41591e67f98a6b7d0f9a868f3b3ccbcfb61f9638172a75e495d6ea0469366d8abae3f564be5804b3a156486becd73e6287d3f4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 29de90ad57f2716b0c0e66a44821710f |
| SHA1 | e7cb9ee97f0e6ed3d23ac837a38a6eea99bdfccf |
| SHA256 | 446d80752ef9bf7bc01af0599cf3085590a994168b2ee05d5ce94042e1702541 |
| SHA512 | d4911456aca0ac9769dc741eeb2f17c08f6f0ad167993d39b8af8580cc86358aabbb079b4f29f9b059dcf45f6af03f9164b1be3270e5ddd41f72d16e7ad9e6ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b45bb36a-05ae-479a-ab6e-7d8fcc36c7fa\index-dir\the-real-index~RFe578fec.TMP
| MD5 | 0e567ce176ec123dc54d21c95dbe03fd |
| SHA1 | 46269df97dd4eaae50b9439428d7a2070a7f6a73 |
| SHA256 | 4b0c711d892716c3386fd584457a6a43879f95bec5da743f7b4d2d4cc3498c53 |
| SHA512 | ce82d8bae4a51846e74f40446d86c6a9b678b8e4dd0adad8b4b33eeed6e90cd1f59759d509f702f5112bc0bb065a36374e825232bab3df5ad47f25283694150f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b45bb36a-05ae-479a-ab6e-7d8fcc36c7fa\index-dir\the-real-index
| MD5 | 1c0b1a00fbf31719774be41004a85d7c |
| SHA1 | e52497b078c4d5c84d2011d081510210089ce387 |
| SHA256 | 5a2b28237fa330676bb70122416fdf86f9ff952f8e75d01fbf48b8a0983d4ee5 |
| SHA512 | 6ad6881ce6abdc27a6e4808116de8f8195202b414c6a39b401a81c0466a0b1845a36397b81de70efd4cf0e6deeae7aebedabfbc5513e0806b51345401415ed4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\84f62182-8618-49ff-9573-cd1dde9c18d7\index-dir\the-real-index~RFe57928b.TMP
| MD5 | 96202958c462b70a5bec6f609270d36b |
| SHA1 | 6ac0b2a3e3699e7b40a1a8e4202a45f58cde4551 |
| SHA256 | 66faff43cd45a97d5e0312990251ff954e3c94d7f3f34625374de28280fabaf6 |
| SHA512 | c4747e8dd675e1abbbbe4b0bab740081904206c2acf853c6275d41e0ed88b780df0c10900a91c65b1dfa3533c25609365ef8fc3b969b356021c24e5575403911 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\84f62182-8618-49ff-9573-cd1dde9c18d7\index-dir\the-real-index
| MD5 | 519d67a45a4070aea5bf7e5c0badf5f0 |
| SHA1 | 0a9191049c884fe131a1e5240c068ce72a4a410b |
| SHA256 | 4bfcf0b7725eeed9cd4fa7e8adc4474b761843278ca3a83c59ca57bbcd8b0a2d |
| SHA512 | 38681c5142e15adaa4b5ef88bf0671524243f77a1f6b5e10d6ea9d1533d294d378a641780a09c7256db95761b1c044c658824aeb1aa62169454f0a87cccd615e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 735f4b42fae07f5d76f6c2bec12f6582 |
| SHA1 | 24ddffa33073cd3032556d4f593bae9c14c752bf |
| SHA256 | 3c73d651124260e7160cc4b3a1a1eac409d28983d1991fa770a1aaa3c8a2c766 |
| SHA512 | bbe331bb124373dc676672969465411abaa6dd61f77feba341e5094eb5474809e267a64ce37dc42785323a1b0bffd9f1feac909d6a69905ceb033aefebb79d20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1dd73587d8e40314432c73a6fe70d027 |
| SHA1 | f8e02095907cc45250305201c9b99039594e545b |
| SHA256 | 4711821d23dc61b0fbdd92cb2733e69878b112ddaf92926e486e494441cfc64f |
| SHA512 | d386942279853849402e1831b349ef5895e0afaa9582413f1d81ba6082a6dee9f2eb4f75581d14128ce12f16a3a4efe01ff8813cc66a679912bd25b1a821547a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 71d44035043e519af922b96647349ed1 |
| SHA1 | bc67e21d9d6b077444aeb8ec2644d97986e87509 |
| SHA256 | 89708c8e8421c490123edf4e7c7b78946470adf6c44a9ca4a02e18f2ee334da6 |
| SHA512 | b0954598f9908d4e14c2b808c05034788e59dabeed72956fcf91be17380e49afd8c4d6e264bf6ec6c66daac5a8023820c1511e2c779261505dfbe89018f65faf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0dfad7005731778f827ee372cf7d6f4f |
| SHA1 | 5900a6ac912b5d3ec56612fdde47ee3304b3373b |
| SHA256 | 8ff4cb2f46c29ef7f69f86db1ac3fc861eeceaa44528f7596638336d7e003ea6 |
| SHA512 | e2ab6743554059f0307fe4563f1d00a7583dd3aeba66c27b55ff7bdb32b2ba70f370c8236d0b5234e43cc45ec41e60f2412a8c4259c8ffcd17c885f5536fd4e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b6d8a3700cd68741382c512a4fa90aaa |
| SHA1 | 219f8bfb591e864d33d3eddf6caae9286013b621 |
| SHA256 | b5b7a0b73b68ea59d53fe7d5c0713fc12716f4c154184fdc09a9ecbe28bdd306 |
| SHA512 | 57720a22d4bac602f7c48083a10dba8cc3c1c0cafbc444f8b654effcce45f8d04b59527961d511901d2305fc4ab5057516c0738ba2e921c7c8f3d785c93854ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9d6acea289f1e8d3a5ce30d8dadbb8cf |
| SHA1 | 3f3679b394e89a9a7738d36de9f57e396d66439f |
| SHA256 | 77474d6a4224e005c950f6f37c60aa18dd001339c3ae2043abebb71ebf68992e |
| SHA512 | 331e2e67da523e19cda45cf5c47d162cce08ea0c66ce1592c947f4f200575c516788ad13844d85343d9a6e7d557467cac0bb5cb37d0420cc87d48f7f5f38772d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | a67582d70b68075f9f5e8076cd8c2de8 |
| SHA1 | 6741ba09b639fce95e68ba6500f325875fe1462c |
| SHA256 | 8ca32a8d624f50fa827b5883aa02bacc2cea61b56d47cd986ea695a8e87aebae |
| SHA512 | bfd9f662bb0b5719e84acc7872bc68bade630c2312aa566bd35456f36e4ec05c13d306fccd08cbd640490a328669dd42aaf849a2b14316f0552c756fa198a76c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | 305edeb614803b69786d0ccad1778e7d |
| SHA1 | d4ab255b1da35a4b38962b7eae225cc875ee5192 |
| SHA256 | 02b9df82f8a6ce3a89f75176d47ab53eb44912982d2f85507b3b31de08e5275c |
| SHA512 | e35a4e664e21de419adbd0fcf45d4038516ceb66e2d8b6e0b2e7da99015636a41f9cc49c6c3cac55721df8b00ca15e4caf135fba7e0f78dacbec014f319d7560 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 92a2fd374fb07edd0ed76e3dd91563b7 |
| SHA1 | e23eb423d32f9ab836c26a3496bfdd92bc9387ec |
| SHA256 | 5ec1e0cd4d0bc8663cff94d7cf59adf2d4f94c2a236dd36e6fbfab85188af2a8 |
| SHA512 | 25e15381aeebca361f996b2738ec9dd03f33e8ae62578a1134c6661ffa11c66add3ceeb828428ce70c160fa3358034fee68b93ba3b41d876476106613fade3ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
| MD5 | b30874b91004d9d20e6cbd05b4e55bbf |
| SHA1 | 51e18f30c2a137aabc5b5fe3a1ae628c29eac5fe |
| SHA256 | 48d56e642c01cd162b10e98180db4b794f1f249f62a8710c391054deceeb08a3 |
| SHA512 | b476134cd15bbe1765971e76ffe8e9e8953684ef095c03e59a0ba28c90bdc50fef16eb32e53bff367a912f088270266fc48e8dcd9cb91b895b3321e20a04867b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
| MD5 | dcd55d9625670a508df19ed0ec7a0291 |
| SHA1 | 1b03515edb7abeceb7347fa6a8556136ce99bc4b |
| SHA256 | d2cb7e75217d779c9d26b653a6a18aed24d7205faf7e1141cf9d901e46ae7aba |
| SHA512 | 0b2092c0786972a4eeb5a151ed620a75b6e9df66d44ef87bc1b1c3b1b3fe8a942e569fa709873cd2084c625382f807fe73bcdcc88c2c1c5271551935e5cc8fdf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c05dc33eb0913b33877cf44a641f3294 |
| SHA1 | ff63f6b7f750f8a81193d87a399298e61f492e08 |
| SHA256 | 3ff9bb99eab9be7d7d446e2a6d94f17f8916da5adea27c0a56c4851b8f71833f |
| SHA512 | f5f7fbb9431de28b51fa977a0dcfca20b1f93a62674d2cc70ae5558fbe33a78fb06207e6b81f538d5cfe90986e9f8eb81a31b7b0d80b96cfeec78dcb2373af57 |