Analysis Overview
Threat Level: Known bad
The file https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe was found to be: Known bad.
Malicious Activity Summary
ZGRat
Detect ZGRat V1
RedLine payload
RedLine
Reads user/profile data of web browsers
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Accesses cryptocurrency files/wallets, possible credential harvesting
Suspicious use of SetThreadContext
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Checks processor information in registry
Checks SCSI registry key(s)
Enumerates system info in registry
Opens file in notepad (likely ransom note)
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-10 15:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-10 15:56
Reported
2024-04-10 16:03
Platform
win10v2004-20240226-en
Max time kernel
394s
Max time network
382s
Command Line
Signatures
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
ZGRat
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 3252 set thread context of 972 | N/A | C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 3916 set thread context of 2384 | N/A | C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 2400 set thread context of 3320 | N/A | C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 5040 set thread context of 4848 | N/A | C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-275798769-4264537674-1142822080-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/7humb/bug-free-adventure/releases/download/test1/Win_Installer.x32-x64.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdb45046f8,0x7ffdb4504708,0x7ffdb4504718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5504 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5640 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2100,14706762195926867700,7409221504382390811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe
"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffdb45046f8,0x7ffdb4504708,0x7ffdb4504718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3008 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,2400889719027072586,14167148374497097850,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe
"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\key.txt
C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe
"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe
"C:\Users\Admin\Downloads\GalaxyProj33ct2.37v\GalaxyProj3ct2.37v\Loader.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 16.43.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | repository-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 104.20.138.65:443 | tinyurl.com | tcp |
| US | 104.20.138.65:443 | tinyurl.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.170:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 65.138.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| RU | 147.45.47.64:11837 | tcp | |
| US | 8.8.8.8:53 | 64.47.45.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.73.42.20.in-addr.arpa | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| RU | 147.45.47.64:11837 | tcp | |
| RU | 147.45.47.64:11837 | tcp | |
| RU | 147.45.47.64:11837 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1eb86108cb8f5a956fdf48efbd5d06fe |
| SHA1 | 7b2b299f753798e4891df2d9cbf30f94b39ef924 |
| SHA256 | 1b53367e0041d54af89e7dd59733231f5da1393c551ed2b943c89166c0baca40 |
| SHA512 | e2a661437688a4a01a6eb3b2bd7979ecf96b806f5a487d39354a7f0d44cb693a3b1c2cf6b1247b04e4106cc816105e982569572042bdddb3cd5bec23b4fce29d |
\??\pipe\LOCAL\crashpad_4672_LCFHNXEKSHNYNUQQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f35bb0615bb9816f562b83304e456294 |
| SHA1 | 1049e2bd3e1bbb4cea572467d7c4a96648659cb4 |
| SHA256 | 05e80abd624454e5b860a08f40ddf33d672c3fed319aac180b7de5754bc07b71 |
| SHA512 | db9100f3e324e74a9c58c7d9f50c25eaa4c6c4553c93bab9b80c6f7bef777db04111ebcd679f94015203b240fe9f4f371cae0d4290ec891a4173c746ff4b11c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a3486c7c0742e8c82c8331d92477a0ee |
| SHA1 | 0a195149f61b2931bfe328df75a3d2b6d5c8221d |
| SHA256 | 167ce3f68075351aa2109bb9c9ea2df880b48cd2def3a0b21af60bce82db8676 |
| SHA512 | 9b06fb381b0556ccf9cf05bbe6ca8e3479bee427c3c65190f87bb3342ac2f0d5c9e7c55fe3010765c65dd751c03846cca3fff34ba8bf4bd30853a7983a011429 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9280204935258ae1d74ac8a52f61e521 |
| SHA1 | e4a55f868c8151bb4ce6f47a4211499c4b2591b8 |
| SHA256 | 2e55df3ae754954e730ec80c3b05d85218434f79959ffd09dadcb34dc4fbed77 |
| SHA512 | 2b0325ec13dea93ad51f78e3f5f88e1b7f2289c03c4d1cb89d9949fc45d0fa414c24c19d9d42d133441ac00593413c5e803374fd0c765b1c048c411f8763f4b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11a362a08e97fe670a0b10957e7cf478 |
| SHA1 | 8a6775ea06b291df58e263dd4b55618639d4a46c |
| SHA256 | 3e705cf7896aae903ee87867444e448e5ed53e3532a2d410ec0d328756b30a20 |
| SHA512 | 390aa0354bd9887ec70c9c05b506123f66f6e850da8c903cbea17d3488b9f24d5a8a2964849416f150657c16a1e6571a6630839a4e0b290269acb5af5a970376 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c85a3f894194050abbe30b4299cdf37b |
| SHA1 | a8ab8c9b81ee12ccee580d21a350d9109a4e3b52 |
| SHA256 | b79e924b98f966d73248404611f7e9bb3c30340999dd18cdff7ac2c63b480baa |
| SHA512 | 6c4de7ecc51aafb03d409f5182e6acb036936c0478f577dfe6b5bbda299aadc4c2afecfa3aeadcebf9047f826996e53e47dd9dfb59a624f18f057866fa2b5075 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579858.TMP
| MD5 | 6fa3b1c89296301ed4659697f4aa7357 |
| SHA1 | dc643d84a87715dcc581afb6df79c347ab511376 |
| SHA256 | a2fc84243b8561dba32d40e1638911a634a27c7bd54099801bf92c2ac75d0c1a |
| SHA512 | 13684ab70fc0cd41f1b0b84700a407e4794bb2f8697858ded3255d77fb7a2c11f0912a382686f59fe8e27d72fb2882d254c3753eff39dbdbc5592485ab0e4256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d9f3b8b1cf6ba03db1661aee86089760 |
| SHA1 | 56abfd8deadb68226d66aa73cb0d583bd7a01652 |
| SHA256 | bb4bc63317840876bcddc6eee289c38a754368792c2b58ba016f0e1e60806ff3 |
| SHA512 | 433af67992793832b077430137b2730f12a44670bfc49658a54afef363a28cf4c50e4fde522bf83f3ddee7dab015509434bbcb6d2e5d3b68904c971e633c7428 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 14a3adf62193a038d89ed5b268a62a9c |
| SHA1 | ef78f64d30956ef7fb404fab93c0b22400d0df94 |
| SHA256 | d55e006bc45032b1940e1bd7cf1b0509cebc18440e5841bda797a57ea7431e0f |
| SHA512 | 0d7b754016368a2ca92447e1023b888ae01b87db03bf927bfe4a06062ba20fbab52a48dcd613ad8afd79c24ff4059a76ac6fcd8c6cc704458e9ef2ffd7c16904 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 8b2813296f6e3577e9ac2eb518ac437e |
| SHA1 | 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86 |
| SHA256 | befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d |
| SHA512 | a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 96ce40750efb03a4ba1d1e48f811caec |
| SHA1 | 7f2bb9201e59595b8a8bce8c666f4d037554a6d6 |
| SHA256 | a06c7e802d9052e2d720e93213165ef3c96706e3b713dc1af274c5dba69e5a90 |
| SHA512 | f677afe8f5b407c68ba96406531b361102d412a40ac598d54828bd22fc1f89ca3923e6382af5c100de8e93718db347ffcdfcf3067060da33a78b299c3f71864e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 646c7112aeb6caf64723341c6ecf3381 |
| SHA1 | 363ac729dd6ae7f3de12e2cc8c8434e174b98151 |
| SHA256 | 90c517159291bbff2bff7aa7011c9c1d85aaf22cf7743c9a41c699f1715927fe |
| SHA512 | 1e1cd3a5efb06fd0aed414ef6a72a514d015e7a9f3e615852356d39677bd104b50cc7a7ca356cdfa5fb28d94b614138c57c21002bedae4f291126661c377a8b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | e1831f8fadccd3ffa076214089522cea |
| SHA1 | 10acd26c218ff1bbbe6ac785eab5485045f61881 |
| SHA256 | 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac |
| SHA512 | 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | e1f8c1a199ca38a7811716335fb94d43 |
| SHA1 | e35ea248cba54eb9830c06268004848400461164 |
| SHA256 | 78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c |
| SHA512 | 12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | c1acd3bc96b5b12bd203624c0c92ec68 |
| SHA1 | 2b17fb5a5583eb9ea161114ae7744f902e9e7413 |
| SHA256 | 178730516d150c1aa8ac9573727e47c042b6980dd772fb038b2621831073f97e |
| SHA512 | 0ccbd4edfa4c34326f5408551337a44a50c3183fcdb52962cf2ff390cddbafd10f61535b710443d20998848286479e244fac4ccaa96c04efb166c7a5daca048e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | b69307c2bc631da8616b0d189248d185 |
| SHA1 | afba1d1fe2f2a9271f53e38da03f4d9a018f067a |
| SHA256 | 4df1a514d9a08cada98b794c918b17c257b673310e5308a084c47f328217fc3c |
| SHA512 | 7c4db73a4ec41c384416291296a06cb9af69ab66c3f7d3e0028f41ffba34ff1cb72740182633cca2ab82b8f6ce5e50de2404affa6c50a707e9902d8445dd2bcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | efe81e4daef615b00dbe73ce495ca572 |
| SHA1 | efa6284b26573a32770851c3ccfc54de3d6642d2 |
| SHA256 | 8a2115d91ed4df1f74c0bff1d7800c6c776fed3addf7e6ce4637a1bd0c9f81be |
| SHA512 | a561f8475dc2ec744dad499bfdb45b5c113a216d93c3873321e9fbbf22dfdde932af4dedd5819f4f4e0c8bd614efb77e68825561aaf05ec69c19df6eb7271b06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 655912fc08403bb0b205b0a48382ade7 |
| SHA1 | bb2b8c7a0b3dc0a51e89e2ff44c489d6fbe71f4e |
| SHA256 | 57f0f6b614af04aea62ee92d11636aa0a77adf6ed45a4247775280b7ba1286cf |
| SHA512 | 923aeea7be66a052421376b3981a473ddabe1781cdbb4e85a8e24b18426a91e9a41c78cf8f4261d526f3fda18576518abce6a53a3f94a2ad48a8571fd8b6385d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dfdb7f574251d342cd841750915d860f |
| SHA1 | 5e38fefa78ce95df485ed11378e570f218355762 |
| SHA256 | 4a7841496637a410a541c377f50299fe5e7c732820cd55e01055019153b432c8 |
| SHA512 | 5debf02092eb523d3d4bc933fc40a8e2b435970e7008e689b6317218f09560e77036c0fe7c895e52d848703554c34f9dbae3e1a83037cc01f2c8caa5276b663b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2baad9a9788dcf60633805a2f2fa707 |
| SHA1 | 699d626965b8bcff666b6752d894f758297de84c |
| SHA256 | 04bbb08d57448cb1f1e553a3a0f28c3df54b9d29ddbb8ae56207b58d41a8a1bc |
| SHA512 | 168f4cddbbcb50c5a0030450b73a5b915bd68cc11201c821d4226c7ac5acb632d7bc399be2f581b8bb4acc522a613ebd93f40fa78c47ebc96397cb2745e6c514 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 8afc0b779211c04de66abb7d3a425b6e |
| SHA1 | cfa3994bff79c945aa3552852aa75801f7029782 |
| SHA256 | 74fd2a65c888063313021b081707991510bfa53e9869626a05c2f4610e006daa |
| SHA512 | 9a9c44507d3810789fb4dc3332d327666f05ae67f8a5fa5d91c8e3d03e91801bf0be550d226824167419d26649d65e684cf41fd0bcca7dcdebf85d518faa211e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | e1bcbcbff08ad26b8ccc9c0a82c5b703 |
| SHA1 | de44d9ba23492404a7663ace05f82147af193268 |
| SHA256 | 8701fd45aabbacc8605d62ec6f64ea910c1bb844b0975f2e78f6e795a122a1d7 |
| SHA512 | f4a011fb066bebe222213462e2fc691ff109da417e1f1909ad16c6a561cb09fc0fdf9a1991d2b748b304701d6b04c903958212c83dd67f890f891f22ea194406 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 047e72b446be4e90386aa7920a4c51b2 |
| SHA1 | 68236cd2b8414d4ba94541904daec688ae87a417 |
| SHA256 | decbf87b75893e31fbc089554eb39f2ec1fb2b05867f63144e2a694e3ab350e6 |
| SHA512 | 8c2c18ff5a45a92c27b14fd48757164e41311eb34294eccb85809bfb67ad31a16ff8673ddf860e1ca4cc4121865c26b2d8caaed413fe059ee26fe856950e0791 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 803ba8a012805c1b8c4df3a265bbb996 |
| SHA1 | fea976034077c789a0e55309f5ba52bb7f7e834b |
| SHA256 | c0c8b0d0b295db445517328e3b9d044900c32c365bb135b010c2b782df80204e |
| SHA512 | a0978de8a00fc5c2461c41ebc4459c36a2b4f3bbe0c2514106afc40396f5b74b45ed499407638fb9031679c8ef61b0625412e132650aaee61b7cf851a7fd756f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 49e66c048d3a6607832056d821ad09f9 |
| SHA1 | 3ce46b6f13966919c0c6c29ba02d9b5fe27a4fab |
| SHA256 | 0db0212aa80fa62b4e51c498b8a379d6cef0efe5d12cff4da22318d628988748 |
| SHA512 | 5135537e703125111b389f8c16e659d4b01fb184c3ae6cb395363b495794532d9368d50b2d2b4ab94552889f5c47634ed0b5c5abf3a76684e4575c77d6fda52f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9ae6ca1c322ab179c012340165eade4e |
| SHA1 | 9f25e23cb41ba651bd223952238ff93678649b1d |
| SHA256 | 335b473c2be038d8fbce16ab18eb579bdadfb26f9087d655b63743a85aaa2c4b |
| SHA512 | 235dbbe5010f18222256386d4fe9d732c3f5461c43c5e89266d1f79b06a208895922c426699b28d4fa75940ed1d73a1404eaf8f73d1e4fb3bedeb90541b5f6a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9eb185d496340387fd3c1f6c14b77ceb |
| SHA1 | fea5c52729e99803e162c56ae7747e1ed443da11 |
| SHA256 | da43eed69d16c18ca5597b64a8a9835a865665e6211fde4ba688e9667f1cca9b |
| SHA512 | c99f94c68e289f81771021928080725ea97493ee8ce18f854bd2c0074515a8e011fea31d73aee9f4739ceda228d1ffe76b0ce8986a047b6a3c200478e057909a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c602567ecb7c521fab39d929143aaa27 |
| SHA1 | 70bed39db1f82b9f0c88bdd6043c5f9bb09d3429 |
| SHA256 | 875c6649d16fe765964a8bc5d0a088cc61591104bdba39c49b76c1b3b7b9bb49 |
| SHA512 | 60ab1a82ef9ca090708b3ebb579474742a8c3f6fdbe0d732651707f449a4aecc15dda61a358f98d4f3ddbe8ce46a40158230b663ff63d8283f3da3b8c80f7683 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ada570a68cdfbae9a3a8fbe0d39f2ef |
| SHA1 | 7b8e9a4cf0c3cf380806df6fd503ecae53af9287 |
| SHA256 | 295b4b9d1d69f2e98d18d2bc1264b6592c603104ae403e3391c5d2b374038e87 |
| SHA512 | 65491295e1cc16ddf0a7d25a29b2eb493039204fb81dcd7350b69faae65b7232e87e4d157831a81cb9167beab1436015eede47881fbff773647e625aa05ffbe2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\286a1787eb6b73cf_0
| MD5 | a29728031e1982670814f02c39d1b203 |
| SHA1 | ced67bb34def39e4982d1b0a12f5480399306c02 |
| SHA256 | 16981ddc34433a2f771d72ab08e45833893e98db865f1bf4a71fa3f76ded1237 |
| SHA512 | 98450e2eb3ce3e80b0fbe097dd188805c2fb9b75c50df89390efba8d43cc9361982299805b1ba78c246f52ab0abd28d33efaf561a2d0ee002d14082a56914ff8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bdab77cef9a22778_0
| MD5 | 6a501201787e1da9d37a28865095fc28 |
| SHA1 | 2bef84ba6eacb7fee61c9c9cd6f86866b519ce94 |
| SHA256 | 2eede2e4bffce7352ac418936612f3536f09c80aeffa69208d9e7a3a86e5fb41 |
| SHA512 | 30e5ac54888502965fc3db582f2239344aa188af4eaf72559b1de9babcea76bf7f6a6e647424130c4298b1ce9028309189ef1b5bc3bd943c8f75171aa51d5b73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc9e1fd4409420f7_0
| MD5 | 66956bd8f379eb6b25d916c1bc6d09d0 |
| SHA1 | 27d914b1ff02e099e4cdbfa7e02138a5f9b181c6 |
| SHA256 | ad2de96e9e170f6a51cf105f85dc949c881c49c9abd1f508715b6c4a868191a6 |
| SHA512 | 90efb5b5cdff34a9f983e419657160092b61a899d1e28f294f31c9e100ec8ca0232a2b6b11feea84f4d6f83e0954ad5316ec64bfaa3456a07890ee6a5ba350ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fff913c37041386a_0
| MD5 | fbb32b1d51a8c755852e92e27fb8a949 |
| SHA1 | 10e517b6a0df445a93dc2dbc35e42ba3cf4bf60c |
| SHA256 | 3e2d13ae6dc0a3885cbd1a1ab39d5c85222efba247ba72ce9c1b40acc9d722c3 |
| SHA512 | 9f7eb032d5118b03fae1e2efd76792c5d9d3bf132cd3a21b59d0634046ea60297cbc96f6731b85cc60c3f3883a49995517d4898562535e849bbd1cf5f066abc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1fe295f4588fc91a_0
| MD5 | f1f70ac977a6602e7fbe908ee11cd411 |
| SHA1 | 874526f1be6f49ce2b3d78cbc1025907268cae68 |
| SHA256 | 93692ebf217d14e883aa2b9aaacc0558a5bb35be1992c6ef02eb16113d6819ea |
| SHA512 | f3849608f8ce02fef5ed0573e4b9148f341e747705fe6732ed736064359d44e48947df9fe91b0f4aa06b410214bce04302b42a7e78c3554cf2599d54290b3469 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f225281f7d549f5_0
| MD5 | c52c244346f2f07542178a744651f1d1 |
| SHA1 | b200ecbdf6629a606d97af857fe28d3806988fdf |
| SHA256 | 6c06f5f912b3820a9ec631073d5305c329f082bb1c793db9630294fffe084fa6 |
| SHA512 | bb03ead32e42ffe7037f0be8b1689cecdd9ee505365d1a66b7dc769a9b26498c3e72fdfd7e0aafe52e238cfeaca0cad05b1a1cdb3880f0cbc8d230c33110651c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ebe10eab84535fd9_0
| MD5 | 104eef3447864ad4b3fd7078b1341545 |
| SHA1 | 2353a324578c5de03193b313fbd5cc384ecbd44d |
| SHA256 | 0e487be1c17f5bd4f554bb14e1b18fd4bba61091eea6740b0a275874488e1ccc |
| SHA512 | bafadce547e18b0b2c34c0717e185fb85aee8600e23d41e5b907ad1aec667fc3f768324bf0579327d68e5466b9589f6fb42dcc2bf86d1e739a5d440b9401f51f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\89911cb6f335fb55_0
| MD5 | 66991388a66f17c40bb33f6d81b947b9 |
| SHA1 | 6faaeeeb5c4a366d64f8d6413a9181961797f2f7 |
| SHA256 | cee573da5d55032f0f07dd9bf02a415050b12622d8a6cb1ee211525dc6f01ad7 |
| SHA512 | 432030523f1def653865396d13ab7a3b8367be91aa0357fb6f474b96a8596125fd692014030826851230e1b678e341c67ea9b12dd801c47d82401807c5bbdca6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\29ee49a9e002c15f_0
| MD5 | 75862a7d8baddc26e14419ed3e84901d |
| SHA1 | a44047d1995d31cc8171654c2522104283b4105e |
| SHA256 | 1fd0400ae83ccd55352fcf312af29bb593acc32e1bcbb62f46f10f202acff006 |
| SHA512 | efcac692b8017dfdff96f67dae3bfcc46544da5a3608a99b1831d3917152a188ed120b6170ad307e8028ba1331ec7067f9ab0571498ea75f678e156df4057fcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd070b7ac1484603_0
| MD5 | c17d7d3e81027b10afa8187d0e0bd7e7 |
| SHA1 | 2775d1f6715ede878c205e16335e72927159770e |
| SHA256 | d25be226be2de82e67f3d8652b9f24cd16f082537c8b1edd1deb544b8c60304f |
| SHA512 | 5e86b8ea9602628d2766b3a37cfd1dfb218627a29497733e7db29f6e2b5594ca79addb7fcbd8fbbf3fd4b54137fdee35fb4a6fbdfc20acc25ad1cad3de5772b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f66233e72c393c10_0
| MD5 | 03019923be7b9e4b1599befeec950fa7 |
| SHA1 | 3b875cd30a5633efcf0f8de07c0307ffc3641b4a |
| SHA256 | a8cd55ca66f1f6bde6a1dff5085a38aa3333fcaacbd5febe50672fecab12be85 |
| SHA512 | c15717dcf3e559bf1f841929239287978c2f6edd965819c03ddbc86923e0bb64d9284e727cdcabec4d60944d44a66ec9998001ef376ba3d1dcc160d6542f1884 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\84ef792e97c5476a_0
| MD5 | e7da1646fd18a5ab35b321e42d73ac74 |
| SHA1 | 005f2df2a2200dd2cf9d0bdb590dcbd263f934c2 |
| SHA256 | 625db887a9eada171b747684ff02432f03070dedd6fcbb73e5cd0a0d787439f2 |
| SHA512 | 54d224b2620a9b58712d959b7d7a7ab797382e63f12861e1d6ad720ab7a10dee199ce640588e9024f4d56d5d4917b37e034745a6a2463483acd2d275b16188ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 29c8b4a6398de6b30c334b7c85eb5f91 |
| SHA1 | cb4730325eab53ab645faa031dba7c1134a54651 |
| SHA256 | a09cf842e858a6ed1bf526d76940eb63d773b6572bf8929221d867c49d49f55e |
| SHA512 | c12de805911fabc1ee5aa8274f86f69bdf6cbe4a05b22e41bcb573bafc24d81e2be7aa2d9198776b627f0440a40fb628c6b19ba79637a0a6d3bb6cc9b682df1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d63a51d556dc5f46a5e52cd20fb915d5 |
| SHA1 | 4f91f251461d538e94a5f80da0538eb9079bb973 |
| SHA256 | e733f492f2ec3a74d070dc918497e8d609d6bba3d336c7e381beedd5fe32552a |
| SHA512 | 39d407d80133135fd262ca6b366cffdb0fa4e86e54eca5c8256fedac9e76687a084b15e7f81fbeb9050b7385b167a4b1d802285b7a1f7dd1e8ed3e90b308766d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6ae52cf7c0166b75_0
| MD5 | 4d8ba5c402859fd0c1cee46277072c09 |
| SHA1 | bd2ad692bc0e90c07784ced802694e43d85b188f |
| SHA256 | f93692217d6b78f4fdcb4a60fbdc5e14aef38bd3509ea2e73da85547c7f2c521 |
| SHA512 | 45a1f290adcad6b27291b73f42a49cffe34ecc06e87b1091f9e5515ae13b26ddbfa4148ee55bb40ad1aff3fa0fbc7bd4750b51bb8a80cde23b3661ff54cf9692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ccee849de80019d2c89ee84cb3675ea7 |
| SHA1 | bb42040bd32baed4919708da5dee2fa5d0d4be31 |
| SHA256 | 02f9d062db40cbd0047b459010842219dde29ec9a2a7ac789debde7cf030111f |
| SHA512 | b97ef303fab3a23bb36a7e50b2ab2c6a848b273f94c93bc499f2b45981c8fe6edb32aa84a07d142db1b438c5dda8d350432bc2e006a629c06665237689f3400e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 194b3ad46118e8e4e7194412ca6f1ddc |
| SHA1 | b0f3b35128e03db88733567cad6a94ed12d2dff2 |
| SHA256 | e8d28ae95d1ae254c2c32fe8332fccef97c580aca89b0b47c96d3e795102029c |
| SHA512 | e2d8bf92ef731894a51b13e0da9b6abbfa8040ae4ee9f2af362d5348d1fc6743e34f6e1b2ae9cb83bc6b53cadf50e41b7fcfc058654924bfb6081a4d336904c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 405b22841f2917076d21d2a1d3832f9f |
| SHA1 | 466ffb915604df28b3c51964aba1880812dc171d |
| SHA256 | 4a77f74890e47b35d959544dc5febdd29c621fb0b13f00efe10ce562332911bb |
| SHA512 | e0b380d63430e19788a67ee5aac63453b8ad7f0e62da7d10334082d45e50849dad9db74b7db5f4d9cff516a26d2c7bb6dde61090bc0ce49000aa4c20b8fca917 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e3b36a45ca134b264d5d543f2b04397b |
| SHA1 | 72071906e658cde48aa23320a3760fa848472ed6 |
| SHA256 | fde9a1639fa677d728aff8660960773d724535645d6b65dc9a7987ca344abcb3 |
| SHA512 | e9771152592bf86519cfb3765270fc54487468537608d1e2c4b744fb1bde3bbbea85da6548c33fb439d7f8c57c650a863832008aa77d77538a4bd7b04f13c6d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d6333a73b9f682700ae027d30c723b86 |
| SHA1 | 54ff3014a79c5924cd88764aa9046699cf02bae4 |
| SHA256 | 39c19fdc9f85c739a6a1ce19ba7b05116c9b0ddaa508eb5bedeaaee3d2ec34ea |
| SHA512 | e59fb4cc6200037d5c3bf2541d8b25fda99c5b7592706b8588cda47c2e8549612fdf5f0cd47eed54e50427d6c309d87a843c705dafc0edaac9cd122a32d3e2ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 939b17598242605d4cda089e4c40e52a |
| SHA1 | cb7e96bbb89879ab97002ef7764e868d8536fdbd |
| SHA256 | 14d0a9ba41b036d7702963b2f0048a670f138372fbc3644ec4f009cd3184e041 |
| SHA512 | d62140ff22453508964a7fc40602adc68b2ceea883eb7e77206a84569b2cb6ffad4b0796371ca28ce1a7110adf58786b374854d5fb1dc53a42588d61c79143e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 0f8092bcce67b0b6b4a308c8887cf0ed |
| SHA1 | a12fd75c93ef65aa7d0b6140bd515334e384beff |
| SHA256 | c410d812fc6eeb6e0f02c719f2d26fe81b0b9d931a3aa29838ca1c29ad43413a |
| SHA512 | 435c6bfd39ddfdcc47c80d396eaa557843083d00223f576e4de3dfde9ebd64c507678ffb994ad0d9c18b17a0b9edf69238f3976554ffd0118c3ab7c9190917af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 063fe934b18300c766e7279114db4b67 |
| SHA1 | d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd |
| SHA256 | 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e |
| SHA512 | 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | da800376add972af643bd5ff723c99a5 |
| SHA1 | 44fe56009c6740ec7e25e33e83a169acff4c6b6c |
| SHA256 | bf252b560c9cc78dfa63abe0ae5caa03b83e99b1ca5fae3c9515483c57aaae3f |
| SHA512 | 292819ce339d4546d478fc0aca22ae63f4b7231f6a0aca3fbe1069d53ad09e1e3c936205cdbeb53bbedbfcbc33f3b6077f84364a150f7627f87ac091de08952d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb5a38eb6d74971f_0
| MD5 | 96f17643e5caa4a32b9ddc3b2ec037e0 |
| SHA1 | b86dcdead39914e451ecf7d0382072bf788834f2 |
| SHA256 | dd131442274f721bee602ca26b30372dc7447ff68c51b3568d8b0e14f20d489d |
| SHA512 | 4a7415f2c338313552547cd9c23cb182f2b4b044f36e3f7cb042dc498827bf7e0e2d64e4dc93127693ff4ead222a8a4b9b0e0d8d8b08d5ec0c3576e7127862a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20f6bd3fa48d5b7a_0
| MD5 | b6a8b9fbaf457cf0e04f95258559dfc7 |
| SHA1 | f134a356e21084e41ee632914e88758a32993b3f |
| SHA256 | 0b4451f68199bc8bf0d1fff0b083a6388fac3542298c9cd3e4628fec63606054 |
| SHA512 | 2bde108e9fbdec8886b06d4c7120caedaedd9b6df7a930c563a19c118ecd1932a5e6291e5bf14ee95ca820cf85ff77d180e9ebcea05126964bf062bdc813ee21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d8ec1bc548746d5_0
| MD5 | 1fbde3875c68dd412ca2b43c71611681 |
| SHA1 | dc2227f4bbabeb6926cccddf32cfdb8e3925e859 |
| SHA256 | 10fd13355583d81a67a63b6812ed013479a96618b884d9ac5a27a86ff628cda8 |
| SHA512 | 0808664daa89aaa4ef4a418331b561a81f9c6412f35d140859ab8bbbff78d0acb8760861cb2a88725652d03d09d5a3d9d316f4e3e162aeab8b8dffc891294b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffe62a08b235c1d9_0
| MD5 | 0bcd93b6d5c6a1c72eee7469295ba3b3 |
| SHA1 | 700400b858ccaccfc33a52841855872095a86a86 |
| SHA256 | 6cce73fd1dbbef29a9bde1445b22b4c58a8030e4e191e82ef5fe21a757b7d62b |
| SHA512 | cca64bc3b0ba5461631c7422263f8211373539de3292da51c56d5c2d2da6fdfe373b6484bb661365d126d6b4b865ae3e293e862b97615be0a93a542fde184fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2501308e6cfb93d6_0
| MD5 | ebe4be532b822f48707190dfa310c0e5 |
| SHA1 | b4fb8f367ff98f3721ac8b8c80ef9b3623dd6121 |
| SHA256 | 35b0f2d4cabd7aeb006d060d2240431295edad70d1260bf2a0ebadf8238d329a |
| SHA512 | b2e1dab1e59f94fd1f6d33858956ee968f028960be32d72b596498d804ca2ef986ba194444025551dcb02a3987d1e976d8525ab6f6365e4c4c544463fc652d1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a298935a5fbcd1d21bf890c05313933d |
| SHA1 | 655c21f9989f02d30d7fade1195c65f362369e2d |
| SHA256 | f9d41aa597f46025fb8ad3234de1b8f96cb6e2378de522c8a029c505fd51f0e6 |
| SHA512 | 741f17642398b10b7c5c7e517cc251838323b62d4b27c70c0c8ef194281ac9cc8171859342dea4368888e6ffff13f7fd068205e2dbb255ec77c12f5382188c97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cfc192dd7b8d0227f429069d00092fe4 |
| SHA1 | 9dcf8ee14da94dfdefc12da8ea1a371c7e7ef5ec |
| SHA256 | 53196f3f88a564a2ed0bfc137a72dba441a117905689302060ebe40bf91ad806 |
| SHA512 | d45f72b7d2ca44755f479862f74dd3d81707be15ddf6b1b4fbfe6b30f662a919c1954e9b72973a20cb2ddac284c4d72618a14808d6b1e49459fa9272deb2f582 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 92e7398d87f30b109dc1c4a2cc9454ef |
| SHA1 | 72354b1a62c4ff70b55b5e6ed0d7888edf6e86cb |
| SHA256 | 784981288145486e71cea7ea2d7fa2263de5167cb033af0f704b4c04ee825114 |
| SHA512 | 40c0f024d1bc97518ba9fb085f013af2f5d48263af61d7031254a375326ca50b8272e80bcb1f11756192ace7f031dc921883d55c9c6d66cf8b4d5fcfc97f5b4a |
C:\Users\Admin\Downloads\Unconfirmed 1100.crdownload
| MD5 | 167e75be8de8a818800e0c26b43aa339 |
| SHA1 | 20ec66ab186b3384575c410fe7914958e0599140 |
| SHA256 | 8a6215bea8008a711c57772bdec4b4fc50d526f3f92768605261fd855a26f544 |
| SHA512 | 349ae918e7ac71bca4bf95bffcf8490e179353a32f7c127d9526cc4fbc9b7b0d3f6a482e79ecd0d7cca18924cfc512c1b8b54f7d68c05770a4debf9e528dbbb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 25311e5edacec8db871945327dedfdb5 |
| SHA1 | 6c10992f2cf9f704d2e91b08f097dc6c1a2351ef |
| SHA256 | b2a54bc96c35fa2f0a80ebc422d765fb437c84fe3897bbc1600f599fa1464b14 |
| SHA512 | 33bbb2268f18709ce26dca9180585ba27282568d8cc27633460d2531a5a9e4c0f10f64b90798959d031f3be95d5ff16a91d83aa5778e965c051acdd4fbf218e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 110c9a61dfac8326c47b7ad12dd33d61 |
| SHA1 | 8b09296e5cdf56ccdacd894ce58d752eece34444 |
| SHA256 | 44a2d0d8b170befb89d2c57da046ad60de283530f41e65d93ffe5d932187e66d |
| SHA512 | 343c9695f7b0035df03eaa25e25fb1c7df955b05c61c77231402e58d45334aade7efff65b4258c3e7d80373ea63cf8f1011589f3851389f7a7c475af91128a3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 431a7717ef9900180efa69c69a04d9c4 |
| SHA1 | 3ab803dd48d39ecdea06cf102ad9482922a5f2bd |
| SHA256 | 186c61aa7c43cd87d425e4ae893674a633693bb5650755ca66e9086bdaf230b3 |
| SHA512 | 22c9c3430aca38348bb4c909c1e3057b3d5b9bed381550765535a6dd4eaeed1ef120675cc7e8418852dc778c8316eb7d30d2b68b19ba4e8ed76e0c8aab420645 |
memory/3252-1138-0x00000000009B0000-0x0000000000A0C000-memory.dmp
memory/3252-1139-0x0000000074640000-0x0000000074DF0000-memory.dmp
memory/3252-1140-0x0000000005540000-0x0000000005550000-memory.dmp
memory/3252-1142-0x0000000005310000-0x0000000005311000-memory.dmp
memory/972-1144-0x0000000000400000-0x000000000044A000-memory.dmp
memory/3252-1147-0x0000000074640000-0x0000000074DF0000-memory.dmp
memory/972-1148-0x0000000005580000-0x0000000005B24000-memory.dmp
memory/972-1150-0x00000000050B0000-0x0000000005142000-memory.dmp
memory/3252-1149-0x0000000002DB0000-0x0000000004DB0000-memory.dmp
memory/972-1151-0x0000000005070000-0x000000000507A000-memory.dmp
memory/972-1152-0x0000000074640000-0x0000000074DF0000-memory.dmp
memory/972-1153-0x0000000005270000-0x0000000005280000-memory.dmp
memory/972-1154-0x00000000066A0000-0x0000000006CB8000-memory.dmp
memory/972-1155-0x00000000061F0000-0x00000000062FA000-memory.dmp
memory/972-1157-0x0000000006180000-0x00000000061BC000-memory.dmp
memory/972-1156-0x0000000006120000-0x0000000006132000-memory.dmp
memory/972-1158-0x0000000006300000-0x000000000634C000-memory.dmp
memory/972-1159-0x0000000006480000-0x00000000064E6000-memory.dmp
memory/972-1160-0x0000000006E40000-0x0000000006EB6000-memory.dmp
memory/972-1161-0x0000000006660000-0x000000000667E000-memory.dmp
memory/972-1162-0x0000000008520000-0x00000000086E2000-memory.dmp
memory/972-1163-0x0000000008C20000-0x000000000914C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 71bad10b51e2bc0bee97ed305d3cf58b |
| SHA1 | 58333165ccfa118d49fbb8aef764742a80199a67 |
| SHA256 | f4367237e9c07bb05ceec6e9b67ca7491506dca2b300927e40202b192b40899f |
| SHA512 | ec6bd0de30572d97e935122e7d88ae24d0328579c787c9679fda5e04282c5991ada57ba024ffd169b68d9255ea5761cf598d2b8d354b1d953cd5d84d7d8c1eb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8392dd399e20e86c5b1591480e73525d |
| SHA1 | 6360880a9ed3af8e83baf2d5fb68dc2f389445b0 |
| SHA256 | 68f68478d9eeb7b195f53bb04df017ad084045e3010eb47f01a54ec35ace1c28 |
| SHA512 | 0e1b04522e12a8b891da59f0536100b798abe95c16f2a48b44d0a31484040163db4177c5ecc4ea700f63ba7dfeb83fe879c770fbedc680ea31a82f22f21cdf43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13357238228148032
| MD5 | b87f49351fd238a8db50ad87a458c708 |
| SHA1 | 26532c2baad76e1465c55994ee6f442a70c01025 |
| SHA256 | b752cb0f173ed12c73f91a18f59e06b0eabe312a835c272dfcd588777514c3cd |
| SHA512 | 9c61d5f5b839e1fccbd6b0444a140cc0c07206727beecb57aa9a2cbddce9946a7034f6c9b6905201000c60d6c6fe3580da6585c5066e0c19e4ea2f4c36d97a39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13357238228258032
| MD5 | 504d2f217b41201a0e67f0636729a2ef |
| SHA1 | 4d3b2db26bb6e19e6eff752d1d40a9d159183426 |
| SHA256 | bf2837250ac02c8f5fcab2fb973bc6b78984855b590f828f41b34e506794e01f |
| SHA512 | 05c7bdb38ea6f974af104372c3796bad0e2778d3fd3230dbb43a8b4b4e13576e84280141cac424de61d165a35d06965c946589c47a84e41795dac24b31d5caf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3221e5d5bfcb4ec660879e2d5ab9218f |
| SHA1 | 6c796331afd906f834920f9199544932e95c60c7 |
| SHA256 | 872b45bf00ebb92a14bee58752ea628dd0374a8d73deb1d146842a678419f82a |
| SHA512 | 70d5007c5130b5b95647315471c7f14bf033edd59115c2a29701587f78e8c373a4699b39c3776d97389e7d86c3a686932719a821f29127609ceeb0c7c5062fe0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 09440db094e5aa40b01d6761989889a2 |
| SHA1 | 0ab2847e6ed104ec21d426adb5daf3a7f9818c11 |
| SHA256 | 66deeba4db183772dfed8bee55aad92dd4add3a2f950dcafc990263de6b552a2 |
| SHA512 | 4f0cad809888487f4370c82f8b7e581ae53af7a5125e00838575f633a3cd284f3f398f3fae352f3ba7e0a36f1dd33f7cc020c2479dd727baf0276825b16cce9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 80c79174d7ba1dd8a083232ea02435f2 |
| SHA1 | c00f6089f948d67467ee20b98b8f5b290030e557 |
| SHA256 | c8802cc093fdda5770f1ec410fc3afc6c907825c03f1bcd60339430a80ccc8aa |
| SHA512 | 1da7423c199b2a3d70160758f728b06b68e99cdd181fdbe71d18781fcd7e6cb55648fc8c918ea902123f4ae59aa467bb209f57a6fa4b28c4c1be52ecd2d410a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 8af6c61252b4273017821a434cfba7dc |
| SHA1 | 6836d10da5ace5265b2b21ea0aa0171f203ee6ee |
| SHA256 | f6df391ee336d5065cab5307b35d93adf48cc988a55546cff879316df3a96085 |
| SHA512 | 0896b8899ea548706a8f2d26fa2d9e9f78cf756ef89fb45f7858ecc5903b75696a70d536f6f597cb49fafb4261070287fdd421a75c814b60749fc75096c22068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | f03e5e7f4c36f1fe1088b8287538462d |
| SHA1 | e20550e6f43b0a9ab4b0838bdfc03b08ba52abec |
| SHA256 | 3caf072531ba8e50b6a5f9e2d6fd00758d59c7601266e81bfeb00089e994ea2f |
| SHA512 | cbfa75ac52b6ef0a81f7e63e5da76e075415ccb4e7cf97b6c5cb5ba1756af15794e26a11e5391e44e0195012165a59eb639366aefcbdc94528fb566b369e599c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | e8d9708327f22ca915d0a5213468ddb2 |
| SHA1 | cd1f1775afe7abfdf5c76bdd7c141ba889043f6f |
| SHA256 | 8dc735d52264bebb6b38b5577077489aa181f6ae43520882211b7134b2e05b76 |
| SHA512 | c93ba5aa5d8fcf10ec80f5db1a82ff847d2193f1e1a998fb18811875b09af70b7935af0ff4273ca82f8e6ba347807b71a66d32b5a4cd9f879a0aef9f3021ab4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 1f7260545fba2e0ccbb1f65e00b74039 |
| SHA1 | 24816dd1456d27addb765b93ffd748af34678bf4 |
| SHA256 | 91e341e087c0a3b932991b797e492c103c74288dbbf8cf67d8e17cf4cbd15733 |
| SHA512 | d4278431dee449acc7cca4521c286457c871c474eff54a9025f754e7c41f4691d3e121e14b52f24bd12e59ae89a8c1a54a8361ebb166c0ee6bc105607c689aad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 338208e7524dd56bbb474fd5485fc9d2 |
| SHA1 | 4693aefeee8b5fbfd5ba531dff6b3913b3fc733c |
| SHA256 | d7ec042243f12f45d0db2968f17bbf52c6cbe38c38c8b8203c93a3a934061d68 |
| SHA512 | 6f82226bd2a5d103c937ac45382a7ed6a6f70d7e649fa949e7c7cfe3af162e8f171d4cbcb32a9686cfa86fc7efd224aca281bd7357e83689ea2791400a441d6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
| MD5 | b53f5aae2227e7a0098af4b88793798f |
| SHA1 | 4e82450bdd012e05a158080519a33e21492b0bbf |
| SHA256 | 8efa68fcd23c08bc97264f211b56bed953b393fe1a2d9a5c786d637b8a3e9f82 |
| SHA512 | 644b8040773a1d23762f8efe841fedcac7b658a408586b9912da362e72eacade13332356f982bcae69aa96853cde44194aee9c51bbdfa424815da3ba0177b091 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | aedd1c0f46075be99ba6fcaae78a5d9e |
| SHA1 | c3f2ef92368679ea7a2b9cbdd82d63a7a92dc42e |
| SHA256 | b3930dd2d2c3bc1d2d823e8698bb36b47e47aa206b2d3d86520170c635b54a51 |
| SHA512 | fe9d2de3fe448bd7e365022365a0ae6e97041ea9e73a936546645ad963a866cb3d5f4f41a6f57d54ce8919bdc446a1d1c1dffe619e312a63f26ab9ae02becb0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 24b8a2fa9eddd8fd2e8c2a6857b1533e |
| SHA1 | 51837aa2b30f629215df830d0c577ce9b3b2dcfe |
| SHA256 | 9e162b5e1f41ab92ba7dd4a0e358dcebab2c2654f9fabaa0b6b917b88d4a0250 |
| SHA512 | b22259325f3d5904ceb922b331fab791feee4f3adefedc2e753905cfd5b83bf43dbe97bba503e629aef3bc2c5fdfbfbc58be8562a3dc3fbefbde64849e3a731b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 98b8030a8eeda09c413606fc46a8e527 |
| SHA1 | ad09689b557fa64a5b0b9084696a47a9ede4f727 |
| SHA256 | 4b57f3b8673159804300b0532a2acaac9ea2424524ed63355efcb6053b9244f8 |
| SHA512 | e9c5c43cb3831734d40d2f03b6c911e549e1a77d2ccdc9468e47fafe2f85a46221da194129e54f40063be2a0077a9cf54aa21c615e08edb6378ff45c2cd1c299 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | ec85f53760f43e76783b7a16c9bbb3c3 |
| SHA1 | db111ee4acb4a324b737f9c0d32a6dec1b579666 |
| SHA256 | e619fa2a021560b86062fd0215f9bce49fc7291ecc8981efad5ea2aa1d268c68 |
| SHA512 | f74bf30af4549381b1a2fec0771439205181e33a24f3b26aa59c6220b287525460b5904d861cc580c7d2bc651802206dae78242364d25b2773af549a2848f4cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 38bcaa7fd5fd8c7f5be0fe9e20a831a4 |
| SHA1 | e33229c4bd8a0bdb035829b3c5cc84ab48014762 |
| SHA256 | d0b8e3bb4b6e319465d6438a343dd72f5211898bea99756a99ea88247a6b2f71 |
| SHA512 | 11e13ec4b99060948b8747ad0d1fe4659836fb1d425efd25052899c88a26b5529816e605607a36e3383ce0803bd5b9007d4818019c88a9d13773cd5335be59dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | 6bc4851424575eaf03ebe2efee6073ab |
| SHA1 | 2d014fe2feb929d03a46322645a94556ca5c9e96 |
| SHA256 | abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e |
| SHA512 | af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
| MD5 | fc97b88a7ce0b008366cd0260b0321dc |
| SHA1 | 4eae02aecb04fa15f0bb62036151fa016e64f7a9 |
| SHA256 | 6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e |
| SHA512 | 889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
| MD5 | 572e2d14a4d022bc65420f5e72daed47 |
| SHA1 | 88c1080bf6980c7a3f43abc41158c28ce339c318 |
| SHA256 | bb9d0afab0b58026dbef998f4c4afd8cccae601e356146831a62b3a5be1e83e5 |
| SHA512 | 5445b7a14a6c86a6e9bba2634221be371fc059effcd9098a3280ab156437f529d04b4eab09c26538b3425c5d52ce0590836019550c4624e5a58d2e5680bace62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
| MD5 | f55234db88c6538e3f4ad45c114435f1 |
| SHA1 | c4dba9a32f50f2d9a27ce81a1d62f7587751e6b6 |
| SHA256 | bf139ca7efd187c36f3ec33691f427205a63ca2707af18bc25430637928d713a |
| SHA512 | 8a621fa5044977bce987b8259dc850faf83f4e82f4df1a7a689dbbb0b9b065676842f7ac462b77f66c3ef892c3272960bf5de4c0dd4f02e85430b368867feda3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004
| MD5 | d22cb8682c6c279a568ed39bdc634f0f |
| SHA1 | 677360e899085b1fe7af0098575842261a6d854a |
| SHA256 | 78b575d52c9342adcc7b89ee8545e0577169b0d520a9924c7d53bc3587b240e0 |
| SHA512 | 2ad0f705556abae3edb620d4370c1e72c749935d6ec079a10272ba2cbfe42d06a67f6fa1c3d80755aef9419391f701e98d479e946708e26980497f438b154ce8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | edb017d3ed50ee867dc2363e57ca63d8 |
| SHA1 | 15a77ce2c0185ecd13a51db2af95ceb2ce10657b |
| SHA256 | 949d11592c29da1016924b81ce6166b240b6e8b106c4056d89312361561288c9 |
| SHA512 | bf7445ec6d43db6ebc05600007054565e3b65bf48e58e78ea9c29f763ad29b37d7aaa81980c8c80a8bc80c885eb10bcd317104d100fddbb20f13169b477bf1bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 45886e389a6ed14e389372f3a055b47d |
| SHA1 | 191f83fb45ae8ef3078d96d86865f38d07005398 |
| SHA256 | 06f2d38d51c31413faa2b37bd1b12bf75e4df1e9d78661b014e7134b1f545b24 |
| SHA512 | 3fe5a714f442bca31c8771cb77ae02ed13527725d65ea685739abe23002c58bfcbcd0088791de425c553ff40351438d93c825164b4711b74964d8f12ab23869b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 30f6eac6674351d8561340e3c5baa1dd |
| SHA1 | 9f5303523d319a41b1e0941090a5542101de4342 |
| SHA256 | 956e5f321685c32b9206a03f827f83a6c7e419af1a340dfdf3ac8ad90cf4d0cd |
| SHA512 | a985caaf613b751549b3236c964fd55ed142523a86ea2becb96e7ddaa8bbf2146e7db3b8de72abd9cb714b87c69e85ab38ec7d8267e04b50341ba6bd7e11c210 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | 8dee9e80e042b5b91b4d8b7e5465d393 |
| SHA1 | 4252a0c20dac7e7456ecf86bcbc76607c0cae8c1 |
| SHA256 | 9538b02ef0163a194e3487df75a8d526c95e3cfd475e7142d040319e46a7d50a |
| SHA512 | d66779d7a48d5560dbce788b5cb3411c35fe1cf78fb30365373a2c91cda4b69f99ac8cdce9282713cbb3f22cc89491834aa98b94e160f22d775b6b7497130a93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 35405d6baa34c6eedf7e898385781583 |
| SHA1 | a10b10a89bd7406ee949238173019dbae258121d |
| SHA256 | e2396d2f1de64acad16ee49f21b3e75931e9bb8b69f8d4cc9e0f17c596ab41d7 |
| SHA512 | d0f3d73f64af21273d48f0a998c477dffb62d780cf7791726164966ee68726b445a054b970fdad3242b243ca2614958dc010d29a2260a8fe6e7eda6a6ea204b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | 78ca7e08fd4b077c73a4eb94de35e408 |
| SHA1 | 3fb89012ba8035dcede59e17d4d6df50da1dd6b2 |
| SHA256 | f9a4e3fcef261b141492523103af4d14fefee28d2056c2e8241e952afd0eee6b |
| SHA512 | eb51604e6959898f1b74287540db8f43e84830fe135b2ac7f4df49cc252abcf0f164d7e5346e89024bd8722e54dc150ff0d7e6a9f6c1fd4cf3af9b03d51fce01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 4a80d1d8a02af073c90f4cc673d39609 |
| SHA1 | fa9813d48fefc9ec72f00f2cde13185f0fec2ede |
| SHA256 | 6e7d91e6309c57897695d14a1ca667d8b1472b8523658b6590bcc17e7e91adf8 |
| SHA512 | cbf862636a3018e27d1e35454bc1ed9e3a539c8139cdab82c9e91659d2dcb5a1747c4a307f5ee4096ba91653db862c1f65b9e4f414a1cb2fc7c8c481e8a8f96b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 340240182920e82ea051d31c396cc814 |
| SHA1 | a8f68fdf6652182e3935a7f88226b78360bd3358 |
| SHA256 | 0f3ffee0349f52a22ca8308fad906dfb520adee45ad1469032fe90ded0b3cdca |
| SHA512 | 9d98f2f42b3d4e940fe740cad68cc147eebf6d866a95904045ef0ddffd5e68e4db879823d04c0d2db38a4e9c8a82716668b9724e308ce09809e39221ed5e54df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | d43d1b4592d8ef45380ece4b689ae9ed |
| SHA1 | 1dfa6f081160debb77eb29db2a96a04131b52f58 |
| SHA256 | 6ea5e35fbab2d9990f8f62865db08d752c80840f3bbd2252ce84996f93e880d7 |
| SHA512 | e5d4c92086c26cb4bdd0af402812e993214a061808e4959bb5d424cdeee39276d4f27cf8774da7947654c60f6354ecca150baa3aefbcdcc805a5c9d9c0360382 |
memory/3252-1225-0x0000000002DB0000-0x0000000004DB0000-memory.dmp
memory/972-1226-0x0000000074640000-0x0000000074DF0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 3e1d3cc1ac470b790d35697d65bb3dad |
| SHA1 | 7960a6ddf32e256d007dbbffd39168e0bf0dfa53 |
| SHA256 | c161b27a7e20c7f3c569f8382702f4807f1b5d40e201ed23db061b02e162b1a9 |
| SHA512 | 4d0242dbf62054785ee4ad5feac568c03dedb2a2f97382b70329961b13e1c1a491373b8347abfd4566364d8a8d365d2d56cf817fcd427489582dfbe69410351a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | b943baa0fcf5b89a4ca1a7a50c239422 |
| SHA1 | 01ab675e9b196d7ca7af52859b19323008fb5be8 |
| SHA256 | 07dcf48926a2d028b8b93b090dcb56de1338196cafea45907cbabba46d62607b |
| SHA512 | 86f4594e06dfaada4b53a1622289b5a9dbcd6755b6da0fe7df19883e1da5d45e19d3e720baf8c9cda4be9d71a8d31dd1099a33ae1586216290fd385cf933d46d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 4310a590b6fca41de854146097fa95c8 |
| SHA1 | 9e873d011fa717d6d0c8a2e036b8b604531c7c59 |
| SHA256 | 88a44be160e9401d195eade726042893f9ec5ef8dce12a7df8bf2a555bee3ef3 |
| SHA512 | 7a21c02f4896b5c7fe99eefbe041353334c15ea7e09afbe28de72437a4ccc1f707f480d07ff21e5d65db0eb8ac3713d78ac7ac7eaf18b67ebaa05fdd132fd6de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
| MD5 | 20d6bf61dd5df0c4482bcaafa831cdbf |
| SHA1 | f9331a4a94a2ca31c534a836a0a2daf60e01e597 |
| SHA256 | 3c72a0289c1a492e40c85c92b76ea57e050ab0b2268949fe116afd53bfaca026 |
| SHA512 | a38848be6ece0f00fc9b8b8bef579e738b93a82534c94a4dd388093f96b4be664b3369d2954bc2cf1b4474a41edc6e61f71aceb1112e8087f23e48c50ebd37de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
memory/972-1245-0x0000000005270000-0x0000000005280000-memory.dmp
memory/972-1247-0x0000000074640000-0x0000000074DF0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | e3de96cad1ab827a302277d82de0d3af |
| SHA1 | b673b5f2bd8f5823f5832fb4af7f106c29e76439 |
| SHA256 | bd924ca225da1739839ff1908e9172ae502b1b03c483099877070b2a79f68ff5 |
| SHA512 | da5f77c6c9605e332159f51657a2ad6af747cc2267c389deb4d2f37b5f1c3e51724ff4da5593f2c7118c50f611770e6c3cad029ec53656f5afda0cf351d99bbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 68f16c645a296b80d87ef7a0a2edc416 |
| SHA1 | d5aa4762aee7402490ee6a49cccc9c842a808d71 |
| SHA256 | 80e1d2e94e135955ab084fc559f0b17a2777e35e9976ef59cf41069d4f858e0f |
| SHA512 | 422782e809fbc0dd11b032b63462f4ef09f53f2cde31ce3518b32a158a992fe0528f47fe176c21e48dcec2e9b9640863013ca7392d395e3d190b2522702b817b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 302efb1ceef3873d366242faee3596fc |
| SHA1 | 6f2c0101013de51ae1ba7ed978cc4a3bea3d6f95 |
| SHA256 | 4939387e798aca388547da87d7d9fd13e8858a5f4e7c5901a0a7cf860cecd479 |
| SHA512 | bfe59e45864e48b57a6e8f0fbdec1e293a42f719529001c1d02bdd93632f1257db13f8debabb776bd5692b013704bbeb9005e24e5df43530fe6d3fa6f5224827 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | bc0763a9648b9fd70654a56c418ceef8 |
| SHA1 | 2d6c63839314127f3875d762ec2c81b5377aa09d |
| SHA256 | 9de59421bb158b79ae89b9982549ef8f9fff1abd6789de45d3b92db9f8c4200b |
| SHA512 | 09e0a7454e26be0a42dfc5c092da4abb1c25eb1d3de7dbae886d556c36aa61253727f0b154370a4a635057d5a157377d616a3bfe8a074b209c3570e82b565287 |
memory/3916-1301-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/3916-1302-0x00000000051D0000-0x00000000051D1000-memory.dmp
memory/3916-1304-0x0000000005270000-0x0000000005280000-memory.dmp
memory/3916-1308-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/3916-1309-0x0000000002CE0000-0x0000000004CE0000-memory.dmp
memory/2384-1310-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/3916-1311-0x0000000002CE0000-0x0000000004CE0000-memory.dmp
memory/2384-1312-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/2384-1313-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/2400-1314-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/2400-1316-0x0000000000F70000-0x0000000000F71000-memory.dmp
memory/2400-1315-0x0000000005020000-0x0000000005030000-memory.dmp
memory/2400-1321-0x0000000002830000-0x0000000004830000-memory.dmp
memory/3320-1323-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/2400-1322-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/3320-1324-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/1852-1325-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1326-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1327-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1332-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1331-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1334-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1333-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1337-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1336-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/1852-1335-0x0000024C6A6F0000-0x0000024C6A6F1000-memory.dmp
memory/5040-1341-0x0000000003210000-0x0000000003211000-memory.dmp
memory/5040-1342-0x00000000057C0000-0x00000000057D0000-memory.dmp
memory/5040-1339-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/5040-1345-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/5040-1346-0x0000000003240000-0x0000000005240000-memory.dmp
memory/4848-1347-0x0000000005AD0000-0x0000000005AE0000-memory.dmp
memory/4848-1348-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/4848-1349-0x00000000746E0000-0x0000000074E90000-memory.dmp
memory/5040-1350-0x0000000003240000-0x0000000005240000-memory.dmp