Malware Analysis Report

2025-01-23 15:26

Sample ID 240418-y5cwnadh36
Target https://github.com/enforcer-pro/ddostor
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://github.com/enforcer-pro/ddostor was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Drops file in Windows directory

Suspicious behavior: MapViewOfSection

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-18 20:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-18 20:21

Reported

2024-04-18 20:23

Platform

win10-20240404-en

Max time kernel

78s

Max time network

87s

Command Line

"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/enforcer-pro/ddostor"

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 08018a32ce91da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "419633838" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{28B1F7C1-6CE2-44CF-8C24-79D5E97FD9B3} = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\Total = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "651" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "132" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "651" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DomStorageState C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\ACGPolicyState = "6" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "704" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "124" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\MrtCache C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-81807878-2351072935-4259904108-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2888 wrote to memory of 4324 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 4324 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 4324 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2888 wrote to memory of 1472 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Processes

C:\Windows\system32\LaunchWinApp.exe

"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/enforcer-pro/ddostor"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 watson.telemetry.microsoft.com udp
US 20.42.65.92:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 7.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 92.65.42.20.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 20.42.65.92:443 watson.telemetry.microsoft.com tcp
US 20.42.65.92:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
NL 23.62.61.171:443 www.bing.com tcp
NL 23.62.61.171:443 www.bing.com tcp
NL 23.62.61.171:443 www.bing.com tcp
NL 23.62.61.171:443 www.bing.com tcp
US 8.8.8.8:53 171.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
NL 23.62.61.155:443 www.bing.com tcp
NL 23.62.61.155:443 www.bing.com tcp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 187.173.246.72.in-addr.arpa udp
US 8.8.8.8:53 155.61.62.23.in-addr.arpa udp

Files

memory/1224-0-0x00000169D8B20000-0x00000169D8B30000-memory.dmp

memory/1224-16-0x00000169D9300000-0x00000169D9310000-memory.dmp

memory/1224-35-0x00000169D5FD0000-0x00000169D5FD2000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\JFQD96F5.cookie

MD5 0d31e8a1c4d0c05b1233b431a4ae35fa
SHA1 d110f736852bb37599e2fcbc5a4215af3ae92d5d
SHA256 8c2fc9d03b506b25d4a90a91175aa76bf90f6eeea2da04039cb020febda89715
SHA512 e958f6f2efe73600979e3ab79f3cb0c8388cb78a2f7913df81700d0a2eb7789d2c7173d21aa4e2cb88ad30ff12c92d9ad6b322e37518b01ad2fd88e82f2507ff

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\ddostor[1].htm

MD5 e724e461952a1ae828ce88d60fb23d78
SHA1 4eda954c633ee519c1ec704a74221bc149d38f81
SHA256 8a18ea36ac02f9af3ca0ed502d01c2ea8edeca9895c37add583e063352daa5c2
SHA512 a68029833ec07a93a4b16aa20fc352360599e83e4731d595f896df036c6edf6cc82e3cd575cdf692c53c30ada0108cc94d9d0db653935380a262b7ffdaa70711

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 444803b9dda66f4fe89514e92040a763
SHA1 21fa43406e4cf07f35cec181c109aa428108320c
SHA256 b66c6e7310ae12c4538a5abd4d26dc393e22626cdc596228529a8793ba70b12c
SHA512 b8185faacd032a720d39fcb067a5ee6dec2e676d55dd5fbb8fc8772fb62327427e0d14f9f68ee46a7c47f280e8915b3a190291e613def3fe6fa33b387fb32500

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C

MD5 d34dcd8b46eb49d87a8378d93e4dc1a5
SHA1 3a14eb147d4eddf72e3c7aa0185fee1247f82f97
SHA256 8caa13a5d3bea9c58cbc9dfb87ac513a7b8597f77c8fd7f414939cd1251b79cb
SHA512 6a9f8473b133ebb7d5c639815a3542a74871e791fb5d2f19216e919e5fc288f0e848df32d77465df5c88b17d7be5ad3f2112bb6025c24048cc4d6451ddbb5c36

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C

MD5 6b88a466eb731c09e1e858d74c9d9c03
SHA1 3a153901f299adfbb1ae154f6173cf5b845d5bf4
SHA256 934623c8f4734b3fe2ef92e63c7f35b3a0389e67d84adb5e00f5b52ce6975819
SHA512 b6d1411363112358d21c0cdf067b5a339cdf028d0b08f0101c885aa22421d93b473aaf6c41ec13b2e7ab825328cd3dfc3181c8b391e4b113d511eaace5201d4b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 702df74cfd9a8f370b4f62f2549af2ef
SHA1 0d03215e18a35d0124acad057c912aab26fdba4d
SHA256 1a8d3a6b6895c1be360226f73fb3b0bd3266feadcd824a1578b318f132b8ae50
SHA512 0b70ef4564cbc43a5ef1375ce1df71da44a4ff56f856b413ebe866c618afa6aab251ff844851eccc57af78a34b39bd44388ae5227a84ea077d9615c4e56a75d4

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 1f63f9e1d510888e09f77c366c059bd6
SHA1 afe9430a3f9eba9af147b1b4c8736f404c565095
SHA256 5587641c11a55a32d7d6525e64dcb57abb622f7508991217594ca23203847d3c
SHA512 1ad69eb4834758010f510e7dffe0e2cc13cf1f9cc42a3307c55d041547d42ec35cbc8274b47265b0861724291e1ad37495f91f6be30dc73374cfd1883788f068

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 1e0f647e049b856a8c4d0f11dee6f7c2
SHA1 dde1301d41f41565db5ca881c8e574e4a3ac8264
SHA256 9ab1971171237fb9f037d228ee7c48bc45273f46552b204329a2c207ff99b318
SHA512 d398b01e4e81c8c28d2cca16dd8450931d5f457d65976cd413c362980d2ddb53c4c2117930a41f9931251534d17969c8bc50e7bf7f32b25948785f1877569a26

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\light-f13f84a2af0d[1].css

MD5 deca261177994c06974b8eed93ab0d5a
SHA1 6df91477da6dcfd0ccbf51fc39f2f31f03acd8fc
SHA256 7dfb4dd6d5448e12ce18a0c186a890f6b9e4550e9e160e83fefcaacdf6decd9e
SHA512 f13f84a2af0df501d75659ef3682b9991894b860be2045d686b276698831c211d69a7df233fa82880f83c633226187e5c4fbfaca2a9983fc0b52454f78fece98

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\primer-primitives-0b5bee5c70e9[1].css

MD5 4a501b962a497016dc70c7dc3f95f859
SHA1 7d50b4e6274c503021751982621678afed30ae6e
SHA256 8a9ace6d9250dd653522dd94b426d1617df95fdfd86264beaccefa22c78fc7d0
SHA512 0b5bee5c70e933f062d7773a200472973456db928fb6dfa0c9bf0ded60b04e4b0100ada3f4234193aca992acd72d196f5b5f458fa4b51636b6bfe9be16c8f191

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\dark-1ee85695b584[1].css

MD5 2f1124986d7087c89cfedbab9e6c5090
SHA1 84af5865a920d527c436719c2b00d9860e68f07e
SHA256 6e28388875a179d32b9788d45aba0cf5901513106aabc738c6f290643505b007
SHA512 1ee85695b5847734f481c143211fe9d590a987f2b56b1772664b7a529455bf19592bcfbeffc4281ed1b6679299244d40112203438e6275271a67c4bf1181fe14

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\primer-44fa1513ddd0[1].css

MD5 cb3b98775e72345614028bcb572389d4
SHA1 bed826567a4dfa8c7b9ae5ed53dee69c7d367386
SHA256 25ad39ca5f33bdbbc85fa70b6f9fe46e4fdb17937bbb57669aaec3e0203861ca
SHA512 44fa1513ddd0098c15019b07c5eb888114c3b008d7f2e5a912d592ce0ac050e767a3ab0a55fe71fd9d5aeabd2d445280de508c8dd2bb83bf5073c1ba88980f89

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\repository-fa69f138fe8d[1].css

MD5 92ddd397a592ef8df629545aff542ece
SHA1 de50aa0321796f5e0d0c162fab9b10f7c98d11e7
SHA256 ca1fff862edeb6dce1953d3ff7f1b76d84aa12aa7ac4d4eca05e323ffb3f6ad2
SHA512 fa69f138fe8dc9e8fbcc9f8211bc8e82608ccd52a41586a1438b3ed05922f0ddbd2e634fafcc34add72e0b36fdc6720d6a68530d6b4bda61fdf20e57fd553d2c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\global-2a3cd3230bd6[1].css

MD5 c1162575b98a68c7873fe83fe79f2965
SHA1 bc280e99873368363959805ae1b666803ae4c9be
SHA256 3b55aeed5b06028e219e849a1c533b9f971ae986198d49769eb51a5372490a45
SHA512 2a3cd3230bd6e2e37376474cb9efcd485ed37146911a8e9dc89f4e190267356d7bfa7b7cc802216207fbaba4e28030ccd1c40160ade12c7d485bf4a07945e5c0

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\code-111be5e4092d[1].css

MD5 7cb9080aa576934b53486d3746529970
SHA1 cb9ad049ca59d0dc0095470fddb2bda8798211cd
SHA256 9850beb3ebe2c31da0ece9d1a823e5e7d26983626c6e2acf4210d33abf6660c9
SHA512 111be5e4092d831d8e068ff4b6d2be94cbccb5bf92adc549a6c2506c4712ac177d15a61b56bce1919a2bdf9bb66d4a24b805db3aaddeb86823912d1df805f2fd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0[1].js

MD5 331e44e17e9ff14023510b990053a71a
SHA1 096363b6e8794bbd45a352d3cc8cfc4946b832b2
SHA256 7db9b2cf77bda551dc5b202710a2ebccc88a74f6d807a8eaf19d3624befba34c
SHA512 bb5415637fe067dfd3bba724d1e3ec440d342feaef6d42226cad26c535dab05ed798c92b46104b1cc843345e11d3e40a72a051c7730438fc2ea59abad6b2b26a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a[1].js

MD5 2cabd818fb8745b2fc7d5f92594269b8
SHA1 88108fecb3839f06671c2a21e35163e0e414b2b0
SHA256 55cdbee6ddce98f5c299a24fb9851501f46ff0cdd2ef3b2f7bb572a3940b462d
SHA512 c76945c5961a4f5b2cb1f85bd3cbb35d5e81f611c3ba05543acfe870728e94e9719c9331b65f4c2c8723960c5ac1e9cac0495a892f049b41ed3ffbe899b93700

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-1ba4dbac454f[1].js

MD5 752eb45af6eddfc36e3093b24349e9ce
SHA1 99dbd6a84c7a358a550477fafe89681382e33853
SHA256 7a33dc030df6ffdac087a68957ff32de1c009447a7486be5770f290b37a2091a
SHA512 1ba4dbac454f4d7fcca50f75a5fd12b9591b8a7616a584e46c0a46e71896e69be5d3a5bbf8eb8c2118c3dcde22cb46e2c85cd37166fdb616e0c7318898276c2f

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718[1].js

MD5 11819c8c15340c7ca8339fcc945a4f06
SHA1 5fb0a03295e008aec0a1abc786b9e8bdaa3a233e
SHA256 7bb4cf0c86c218c29466a022a4c087e72ae5cfbcc0307a67c9a5af2a0ec2a521
SHA512 05801f7ca718d5ffd9e34ed99b557c1e8c624eb6263e0eb4f94e6fe32c4a1b1c1663419d89594358471edabd80a15f1143200b4150051e99377b988dba7d7389

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\ui_packages_alive_alive_ts-b956d50b9283[1].js

MD5 322f994d5259a24ad2c65b7f638b55c0
SHA1 ea402d6b4001fa366304b3b018cdf037cfc23ed3
SHA256 a54568d95a02039f586594198ebd8079bfdcab083fd663f01b5089bb5ba462ef
SHA512 b956d50b9283885fa29813f8387ad57d65013fd925bdc4c7df5bf05ed398b6250c8b52675036ae75a77e3d78c1c2aabad1f5cb5939969d9e32cdb7aaa56a2e41

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011[1].js

MD5 ea2f459bb2eaf606a6d110bb721f8c85
SHA1 0cfc1539816ee68e0ccea2f32fb4191bb8b05224
SHA256 3c0095ede9f86618b394dcb281a35c659330ed3532ff49cb699c4f95083a912c
SHA512 9285faa0e011208b72caa43ce51dd15a03224c73810ca9d549ab21c344c2c96f7b6bb31b86e922858cfe6cebe6e3b09e7dc8fa35c6c78fd7c44b6c919002ad02

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-f924cc31bbb1[1].js

MD5 7f058b92c458fdee6526e4b6effa4044
SHA1 f86d7307585d33009dc6567129d16f9b60f26342
SHA256 a984eb4db9696e042f807d8355cff85e0ca804df4d9fc9c91336d55f12e37920
SHA512 f924cc31bbb148e484f700cd62bccfd7b47b5b7940914893ea1b0b429ef041db0ea2ca4526371a9d4872f84659980b4eff908512fd3bfde7b41170119378a83e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\app_assets_modules_github_repositories_get-repo-element_ts-f6b365a47eda[1].js

MD5 5efc6bbf45a43234e23e72093fefb784
SHA1 b90024ee0e231af171b857c16b4171e38d969f7d
SHA256 06547a5b4c2aea39d163f18d7c444778fd378ff23782d7bfa9fae8916ec1871c
SHA512 f6b365a47eda894ba80cf4d4242e56c4e00a379444520665ea837b1437b4f345fb523c196ee2d81397b93aaa8c6543286f578dcf4c6c5756bc6842399c20535e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\keyboard-shortcuts-dialog-b4a646a773af[1].js

MD5 d41c8b3e035bf39e41027d48218a9df7
SHA1 365f61f83274ad56dc7eadebf0a8c8eb85e09943
SHA256 69fe955c15e1030befcfae0657d7c7154882ee408e8134cbd6e66ba291c7ade3
SHA512 b4a646a773afc1b5b99118c02ab94fcd134ff52d7cbe3e7b2cb1f7480e8bd30b442ecdf3e0aa4f120d7080747d15bf5a57b742ab53572fb9534fffc9ec33cda3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--b964b4-6ad237e6932f[1].js

MD5 58a98aa089657671b37a5b6afcdac603
SHA1 e7f92b01062c0728ca72e779a98380b090b3bf36
SHA256 962996a98e34a53a4ffe0eb900ea07eaa804d63f357e23b9b7946847790bdcee
SHA512 6ad237e6932fa0c0b0daf53ffeb0457902e2b452369eff6391c046f651af1a2f017f4aef32ca4b619be9b6351b7dca1cee56df50b2b88b3f67f97e86c47831b0

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\code-menu-67595c3a6d0c[1].js

MD5 ecaf6842df29586e81888f69eb17735d
SHA1 0198df718b7a77e364ead2448e0a62801c3bc424
SHA256 6013aaf029f706510f8bce05010294da2cf4612cea03fcf17f1276b2b21e63b2
SHA512 67595c3a6d0c65d58abf6e2303f8ddf180c35cdd5aff7a3684ac2acaa525d52d60dce484d507c78135be0b629025c9749d65e2a0eb69e2770a62694dd51bd666

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\repositories-57e1f829b48d[1].js

MD5 3e273a3682b598ea60bbc9b639bca6e4
SHA1 a3e8b6f250baac841eda33fba2f98348ac3beef1
SHA256 1d56dff2dc03191c8abbf96ceb3a12823cb74f6697ef8777c0c9c08f42c906c7
SHA512 57e1f829b48dd9eee5ebffbf6faf3ba48447c86e19ac433ae0935bb38848f56a57aa0a6a7f3f87ae0dfbbafa3bc03cc42da3ee9c5bd2ce015bb2f2c3ebfc36ef

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_behavio-2144fe-a56c35798651[1].js

MD5 b076465d870a523f653c3f78163dd31d
SHA1 076bedab4630ebb82dd3ddac84e156d218469d8e
SHA256 dcefd3c194ec6b9e6a82d5bfdafcda082b00bc21feac2e5585881e6316286fa4
SHA512 a56c35798651a644c5de0299eb990d9e4db889586a03222cd67cad8dac3b16165c0f2529a402dba093cb7a1cf390cd23f27ce1ef818452a3dbd6104e109441d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_github_remote-form_-737e8d-13881b8e7358[1].js

MD5 65aadd89595f4fa46f1237aba5ede313
SHA1 5b2ea2970e591a97f9459fc372d215dd83f2d558
SHA256 ea49c037d3b8ffcb4db1892150c7fc3937bd5dd86e255d2dad1f8325d52fece7
SHA512 13881b8e7358011bdac8d3ad881f03f9e1ef492612251e144e71badd6ea096ad3f508a88cfb569ea698b71e8c798c62afa46f58f428e1372610a794f57d275ea

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_mini-throt-1f9a80-369ba092db4f[1].js

MD5 c5a133014c78ebb17476e56f1624a471
SHA1 1b66e28cd650cb2898c877102098df0b20ac51d1
SHA256 6958df6243dda9b745c0ad621aa4c7a9d997451eef9fae30314aec6d6592957a
SHA512 369ba092db4f090799a2f77cd391e4423b1d88b484ae79fd5cbdb1fe7583960423842a7bc65c613cdacf7d783690757dc048e241c423bd08c2768e367b5d5282

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\codespaces-b7f6071c8422[1].js

MD5 f9c8ddbbdd2edd866a0d7b473608fe90
SHA1 2cf32a231fa940ed19b79d59b84f909a81440a63
SHA256 f69a690aebae5946b46845b06eaa716de9e059ebc799e037e37941a63534339c
SHA512 b7f6071c84226cc63a6fb1404136a9f2f1d3bd3b0977ba126ce77856ecb21d81add53a40a9ab1c5af74e41224b7a94a463074691396dfac80f66d2bfe44309dd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_ref-selector_ts-2b432e185ab2[1].js

MD5 3008bf196bcb9081554c35d0080e65d5
SHA1 599c18ca5f933a2c7d103853f3d295bb4b07fd69
SHA256 3238339a3ebadc4358c84c48cb610df0dde4ea1b8d37fe692248184b4bdd4ace
SHA512 2b432e185ab27d8e07fcd73366b6af71114e20991ae4255fde6ef7a022b91508097cca4e83e9ad54ca69867c337fde774465d34697603b359a4195a83e1c9fd2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-878844713bc9[1].js

MD5 84eee0a0d2d52ce4048f2dbdb3589012
SHA1 9723f142ff6ce47f65dfed06d70b68a305a8dbb8
SHA256 bf11813ce0246da52cb3132837619c44d1e837e3eeebbbef12137dd91dfbec7f
SHA512 878844713bc98efc35c1a8041e3a53fa3e2ac9669dddeeeb2962ce6cdd465f84f0d41c3774ac27bd4bffcfbdf4832897e7711dbfd17adfac9d2fab206292c4e7

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\notifications-global-6d6db5144cc3[1].js

MD5 261150ee37eedc1c587ea9a21a7e1b6a
SHA1 f2112e464b8a356e675ad36e2c20f58e12e140e2
SHA256 020fa19a1945b66e3f2bb224b98568b884996fe404bd5dcb9e91d20bbe6ceaeb
SHA512 6d6db5144cc3ea031f04632fe9eeea3ff3dd4d91740526de02e57d2cae60aa5afe5b8df0de2d92c46eca064c5ae20abe3d7e9778d36e94990f74e432f6ecec70

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js

MD5 c59673d413609f36559412bd12b5776f
SHA1 7cd5f0a997f4d154400dacbfcab376395009f690
SHA256 eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b
SHA512 2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\behaviors-a9123655fa03[1].js

MD5 56ad23f177b1c19d82879c5bbcab1646
SHA1 89753e6b4e0f59d3bfee63b9db29814653a07cf8
SHA256 3f64769e0be21ed5a2e17f3685b01f35ed182df5783696c5c0ef87bb60de53be
SHA512 a9123655fa038f3c5a2ee6b62ce8de73a55bf60bf4fc48083f73b5f9e71ae4d5f351c0aa3d7bd160baa18a64e648b5ad5d10230e74e83e716e7c8e6317940a04

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-05fd80a7ea89[1].js

MD5 1744a9703e1e020807f5737c6b8d31d4
SHA1 05324e0e6182695c223cc5e1f71e889d2370ca28
SHA256 fb98c78a9625b1eafd3c0e7d9884e2764c791c4013577f0d03c8681e4f2b02d0
SHA512 05fd80a7ea89e5d8a0650424b5f7dfaafb7c36ef6537da43d4665840d8ab19ac7db0b33945beeb3680929fddaf6cdfd6e1cd62f754a183f65142482e9d0dae3c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_sticky-scroll-into-view_ts-94209c43e6af[1].js

MD5 ea01bea08a155fcf33ff2a18fcd0ecb9
SHA1 1f58607e282514d7a1dddf9aeb2b91bc5f5fe7dd
SHA256 ecef9a63582229cec2ad4531de2fcbe4098fdbac1ff41d7ad269fb47b3ad6352
SHA512 94209c43e6afe456a67e0fe26ff4f4bc8982137138891fd2aa1660150c4e03333187d63292ebf0d5aee64d0c5f8f0e40421e21923e7588d5213d8892e8a207eb

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af[1].js

MD5 f773d7682704ca9858b63b87f67919c1
SHA1 edcb0120ca99d5ddc395fae4bcac301928f49ef0
SHA256 0b6e667cb5fae47ba109488f66ca4a2f3a55a80f25cda4ca17db228b3ef3464b
SHA512 9de4213015af6aa07708f102ee75a6092518d4ce61198db20c67def5a37ed0b924bf0007bb23535aa11da61f818e6d80c7c84f31b8f4e76c5413fc0086850d9e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-960b7c5df16a[1].js

MD5 1cf2369091f595216efce8d5e715fb07
SHA1 aea9f7e70b37a7fa86c9ef1ae35852dd1a15d9fc
SHA256 0c935035dce7a6c3fb2599af63a3374e8c997eb043ec1e475ed3eeaab46c380b
SHA512 960b7c5df16ac4d35664f332468164324937d57191367a415c45cd4574447a74482f8e91b2bbfe992bfd08253e360c98bf6bbd8ee91ad32a1515e9cab0099ac8

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-84957b-7b4e472db160[1].js

MD5 d01d2bce3dc98f2f2c666ae71ca217b8
SHA1 f13c3f886c48a4d2128059ecda8a1d20f18c9a7a
SHA256 6df87b96f1a0275b8b53b076cb0e96c0db94d4b0fbf68af46f104f517e959616
SHA512 7b4e472db160274656c05f75b966dd61ece0b267680391018a38ab50b58fa43310db33d846bb2e1f0f91d7af2a78e10c200c293a069e369247a5251bc07ee320

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34[1].js

MD5 913a77fa8f878b5f1b7bc5c3c53daa45
SHA1 e2f68e5c24e77ab985603430e9666fc1718cadf7
SHA256 69b7ef034ddc6b605311ca503ca24f54de1758816ef270a160315ed71fc3d7e5
SHA512 95b84ee6bc349a259aa1a1298245ff5edb5cdd1b6f5013e0c5eff8059c1f90125e8a1457c40c54ce103f4d18160a55cd7084922ae283bf00f8b425cffd1efa48

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_color-convert_index_js-72c9fbde5ad4[1].js

MD5 c706ad84a4eb261b75d1f77ce7f9bdc8
SHA1 497a9725442e7305adc54d19b828b2e38c5c56cd
SHA256 80b561c1746ef1533744e7bf7ea3f6c721a88a104d665bb97ffa8df96e69b682
SHA512 72c9fbde5ad471c76b76034459d0d75db00cceaf3904a14c01dd9dd9167da7f783086b79c446b24ed2630c9cebca1996b3ff8ea52dec6c865f173c8158962be6

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_detail-c9d0ba-387cde917623[1].js

MD5 53ff79ebcfdf43432442302b235f7eec
SHA1 779135179b1f66f503e355b5b1bf1d629cb7deda
SHA256 0e9858012a17c942cd8a3761815132a66b1e1a721732af9b84a4d17d822a0eba
SHA512 387cde9176234c43a9a2ff92655b22d330b5101da5abdb275f1cf2383e19f4b50d1ba6485c603f9ac154d812f5d0943b4b7fd87973fa69c8afd48d005b9974af

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-a8ec7ed862cf[1].js

MD5 f5fe12a51a2d925ad59a3b4dbde64239
SHA1 eaa86c9029b6cf765ea31c730ee0c89817cb43c5
SHA256 b07d51e4c93c6d1ba90812c547f4b39a7153582a8bd99e84397098b16223d3a4
SHA512 a8ec7ed862cf730b3eec63dbfccc41cc3b6c8f0cc2b31ccc6d6cbd1041a50ce050a7b977f55008d9a9f5fc6a889260c4766aab744a63d8670410323cd18ae31c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62[1].js

MD5 8d2fd700b674b265b884566f9e1a68b2
SHA1 b0071dc74ec8602aeb4d4063ace590e7dc26ab6c
SHA256 8d303394176f2b0cb950c35e71caa07a94141a3625c75d8b5da9f42f9a1bd700
SHA512 c91f4ad18b621b1321ca15512f94dfc9b7759ea2d0a150e0d4ec12c62ace6f5d01e60b991f0f1fa523b96ff9e0174e89a5c6496a6df15b61e57f232f2fdae967

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js

MD5 81628c9093236d8e3cf835f708c30608
SHA1 846b10531dfca6510051fc43abb8f9b5647a0433
SHA256 daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902
SHA512 5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1acb1c-a745699a1cfa[1].js

MD5 861fa69db074f86d7b825200d303b5cd
SHA1 6b0dba99c449561eccec58fb4f0225d4d9c7a25b
SHA256 d0626b0be461588e2510ec528a0ae6fbae4ac363ab56b53bff39382a1a925810
SHA512 a745699a1cfa87148f99a041663a7be4e70130245c5a616a90e77f4538deabafbac9a5debf8aa517ef65b965e1d3b1ae6cdd85349921cabce52eb1ec9a71117b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-4da1df-9de8d527f925[1].js

MD5 e26206a08e0a408cb0ac26b62bc378dc
SHA1 1976478d9d2e3a2b594b383a71b7c18c33abe31e
SHA256 5480f3fc81d2395070c90579a17b32713d017c4d17dc9bad135afe1521976930
SHA512 9de8d527f92555e0c1222d6ed8290f66a7a34b5bbff0ae827b40b85cc2ccbad51b4d097ef269aab806d73059e7ea2afe8321ff19a5e12752441f33f56bfbcfe2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\element-registry-9a257da99f6e[1].js

MD5 f3ef81240c6d652580843606077656da
SHA1 03d297c437a2531d2193920efd941bab272c1670
SHA256 6048417bb912615ffa8f7bc21bca43cf45ed0fd99d07fbcd14d4611c52a770b0
SHA512 9a257da99f6e06fd9d841c9b601af6f989d01c1581e4575bc6e684b12bdba78c98120590caad49f52d1a24eefa216e50a85feaea98e61578887de35223e52bf5

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\github-elements-34cbf079a4f4[1].js

MD5 9b47ccb6b752170f8b8ec20286fe05d5
SHA1 901760a96176174e307ceb67f3da102cf453464d
SHA256 059921042948a7df80ae1f8c76c1c0442143ac4809aa32e0d0adf514628fd705
SHA512 34cbf079a4f4d5e31bfce2841741f11658e0f9cb616555c87fc94d6dfab507484df09b215ccddd590fd13219a4a0723f64f0cc13bca4e5b0a16b536f4bc62831

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-745e8b6794ab[1].js

MD5 b4573f1cd7cdd2573ecbdf707be8a3ab
SHA1 970d6f423fa9c7923f5a19fc3e449bc827c863de
SHA256 8110d18a776a06ad558a2ee7499c04400f634c3e2150e700ecf2fee84c7b4ceb
SHA512 745e8b6794ab3cd4de1fd40e464c1f090879b26f7dce8a266005781808b312c599eeb6e966049db3e18b815f30506c4c2061065034238d8baaab8fcbe5afd84b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-27181b-3509ed8075c4[1].js

MD5 6eea70c9ace3bb9f6c684fd593318b48
SHA1 2cb85a9551db444f4e5d69065374a717334c65fd
SHA256 1fb1497b55f8d938c1753c298394604d4f959ec90b8cbd9ba70771b885cd1029
SHA512 3509ed8075c434814ac3f01e1acf881f456e4a3cbc94ff6849757f30f997b7c05c352916780f8b42ca7ca611f81d29b0330a40891fb72c72c6cdff9ee2e8f458

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-7dc906febe69[1].js

MD5 4d87a5470325fc3adc78598eb62264df
SHA1 9e7c5e4ac32802ba23d14e7c0d989848ccc3132d
SHA256 17339ebba6fc6f421db7fb62286f502727680abe7513bac481c8f50c1a747a10
SHA512 7dc906febe69aa010f9c86c3de40bb23d258c1f06c1be8ea034f605eedbd5399ef5bf9a51566e79f0a8f0639ad4e5f727f4a3c1771c7b03bb6568a8e0606a3d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80[1].js

MD5 da04614ae380b68c111984f401413fc7
SHA1 7ca0dc023ca0b1654d7c8630b8a05534e156d03d
SHA256 85fa448f4d60be73de2f42a83937523b7b751a4523b809fe9e3edb404e00b835
SHA512 8a621df59e80e8851a8cf3db03462095e8bba43a860b1018dc66780448e82d19871be99aab995fa57025db8b7f8e975eb0595fe2c59ca23d984b4d21d5031aaa

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_auto-complete-element_dist_index_js-03fc21f4e80c[1].js

MD5 4d7edc0ddd43e54f4590ffe2f41756a2
SHA1 d6abd8e362faf9b9ff99ecc405345c553de6831c
SHA256 593268251b1b94c08df2e4f4ab6489678391cb112fd75a5e7a53f990d40b03af
SHA512 03fc21f4e80c42f4a4dec31f373272fe0002f5fb79295d3c9a165fe0e03353d793806f85f1e47bd7e357b3f278016ee578b090f553d8ac57122ee6b903b2ef07

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\QKVLJU0L\vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749[1].js

MD5 1908a7d9985e9540b3f6fc047f62b729
SHA1 25a06882e338da16bbc59797925ac6086141f478
SHA256 1b92b8a1d5169e64edce1fb248cb5989561060b083e5f05b6ca2a823b748a946
SHA512 bc8f02b96749a7ec00a92334c4964a4255611b23e15b88a9fef73fce2b55e32bfefa7f4bb89d436685a92fe188713790b9154ed79b5d7b3690a3ace68346cadf

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js

MD5 6822816845d932c1e93f68372f005918
SHA1 1dd14a539530e8d131ce29be5e5f84e4098b6a15
SHA256 14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee
SHA512 086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1A24MBHM\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

MD5 683a7fe431bded8fbbf7b5189a1b8209
SHA1 2fb527473877ea06ec6b023690ce933c216c5d07
SHA256 f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3
SHA512 9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\environment-775215f6b8df[1].js

MD5 e0a178ecbc91bcbae9e8e906adb78e33
SHA1 a9738626c14f73015b36aafc729b325544f7af4d
SHA256 751de4fc6bc6c42c11515ce3805d1715190eb6b01bcf4bf14b2aa7c0deeee99a
SHA512 775215f6b8df5b189ed8fe380fe37a4c6d79de089051c3ee1242f1d8223d28fdf6c08c694dcc42e9cb4c0953bc172b099a16f9c6c774b3f747e2a30d60e90068

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4[1].js

MD5 b6b600c9f1dd4c88024d62e6ff2eb871
SHA1 5a22091378af6a681a1edd36e5337b9b6f70613c
SHA256 447a26cbcbced255f24f46c1e82a6f3a4de3b2a44d4b0ab7b6f427b12f783f8f
SHA512 7bd350d761f4f22866b454b1271af79ef5d23f5d1b8cb0598c34f739e3dab977450d61d01b8a0c135fff309389f712c0114e9cd6e844d2261d2536377b71b838

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\81AHVMKF\vendors-node_modules_dompurify_dist_purify_js-6890e890956f[1].js

MD5 80fa30c00e347b5bbc8b7ff9dc2c9f44
SHA1 d085fe485ada77814949e92fa9e1b1eb05ba5eda
SHA256 be77c75cf182f1830d0f90b8d7aee460f0108c6e7f5a143a524f709b9023c80d
SHA512 6890e890956fafa8187511df1ac3c80a5b8d56be5ca989da251741f59c8d1186c0efa3d374f113b0ebeda124b78dedd106ea97f487ec04cf2a012e7bdd1048b3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\wp-runtime-97879d6e03f8[1].js

MD5 bbdf47e25b5deab009095c71f9ae9f4d
SHA1 4ab64a16a793591d3af88a7c82b7c3b52ad53ae4
SHA256 722024f564be57db04c27af2b199f7427eccb8fd870ea951a5c4c638507fb49c
SHA512 97879d6e03f83f4a232f7ffabbcfb8375f45360446020a3f24596ef4141eced04bba010c3281ee7605c5a909cd8ee65d2255f5203274bb7ff0ec82c2acb666f6

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HO8K2XWB\github-07f750db5d7c[1].css

MD5 19a4910055069ece0fd15033333b5169
SHA1 cc741789ac4f11c2e1818d25554f470ed002c7da
SHA256 c0467d247bf127ccf1de67ede2d21bcec6e1414e1c4f0b40f83f323b6d407156
SHA512 07f750db5d7ca69a75c752e69beb712768b99da639ee3ee96857c7c4e69364dee00c3f5a601b4cef713c6cfc4b0755d0629f4982bf35fe83dc2dcbca203e59d4

memory/4324-235-0x000002E8C2E40000-0x000002E8C2E42000-memory.dmp

memory/4324-238-0x000002E8C2E70000-0x000002E8C2E72000-memory.dmp

memory/4324-240-0x000002E8C2EA0000-0x000002E8C2EA2000-memory.dmp

memory/1472-248-0x00000294C6120000-0x00000294C6122000-memory.dmp

memory/1472-250-0x00000294C6140000-0x00000294C6142000-memory.dmp

memory/1472-254-0x00000294C6180000-0x00000294C6182000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\52PHU5Y2\edgecompatviewlist[1].xml

MD5 d4fc49dc14f63895d997fa4940f24378
SHA1 3efb1437a7c5e46034147cbbc8db017c69d02c31
SHA256 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1
SHA512 cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

memory/1360-335-0x0000021E4B800000-0x0000021E4B820000-memory.dmp

memory/1360-341-0x0000021E5BF40000-0x0000021E5BF60000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\UMEQHE28\www.bing[1].xml

MD5 64c07d191a77416ebb3cf86f1d73af33
SHA1 99e3e82cd2dfefaf4aef5395299138656a2d0c8a
SHA256 04ec158c7034679a907bb02df3cf19a297543d02b00e2bb7dc0f742945d86c85
SHA512 db0a85d3d5574c12a47e85715f3707e1a2ae1a720ebcd776b9e783fc72a605637d115de828f8820fab229f8e19e3b842552de3a4f3f5eeb837ccf3d48edd0b2e

memory/1224-388-0x00000169DFF80000-0x00000169DFF81000-memory.dmp

memory/1224-387-0x00000169DFF70000-0x00000169DFF71000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\ZOKFX3K5\suggestions[1].en-US

MD5 5a34cb996293fde2cb7a4ac89587393a
SHA1 3c96c993500690d1a77873cd62bc639b3a10653f
SHA256 c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad
SHA512 e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee