Analysis Overview
SHA256
2686676de2878920710d925c2a94afbd2bc9430f8f946190a5fb92425f797f72
Threat Level: Likely benign
The file 1_R-bNQuTbgcQda15zyXeMpg.png was found to be: Likely benign.
Malicious Activity Summary
One or more HTTP URLs in qr code identified
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-29 17:08
Signatures
One or more HTTP URLs in qr code identified
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-29 17:08
Reported
2024-04-29 17:28
Platform
win11-20240419-en
Max time kernel
1184s
Max time network
1173s
Command Line
Signatures
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\1_R-bNQuTbgcQda15zyXeMpg.png
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffc91323cb8,0x7ffc91323cc8,0x7ffc91323cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4728 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,4468223420900503943,6535667816210790721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc91323cb8,0x7ffc91323cc8,0x7ffc91323cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1868 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2516 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2296 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1856,13089695247771193124,13957145829164906048,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | bing.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 22cececc69be16a1c696b62b4e66f90e |
| SHA1 | b20b7f87f8bc64c1008b06a6528fc9c9da449c2f |
| SHA256 | d940b85bc83f69e8370a801951eb6b8bb97efbb3aa427664105db76e44707258 |
| SHA512 | 2b2e548f2c8f84d321ef2afdf31128065c3593b884ca8111b05800960b5378b99c7efa6165d02fba4c11e6e4b49b14e419d89f76d55ef574f4ac2b7d6ecb3d48 |
\??\pipe\LOCAL\crashpad_3500_EVQTOOPMKBUGILSW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5a85ad170d758e61ae5648c9402be224 |
| SHA1 | e6dfce354b5e9719bc4b28a24bb8241fc433e16f |
| SHA256 | af0da8b5ad8127ae0ef7773bc9c4b145ed3fe7fbef4c48278649e1e3aa5ce617 |
| SHA512 | 641414d91c993f74b6b71654522359d606c7f94ac0fcca6478d1bc33c30f4a9fdb9ce6f8e281c79a2f9b9670fda8a4ccdd80e7d64347c1f66d8c9ef024bcb09b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d7b44113ce31a072ecb138ac2b57b52 |
| SHA1 | 4d097ba0c0fdf5248ffd6a145f2c993a8137992b |
| SHA256 | 39c58f64a54c0db2f43b759f67b24c6f6db323d9d524c7f1f3dd53fc16328c35 |
| SHA512 | e9adb4dd2a0fd0b7e9a1a101f22bbbad563d8e660696a108c48df3647d3d8b728921d1c34f4f80261c31019443862186ade3a594c1a31155cb4610e3ec031f63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d89f69e9b6b2df17e8abf9d44e2501ed |
| SHA1 | 383ab2d5c853a1ccceb69d8fce6cf2130be9d4a3 |
| SHA256 | f4e0ca8493f50197a65e37908704e968040af9c1c73275f088074c724db5ccfe |
| SHA512 | 7eee336724eed40a8cace29cea3dcaf0b85cdd250ba4a5b0226faa0e1c4ccad3905797e4f4277e659756951be3e1ede9ea606b45b3a20357e7c7e0032011ec60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c0e59ebeebd7da8a7393c5c73961f703 |
| SHA1 | 891990f3b8e0379e6d7a6d7b29878e6b4d6b09c7 |
| SHA256 | 672ffc9bbfc45829a517dd575b4271bc3c43adb024eeb84f81763927b638025d |
| SHA512 | 45951c09ca190985a7e33a66e52e8e6aa6426650e5fb0f46e65515a9ed994918a17f8d03f27ae8e77f5b600ea0f529754247e8120bcb3f8143cfb0965730a486 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b8a52ae4d841ac01bd5e9bf888e9b43 |
| SHA1 | 9f17c6c73043d080a2cc0141db774eade29a66e7 |
| SHA256 | 7fdd7a4d73f11a45615741b9366e50abf0f580b00037d55e3381d650679becab |
| SHA512 | 3c538831d61d41dcf6612314eff87ebd98de8a8e4c98eecaa8bc30579ff9d02fa5fe0dbfdcd3a220f593437e4e129e444af9e1e75e66121598a1d04f3cd6fc4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 2b3b1662836421d3bf8bc10bdde8ca71 |
| SHA1 | 20e81055c35557f08b6f2c68d5f0636c91369fa6 |
| SHA256 | ff5bc6849177e043093d602f59b25b66aac1e192aa4d741fa6e104389c11e5ec |
| SHA512 | 7055e02c919f12c5567e0d753e405bf2bd270a6c03ebdbfb0ca96871797962342b7c3881987abe5bcaf3f9a3100eee658d222c54a5b1806909012b4f7232c2cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13358884103031948
| MD5 | d65043f2b802273490bf0ba797762d15 |
| SHA1 | 516b95c04280b7cf637979bf8da595ce829c8e0b |
| SHA256 | def47deeb5e8f08a9f417c822e0ddf86e52d21d4ae3d422d45f84d510677fdd7 |
| SHA512 | 2d393d6da847584a9416c12724b14cf68cbb52a7bbd9568c2e1acb20e1f77674e248103a25b048090eab0bc92b5c7ca601f564d58bee36657a87703aecb8d7d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 01ebe554ca2ee8ce4bab5d7be66e7e8e |
| SHA1 | 762e292bb9b7f4dcf6ad73a665e03b4698f94dca |
| SHA256 | 1c6ed6bcd7d35411425337bd0d58dbaadb3adf00c156d8e1b5934295b0895e36 |
| SHA512 | c54888dc0ed56c8b0bdcccedffb6d531cada85a797e1dd96e1fd9d46a7cbf9a7aa4531fc568f647b75195e133a5cef2f74c06d22a309bacfeb65ffaebe8e90ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 0407b455f23e3655661ba46a574cfca4 |
| SHA1 | 855cb7cc8eac30458b4207614d046cb09ee3a591 |
| SHA256 | ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7 |
| SHA512 | 3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | e24a5e97b022419b03f34d049e85d80b |
| SHA1 | b5a42259e6be14cf46e8492a166f5518d99ab215 |
| SHA256 | 384ba035152edb810ab27a6a634d707a08330524d101857c79a774a1382d5b64 |
| SHA512 | c2c32b0ca3bba35b580e63726c96535b2439fff280137aaa89556c9e13568bbd7bf02b547bca2163cda3ad5ff8f31b0d93d7fda0733b7cf3fc4fe065490eabe0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | a62d3a19ae8455b16223d3ead5300936 |
| SHA1 | c0c3083c7f5f7a6b41f440244a8226f96b300343 |
| SHA256 | c72428d5b415719c73b6a102e60aaa6ad94bdc9273ca9950e637a91b3106514e |
| SHA512 | f3fc16fc45c8559c34ceba61739edd3facbbf25d114fecc57f61ec31072b233245fabae042cf6276e61c76e938e0826a0a17ae95710cfb21c2da13e18edbf99f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 7134ca46b0cd788c0f8e9d36cf8f9cae |
| SHA1 | f051d3a68724f8e1da9d794025a6c80f9c44368e |
| SHA256 | 85757009a69a17e7ee8cc2f947b1c21e76c4bc593d489c253b33d74dcbe0497d |
| SHA512 | 25be49c47139ba88737f714992f7881b05b7e739641f2bab97a7c2a167ad9d652564fca1a25bf74af3972b80dadbe4abd96c296b8bbfed12006a44183e4b8742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | 7d922851c926683ebae6c8df8afd3520 |
| SHA1 | 9ab6bd98e0a0a21c602b0c8388fc45b7128ed5ba |
| SHA256 | c73b6a50528cce7de06009a40ba0fac7adfd303b377d939c3d13160e9b9aa73e |
| SHA512 | bee9c485a1584b13e0c483a1c2f9d2af1b4a30941e07b9c854ae2e85a8d337381bfec6425bfe9d7c612322a97e544cb384d46617c2c989c003b8eb218ef0e83d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | c4bfc34fd57928ee6c9e41a7894eabf2 |
| SHA1 | 8bcd06799715959383bac494d475e6bff23fa35c |
| SHA256 | 39fe46fdf9f272d43bb1a60705e53a0e44bcf6df77d0b2de2fba8c6793befd38 |
| SHA512 | 6a233d3b422ad2fa87acd4f95f50c1e8334a06b89ec52429934d31f8c5f0039f63f4263d5a99aef64c2112aa13f7d720c641ffcba7c1b3b2dfa093671f38e9aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | ea12e85f3286d9012b72959be6445076 |
| SHA1 | 8955d2ac4f5c0e5a386017a934125fd55ad6972a |
| SHA256 | a45642f269cbd5dfe9d2635d7dc0954800ba4ffc4065c147404fa938bec5a3d1 |
| SHA512 | 12151e7849d6350722e818cc2ab04e9597f95abe7169a063838d976e10073dcc81120dafeac0827528e52c16360dd4de7eb705be599041e9228601778781c731 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8af0f0ef29b2a7ff327f6a79357418c8 |
| SHA1 | 66fcfdfcf41eed5db9254c2d9abe7fcf652ccee0 |
| SHA256 | 3fc3e90b5a570e1da55d1708f3da3ffc87dd82b44118a739bebc0b2e54313198 |
| SHA512 | 7d1c52303c47844f13b4629e508711fa37519f26a1ab4a778c9696ee11ae53ef679685b042c939ddbd01445c54ee23149ee6dd13b2abd2b3b5c4a47198bb8b34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | a9851aa4c3c8af2d1bd8834201b2ba51 |
| SHA1 | fa95986f7ebfac4aab3b261d3ed0a21b142e91fc |
| SHA256 | e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191 |
| SHA512 | 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | bbc9159c65abed54ad80a3205bbd22ed |
| SHA1 | 7817e8571b5185a3983539a32cff82f3a321cec1 |
| SHA256 | 144c206b5eaf00f27295c8b9721bf4644ca5ac21c060bdab3ff5ce8e6b01989d |
| SHA512 | 0fd64583c07c1259afc6a5de01927ed7fe638cd639019c462d3ff7f44ea13c846adfa7bf7b898cfe01950b4f4369f64fc0388cbc4d7a4c07d7ea1eea6941a310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 8d19c26190920d6c3eb2bf18625d3dfa |
| SHA1 | d2a233a5602f749d5e813d6953f3648939c0d679 |
| SHA256 | 08c6a74403f80e2947c3a19570adf3be90040849b42bd18d70c7e48fbc8a0f55 |
| SHA512 | 3deef351b82d6cfa84e18bbeaa5de8a9dd6918cd7a29147efc9bfeceeec2b754c199a8d03d81c1cc91021be310570c6e3b0165bf33a7fe53f76af054ef820736 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | 72b2fa02024356deb759012e01440023 |
| SHA1 | 56ffc5056f94ac384f7e4a2de25e452f2bf1eb26 |
| SHA256 | bd094ca9aba12220784eb5593cfe916a760513a2d39ccd45e11856f9d6c5d7ef |
| SHA512 | fcf044cc2d73637d424fa338ee47aa54abc7a694b6aef461eba6668a0394efc0c1681f1de9c489d93dccc2e931960d6cb3f0909ccc8f029b65474ed1237e9bb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 381c76517d20b975ee406e0dfc8ca1ba |
| SHA1 | abb8705d6b6d9241f67eb4b1aa720f2310184a69 |
| SHA256 | 812c0b0b0ca7b0b0862d1404aac4717f350487f75a66b8f213d0a511bb7eb7bb |
| SHA512 | 5185617d890efd07f4ab6913164bf8526e93ba6b9e6bbdb844ca42fd2d4ce8376777da63ebda23e4a7d5a90c81a538959d96c9db44d466ae5b4ee3a68a9bb01d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | fe486eacb30f501372eeedf040de8539 |
| SHA1 | 6081c4c86369840f3041cc845625ab965069ed16 |
| SHA256 | 454b56cd5c386ad403a7c11ad5882973eec60bb5462f6dafd1bfb640fb9f29e4 |
| SHA512 | f4194f5165a87b2856497b9232f3eb9b9b9668ca5ff147f5d91d2bed5e20fc7ca45fcb73261ee4e45a237652ee0e8e7c3dd09f2d587fbb68d52227dfc1ee9174 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | ef9588ca82f853399e5968af99985e74 |
| SHA1 | 80d9df4f75c3e789ddf10584d9ff9de2b6154cb0 |
| SHA256 | 9d550015f47a4d5d502f8a2f5b33bd9cbd136f4fea7c64754c8cc5a9651f7fe5 |
| SHA512 | a77b6b0bcea459ab4fc1e5d0983e85b86a6b0835849345f6afbfb27a5e84d8d1a38ff16e21ecf862e95d0a74e3fe97fda28bea66752b8bd64fd44c8ba680a5c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 48ab537516ded59601b8a3218d762552 |
| SHA1 | b057ef2e2462f11c37a899b81ca9978366ea576d |
| SHA256 | 694af15302540ac7b76467ba2e9f2f26d3e8ca96b0eb046eca0f3b16487bcb2e |
| SHA512 | 15306f934f28c241da7f7592cbbc8be92e6c64359938ecc1f75a59376fe7bf74ea6a5edd76388060190b0247b15f79b0339db8d6207e2e280030810004578b7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 54998dc2b0b74235b733cf95243b8a00 |
| SHA1 | d0bc76a9c7840c56a8ab4e1e578ab545210f998d |
| SHA256 | 4f44cc74d04a7c29a6ff0ce8b4d2bc3834cad55c8a0ba4e59da753d11ec98d52 |
| SHA512 | 910a0275fd46739e4153297329d72367cc2e1049d561cbae7429a97c896e56b1d6997d510adb21784e534974c4226865ba20b1567aac54c1495fbb1a7f28e050 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13358884102912948
| MD5 | 642e727ee9b43bcc7cf2f649925f604a |
| SHA1 | 99a417769104f2000b0d053f23a2a36fc7246bd8 |
| SHA256 | eecb3970d528f1d3ad2695f2e8d6ad973a4e17a7609e1501a00d7c211d1194a8 |
| SHA512 | b5fcf6576fded873f11d796bd2ae88e8417f52fa857bd708102910574d73cbdd64c73667b14f335e60c5f418b9e95937bbc85b70731be90a5c65438baa0f3900 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 63181339439489dd4cb600c6f8db1564 |
| SHA1 | f2c747dc001344d846ad267f1cd29f1fd48a0df7 |
| SHA256 | 6262a31271980296d622dde1d1a5fbb364181a83a9d226241d5201ad11fdd944 |
| SHA512 | 7ebb3e0edf1c6bb7e7f6733343d595abc2c08f37f550206711b1cd555a5774a5610fe0aa9030eae32ff2b34a5b63960879e690e423c2d91f5bab966a00e3f472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
| MD5 | 90c2a5b51f72a3ad91d5f82a57715db4 |
| SHA1 | daf9fe56c55d0a1215cdac1f16b05157e74a4fd4 |
| SHA256 | e7e8aa70eeecb86db2a4ee3f94a6b6546f0d1d894851f865c6660e79354923c3 |
| SHA512 | c60821c1a08df9509710b206073fa4b518bd3012a2d5514ba4ebdc8e9ebdcd79c32df47312e8382e37ee9fc37d0f2eb615d3206fe5b18b4a405ed13d38c1340c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
| MD5 | 9a8e0fb6cf4941534771c38bb54a76be |
| SHA1 | 92d45ac2cc921f6733e68b454dc171426ec43c1c |
| SHA256 | 9ee9211a57c3f6fa211fe0323fa8cd521e7cbffcd8ff0896645a45795dc472be |
| SHA512 | 12ed22537dcc79d53f6c7d39e92a38f8fea076d793198928f5b7a5dd1234d50a3c0b4815632f3fadf8bc4ef0499773d22bd83f961d2d0ffd8afacf471bd3a5ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
| MD5 | 2b432fef211c69c745aca86de4f8e4ab |
| SHA1 | 4b92da8d4c0188cf2409500adcd2200444a82fcc |
| SHA256 | 42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de |
| SHA512 | 948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\previews_opt_out.db
| MD5 | d926f072b41774f50da6b28384e0fed1 |
| SHA1 | 237dfa5fa72af61f8c38a1e46618a4de59bd6f10 |
| SHA256 | 4f7b0e525d4bfc53d5df49589e25a0bccf2fcf6a1a0ca3f94d3285bb9cf0a249 |
| SHA512 | a140df6ec0d3099ef374e8f3ece09bf91bc896ac4a1d251799a521543fe9bdea796ba09fa47932bd54fa939118495078f9258557b32c31d3d4011b0666a4723f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG
| MD5 | f5b83d447fde2c22e2f6b326910a1426 |
| SHA1 | a079aeee7ed25d07a3ff4378cf30c5f8b1dc966d |
| SHA256 | d8fbf05a7e03cb11684c5521cb96d878b2550779192f602b8ffa449ac1b880e6 |
| SHA512 | 70c4b07c9dbb3fc41fc58c02d69530ce02b64c41ec7dee59e8c79919679e912ed7eb327f3a9b1d82a61affc6928d17d02c4e2dbed827929e85d0949ad808f95f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000002
| MD5 | 22bf0e81636b1b45051b138f48b3d148 |
| SHA1 | 56755d203579ab356e5620ce7e85519ad69d614a |
| SHA256 | e292f241daafc3df90f3e2d339c61c6e2787a0d0739aac764e1ea9bb8544ee97 |
| SHA512 | a4cf1f5c74e0df85dda8750be9070e24e19b8be15c6f22f0c234ef8423ef9ca3db22ba9ef777d64c33e8fd49fada6fcca26c1a14ba18e8472370533a1c65d8d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
| MD5 | b02a8f8b8c656c346a127accc756934b |
| SHA1 | e463eb4ebd3f384ee3cb4317e80d1805404aa145 |
| SHA256 | c9ea268e5fd36de72813e996cb862261ac6d4c5c17335d7b0c9e3f8ecc8b13e3 |
| SHA512 | 50501fc4385f49e9691c01b62c8113bc17d0dd104d28dad8fe035b5060f534e669b2ce7ee836cc573511f2901fc8cc7429eaf37da194dca71967d4e4861d3016 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
| MD5 | 8be985ece811ba0a3f10087f5f4e6fd4 |
| SHA1 | c87c84d4fe182ffb8362f3cabd33349af94e9b55 |
| SHA256 | da78d36c765d3248b1a72ead5f83b7a58cba7d361f17a6831332ee994cee939a |
| SHA512 | 901932baea8712e89188cfce00a6b2388ba38697bcbfeebcf8b83b88b0cb26c7323b098ba6983c312ded1041f6e297412010113a32e99a9350aa4492ca40efa9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor-journal
| MD5 | 339c8923ba863c95eb0a31afddb86b3c |
| SHA1 | 26a0823917c5d5125e45f245709cadf5785f514d |
| SHA256 | 53145662acc1be3eafc57ce93da97a2272ac81565e51712c203436fa90617036 |
| SHA512 | 58e86ff98672be46d81aafe68fa810d9a3411e9f7a7f3496e148ae582740c1a4b4e6dcb1af00dfcebdcb045a4242b0c6cd2bb7cbb540da4277375a80300ff43c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 47f4792f4e8a67606a46ff64d0a268be |
| SHA1 | 718fc36fea3694aa47b101cd1eec8ed9ba2c31ff |
| SHA256 | 98db07917aed1947e45905dfa5e23a71236ea1cd2c3c80f2fbd435366386365e |
| SHA512 | a757c25a9f94232d9b1af00bf39d65dae4d8d718900007f119ffa278b6c81857c12e0dceb6bba3d9ec0f54ee486510509bc9e00ee40732a33d74f5d42c5fd98f |