Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://flow.page/clippsdocs was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-08 09:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-08 09:37
Reported
2024-05-08 09:40
Platform
win10v2004-20240426-en
Max time kernel
150s
Max time network
147s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://flow.page/clippsdocs
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff935e46f8,0x7fff935e4708,0x7fff935e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15495133912117521663,16698279037139626976,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6372 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | flow.page | udp |
| US | 8.8.8.8:53 | 6.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 104.18.28.25:443 | flow.page | tcp |
| US | 104.18.28.25:443 | flow.page | tcp |
| US | 8.8.8.8:53 | flowcode-ui.cdn.prismic.io | udp |
| US | 8.8.8.8:53 | cdn.heapanalytics.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.flowcode.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.18.28.25:443 | flow.page | tcp |
| GB | 18.172.153.94:443 | flowcode-ui.cdn.prismic.io | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.18.1.248:443 | cdn.flowcode.com | tcp |
| GB | 18.172.153.7:443 | cdn.heapanalytics.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.28.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.177.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.153.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.1.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.19.177.52:443 | cdn.cookielaw.org | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | analytics-collector.flowcode.com | udp |
| US | 104.18.0.248:443 | analytics-collector.flowcode.com | tcp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.0.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.53.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 52.111.227.14:443 | tcp | |
| US | 8.8.8.8:53 | privacyportal-eu.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal-eu.onetrust.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 2.18.190.81:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpsmap-dot-yamm-track.appspot.com | udp |
| GB | 216.58.213.20:443 | dpsmap-dot-yamm-track.appspot.com | tcp |
| GB | 216.58.213.20:443 | dpsmap-dot-yamm-track.appspot.com | tcp |
| US | 8.8.8.8:53 | netflx.wny3f.top | udp |
| US | 172.67.191.227:443 | netflx.wny3f.top | tcp |
| US | 8.8.8.8:53 | 227.191.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | rvianc.com | udp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| DE | 77.37.67.67:443 | rvianc.com | tcp |
| US | 8.8.8.8:53 | 67.67.37.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.18.125.91:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 91.125.18.104.in-addr.arpa | udp |
| US | 104.18.124.91:443 | api2.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 91.124.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b2a1398f937474c51a48b347387ee36a |
| SHA1 | 922a8567f09e68a04233e84e5919043034635949 |
| SHA256 | 2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6 |
| SHA512 | 4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c |
\??\pipe\LOCAL\crashpad_1008_LEAMYAPQTUYRILTB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1ac52e2503cc26baee4322f02f5b8d9c |
| SHA1 | 38e0cee911f5f2a24888a64780ffdf6fa72207c8 |
| SHA256 | f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4 |
| SHA512 | 7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 70b1b3e4c2d264b61577673739989d11 |
| SHA1 | 3b33a18a8f079360887fc313b49dabe3f3070706 |
| SHA256 | 571c6d5beb04ee3948d41cf26e2ac161bf4633777cf3cec9afe63ccbf46f84d3 |
| SHA512 | f0341886be49d21dbc418e6e8bfabed2b4b6132c39bc3d6bab41bce50c5a125d6f610693d6486bee0cf28e98fc60330f43a408fc601eef93cccde04157f8db1f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 728c5724c93721c743fe4df30f5aa3b9 |
| SHA1 | a132b4f5452d7e77deb6f84df438e3944aeccaba |
| SHA256 | 7378fb3b92d894027edc113a1e20443f5282050bf9d3886b539afd17c2d8690b |
| SHA512 | a8881e754e06226f9634d34cc91a435b291e777b33ec1237594c582269c103cd3f2683b78b4b1033c7b8bfc1d2cba1211bc0d374254a70b65dc10bc28df78cf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | b212a798db3b717b02ca67e3ca5c0bef |
| SHA1 | 8f664bbee4804fedcc4293b697aa191b1f9a166e |
| SHA256 | f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac |
| SHA512 | 8c3e14a372bbbd1eb59ec1b0e82249cbebb6db1d9e75f6aff2e51dbd1bdefc44aef96cc98259c7a33a762465fc8b409baadac993f1c69c60013f7c75a5ce488a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 411e82c296fab174f8a98baf245681fa |
| SHA1 | bc0118c3662791a0461f3f3e8c979d7b8923c5e2 |
| SHA256 | 5b151ae6d9f74016f722076dbfe8e67d418f310c41010706348ac0d43655e1da |
| SHA512 | be1a1685dd5c1d1ddc80812df1a571f0fd2df028116811d7d7a501f9b8d3896719e2d6e93bf4166e73c5d3dfbf902713a19e2f781434d554bbce093e554615f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7e4a80693bfade40557a40310ad2ad32 |
| SHA1 | 38bb45d68e2a7ee7424e086c6d138993c144b9ab |
| SHA256 | 1b82312858eff8c32c157438a5ecbfd3cbed44b9af8dea83baa3795359ba2f7f |
| SHA512 | 39b45165b518449803cdcac1b6c5326109ad5d36ab600cddaec297a23ef5c11bb2ce48dcdd5af6ddb1c7f757d465e5a56867005ca7d68c56d24e27c24d0791d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 799d9bca94a95f4f6392a26b3e63e228 |
| SHA1 | 40f14b045c959e7dc3dfa923e1cc5b5ec7bf11dd |
| SHA256 | d0995b47f4ae85c8f5c453983db12e2c430ce9c6c6f96431b9281193d3932314 |
| SHA512 | 41512bd0164ff8e15f80d17d6e54b36faff4b4d782d9bb14b890e9e55be1fea90cd7f0b116afd19df82c92a91a7f125de723ead7b57ece79ccce63a6c5d72de5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9a7f16cb0165b5f19aff282fb1a44299 |
| SHA1 | 6c92082fd32032359a29cac86014a390a29a0a1c |
| SHA256 | 2cade0180e41d1538ba960f44a0698cb91506185f68c2379de05f82f2132c8ba |
| SHA512 | 7d9b192868748a1f75aadd2634a88d73bd272f0a9a027c0cd0f3264dd473babe557416b2e00deb90b53f2b588d7c14bfe7decf8f6a3db6cb7fa34a6009f92e7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ca7f.TMP
| MD5 | 164756e8ad4cb2571493dc684c3622dc |
| SHA1 | 4458834e660b6b3778665049c9dccef8fe244fcf |
| SHA256 | 5acda74429c8b10a710f48a958a2bff2c2cbcb60961f03b7e34f74d605126b1f |
| SHA512 | 6c34207e6639f5a6d0a3ad50fc3b8a8621385bd4ce2a3f177b2dfc2763f25311fba8e97e4914a70e1a1a695bdb5e40c1ec2860975e317a84c33a060c288fe6c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0ede94b3cc7a5abd222c629f6a7897d1 |
| SHA1 | 620e6b2e6568083f83718e39602f60ceca12f860 |
| SHA256 | 8adcfb675b7ec1b60262723df2b58e6d6b26ae06d1fb36256c529bce2eb9041f |
| SHA512 | 3e9b83be3325083c469e607ae311b7ae8eadefe7201fc875a122ed5e7419af3553cde2101fb57fa57d163dad05c3bc84152541d9adc0323f89b68de319ba9ed6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 645cc4af291a6ea0538f18dd1d503757 |
| SHA1 | 4246cd841852cae1872d1baf69a6e661f09baaab |
| SHA256 | caad2ffe7e931c2106ce38a0681988eac0f891b1d742f0d8affffed112b05f6d |
| SHA512 | 6ca29965a95e945cf7eabb62560b90a28ff83720fe51443d6c4f550ab02758c4c54a75817e07ea1e05194b05e2898120d12877aa68032dfa18a886dc20ca949e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1e0fdcb7b785465a0a1664b41f48bcb2 |
| SHA1 | a6cb63618b8b4d0504f06adc47861fe88f1993c3 |
| SHA256 | 3c9fe41ed291176559354d8256ead1c7f27f53e308cc9d5132965c91af301fb1 |
| SHA512 | 9a3d1f3c1cdbe170fb80550b89cd2134f8a6a6367d417d111578c9f428447109a6b4bfd8bd18fcea0369a4e4fd8ee48a0113ae48c4b70a57ca257e3ebceb6f25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | adab3955bef3a6735fc4c0ff187ab8ba |
| SHA1 | 2d2dfa147cf20fff40ba4a644e5bbe743f4e8ec3 |
| SHA256 | c64d5bc81342f3bcf4ee1888429aa676e97794efc768909a3c4ed889a666fe09 |
| SHA512 | 461845e43dffabf59189d6d6c33674357f02341953f06532e97bdd378a5a68094d27df56381520af644d6e1626e8e2696be7f50fa5304bea9d36a807f7983e92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 515d8f3bbea18e41dd3449913232e4bd |
| SHA1 | bccfc67a0a3cfe52b76fd49237b34025b1a02c25 |
| SHA256 | f013ec50cbfe5a72177ae61e084956ca2099e84b45e2de647d842765da01a307 |
| SHA512 | 63e427c5744753970fd8d24212f3ab795d6d11395a3a44ec01b9ea043d9f18cdd61ac20f7295e89254a90e2a9efb0f6f135fe81922b4b588ae1a8a74067a2ef2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cf8616df1ece994b85d40dbd83d0bae3 |
| SHA1 | e71c30b3e310eaf0ba1c450b582a49b9cf2f7968 |
| SHA256 | bc90ab9627327021b2020d456e6c81efc7fc45aba0738b34f5f330821defb383 |
| SHA512 | 33a9374b79b339b9dfbb372e237c99e2ff3b6eaaf48d431406cc563dfa70914b10c3b11a072959271bc151c7da2aee2634dfb197e9b9d1873531c492fa03f44b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e2bf2db4b0a8426f31dd5c86885fa878 |
| SHA1 | 148d879d2e3b01fa23eee192cc093d7e9ce0e50c |
| SHA256 | bba13c87be608e061981d3edde1c4ec1b588e9aff12dafe6fd1dcd3dc7c590da |
| SHA512 | 18651a5bc598fb7127fec206f59c55c3ddd5e69c04382e9c4599cd6d352f5c7df7c7d300b9d5d3d54b8f30cb3212ab3c4a4c5bf614da1559435cbf91ad3075f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f4e87e4ab8fa855fc12423e3e93c068c |
| SHA1 | f2302503f44e1132f06b31de1add9e0c78c76874 |
| SHA256 | dd0847d355b8f135bebb62e1763481acf6e47ce5ea34a2117c4c6b906927166c |
| SHA512 | a00aacc6922fb09f58ca08700e29115187a73c3896980374fdae9d6f088649da97ae0d31c90dad6c0e5a03cbd9a7ff1ef5190296108873ec138f4bffc8be840e |