Analysis
-
max time kernel
147s -
max time network
137s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
22-05-2024 20:47
General
-
Target
Screenshot_15-5-2024_204542_www.youtube.com.jpg
-
Size
132KB
-
MD5
43f73fe6d57801b64f5c13b84eaaa44f
-
SHA1
a5e00dfdfae7e9ac08b2a2d552805b5b51eee21a
-
SHA256
45e06dd5d9df8ceab65653a33296f81e97805a58f922bf77cd0055b2d4e166c2
-
SHA512
8dd044cdbe895f1997d193d72591435df92cac7ab5e6ae128ad316d088647ed7c68b7924177d9a5154d2e92017d3d9288a21f1cc635460847a03c71e34fdd8ad
-
SSDEEP
3072:yRkpj6Hsmk2W8QG6G/KgvKancwVmBs9KcsC0BTt:yCl6MmXW3eygSancTBJtFt
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies data under HKEY_USERS 2 IoCs
-
Modifies registry class 57 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
-
Suspicious use of FindShellTrayWindow 29 IoCs
-
Suspicious use of SendNotifyMessage 27 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\Screenshot_15-5-2024_204542_www.youtube.com.jpg1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3684,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=2668 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\CompleteReset.svg1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --field-trial-handle=4356,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=1428 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --field-trial-handle=4120,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=4472 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --field-trial-handle=5252,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5316,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5288 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5352,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5372 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=5268,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5980 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6224,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6236 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6356,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6384 /prefetch:81⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4c4 0x4f81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=6092,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5472 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --field-trial-handle=3832,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5124 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5008,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6604 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6412,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=5436 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=5280,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6700 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=5908,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6024 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5004,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6852 /prefetch:81⤵
- Modifies registry class
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --field-trial-handle=6788,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6496 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=6508,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6828 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --field-trial-handle=5172,i,14648456027158448592,4956305794400220180,262144 --variations-seed-version --mojo-platform-channel-handle=6876 /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=124.0.6367.118 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=124.0.2478.80 --initial-client-data=0x238,0x23c,0x240,0x234,0x25c,0x7ffc370eceb8,0x7ffc370ecec4,0x7ffc370eced02⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3068,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=3048 /prefetch:22⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1856,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=3448 /prefetch:32⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=3616 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4380,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4404 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4380,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4404 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4872,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4920 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=4876,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=5152 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=5444,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=5488 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --no-appcompat-clear --field-trial-handle=5408,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5448,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=5904 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5936,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=5824 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --enable-dinosaur-easter-egg-alt-images --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5928,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=6240 /prefetch:12⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=560,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=3304 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4400,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4916 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6212,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4432 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --field-trial-handle=1000,i,3846629228553955534,14997163357297146564,262144 --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:82⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\elevation_service.exe"C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.80\elevation_service.exe"1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\CompleteReset.svg1⤵
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe"1⤵
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datFilesize
280B
MD5a61f409bd6cab61ae0c2a40f1a982dd2
SHA17607bc7d99fd7ad40ce899ccac28ea01a2e57d6b
SHA256463ca8adb2031923b14500962b0df8012da0ae1c571c7f0841254afa63c25e2d
SHA5128fe8c8122a886ff0a2c163b79554a5e064f54ed1a10961ebec5a329ea71c3bdaa882a48695bd4a6dbceb0443fe73cc504aefda5e061bc5facc8f87a79862de64
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.jsonFilesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending ReportsFilesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch DictionariesFilesize
40B
MD520d4b8fa017a12a108c87f540836e250
SHA11ac617fac131262b6d3ce1f52f5907e31d5f6f00
SHA2566028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d
SHA512507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurityFilesize
1KB
MD5e645027d5d957727b6ee7863ef2db1f1
SHA1e16f2eb18077e6c8ac8ff7ddad7dcdc2ab1e8c78
SHA25693d68450316ac47bbf1c3c6f5506e034dce18781de500c15c72c3ab26920fbd7
SHA5127bcfb83629aa037963de0cc73ba86e47b82e70b26fed784e615150e8b4f46918800770c86ccb3c774ba245e2345956e037df94b5b139f34f84c5bf51140e0718
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferencesFilesize
12KB
MD502bfa5c6f92124427b51179c9d181643
SHA166c10f61a8315753d807b912e6f02697f98a5578
SHA25697705d67176162a396588632ddaa399f2a897fe79e53b5e91822229f1cb60505
SHA5127f5dce586253a8d7b26d1228f31517238bbf98586ee7cc6d7faed30e1eb333132dc78f0bbaeb56082ab88bc89e98df80c16dfc5259668fd2ff079eca44445bbf
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure PreferencesFilesize
30KB
MD596e2cc16368fa160b5096c3df6ad5acf
SHA1a5eb3eeb9c00d0612d584f4b39a84194c226c45e
SHA2569f9e75b5f8a4735df9041cec84b07d374d6357ade3c6404e136cc2175570dd3d
SHA5122aaacebb2bdfb6d9e3e75f46d22eb9c936e727e16cb5f1afd96a1ec7b72c3a0c6184058bd49d45e2d02e1b647c9d3974cf4cfa1b9c2102a1d8efe41f32df28f2
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
82KB
MD5c25f66379612a9b77f98774fe696c090
SHA173ea62dc5db219ff43502fc8a9f268e05130efe6
SHA256e8551dbc965515a486844c0417b3fd6f38b581f61a538121c1a276d62e1ff0dd
SHA512fd95f9f3db40be62a7b0b402cf1dc9c520f6730d63585324fa5bb22f48596ba61cbfd99a03289067f1950d7fdb98a3fd47ad2c2aa1ce7872344e526a849ffc38
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
82KB
MD51a3c36f2a09a2639e92d3f849171383b
SHA1b2377b7972c0fbe5b1cb0d3097632a8f203da9fd
SHA2568b2672bfcda97021d296c4164bc08c11b981bd8cb63e0fdb0b5d450c5f16e247
SHA512edf066f49d7a1536c52dbe650a18413001e2146c0f4264e12921359fc7e7b68ef78b8138ecd0eeb71c2312349d298e061495f700560f25032baa7eae08702e35
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local StateFilesize
82KB
MD5d6de7bd260ae5b983deb07772b533559
SHA104fcd0f22ce83a64dcb4551aa9bae494ce9ef5bb
SHA256f6ce5bb8420c158f8040a26736b6a743aeb8df91eeb9185acd28260509b22fce
SHA512cb7521c0644782536f4c6031b2b4957b1e8648be3df2a8e06e9f36a033fe803af1cf6666354897a065799080e1eab263f7465d5241f9fe215e2e648310ece44b
-
\??\pipe\crashpad_3792_VRJJOVWWKZWLDDGTMD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
-
memory/1152-118-0x00007FF7B8750000-0x00007FF7B8848000-memory.dmpFilesize
992KB
-
memory/1152-119-0x00007FFC4FC40000-0x00007FFC4FC74000-memory.dmpFilesize
208KB
-
memory/1152-120-0x00007FFC3CF70000-0x00007FFC3D226000-memory.dmpFilesize
2.7MB
-
memory/1152-121-0x00007FFC3BEC0000-0x00007FFC3CF70000-memory.dmpFilesize
16.7MB