Analysis Overview
SHA256
888c6795013781aedce5d8de7225fcd9950dc9d22dd7dd0f347945e70a9a8d2e
Threat Level: Shows suspicious behavior
The file Elsify Universal by FrostChanger.de.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
.NET Reactor proctector
Legitimate hosting services abused for malware hosting/C2
Enumerates physical storage devices
Unsigned PE
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-25 01:10
Signatures
.NET Reactor proctector
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-25 01:10
Reported
2024-05-25 01:13
Platform
win11-20240508-en
Max time kernel
148s
Max time network
149s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3107365284-1576850094-161165143-1000\{242B6EC7-A7F0-4E80-8C37-3E1DD020F6D0} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Elsify Universal by FrostChanger.de.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Elsify Universal by FrostChanger.de.exe
"C:\Users\Admin\AppData\Local\Temp\Elsify Universal by FrostChanger.de.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.com/api/oauth2/authorize?client_id=1226873004508708906&redirect_uri=http%3A%2F%2Flocalhost%3A5001%2F&response_type=code&scope=identify%20guilds.join
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd9c973cb8,0x7ffd9c973cc8,0x7ffd9c973cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1824 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2560 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4544 /prefetch:1
C:\Windows\SYSTEM32\cmd.exe
"cmd.exe" /C start https://bstlar.com/A/leanswapperkey
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://bstlar.com/A/leanswapperkey
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd9c973cb8,0x7ffd9c973cc8,0x7ffd9c973cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2480 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C0 0x00000000000004E4
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1728,8761660761009932803,12535933569041307175,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5480 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| US | 8.8.8.8:53 | valorant-api.com | udp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.68.67.172.in-addr.arpa | udp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 172.67.68.191:443 | media.valorant-api.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| DE | 62.171.135.90:3017 | 62.171.135.90 | tcp |
| N/A | 127.0.0.1:5001 | tcp | |
| N/A | 127.0.0.1:5001 | tcp | |
| N/A | 127.0.0.1:5001 | tcp | |
| N/A | 127.0.0.1:5001 | tcp | |
| US | 104.26.8.199:443 | bstlar.com | tcp |
| US | 104.26.8.199:443 | bstlar.com | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| FR | 18.161.94.57:443 | d2izcn32j62dtp.cloudfront.net | tcp |
| US | 8.8.8.8:53 | mentxviewsinterf.info | udp |
| GB | 143.204.176.76:443 | getrunkhomuto.info | tcp |
| GB | 18.244.140.79:443 | ghabovethec.info | tcp |
| US | 104.21.73.121:443 | dedfearinglestp.info | tcp |
| GB | 216.137.44.25:443 | mentxviewsinterf.info | tcp |
| US | 104.21.73.121:443 | dedfearinglestp.info | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 172.67.220.203:443 | pogothere.xyz | tcp |
| US | 172.67.220.203:443 | pogothere.xyz | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| BE | 74.125.206.84:443 | accounts.google.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 163.70.151.174:443 | www.instagram.com | tcp |
| BE | 74.125.206.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 121.73.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.220.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.44.137.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.151.70.163.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | consent.youtube.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 216.58.212.241:443 | csp.withgoogle.com | tcp |
| GB | 216.58.212.241:443 | csp.withgoogle.com | tcp |
| GB | 216.58.212.241:443 | csp.withgoogle.com | udp |
| GB | 18.245.187.92:443 | osfultrbriolenai.info | tcp |
| GB | 18.245.187.92:443 | osfultrbriolenai.info | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | consent.youtube.com | udp |
| GB | 142.250.187.214:443 | i.ytimg.com | tcp |
| BE | 74.125.206.84:443 | accounts.google.com | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.225:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.179.225:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.179.225:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | tcp |
| GB | 142.250.187.214:443 | i.ytimg.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 74.125.105.39:443 | rr2---sn-aigl6nsd.googlevideo.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 163.70.151.174:443 | www.instagram.com | tcp |
| GB | 163.70.151.174:443 | www.instagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.63:443 | static.cdninstagram.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| DE | 18.196.89.56:443 | searchr.lattor.com | tcp |
| DE | 18.196.89.56:443 | searchr.lattor.com | tcp |
| DE | 18.196.89.56:443 | searchr.lattor.com | tcp |
| US | 141.193.213.11:443 | freshcardio.com | tcp |
| US | 141.193.213.11:443 | freshcardio.com | tcp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| US | 67.227.229.160:443 | s3.3bluemedia.com | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | tcp |
| FR | 3.160.179.199:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| US | 152.199.21.70:443 | e3.adpushup.com | tcp |
| DE | 91.228.74.200:443 | pixel.quantserve.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| FR | 52.222.144.115:443 | rules.quantcount.com | tcp |
| US | 152.199.21.175:443 | campaign.adpushup.com | tcp |
| US | 152.199.21.175:443 | campaign.adpushup.com | tcp |
| FR | 18.161.97.109:443 | config.aps.amazon-adsystem.com | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.53.174.156:443 | secure.cdn.fastclick.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| FR | 54.230.112.50:443 | tags.crwdcntrl.net | tcp |
| US | 151.101.1.44:443 | pips.taboola.com | tcp |
| FR | 52.85.3.232:443 | aax.amazon-adsystem.com | tcp |
| US | 172.67.23.234:443 | a.ad.gt | tcp |
| IE | 52.48.217.227:443 | bcp.crwdcntrl.net | tcp |
| US | 52.36.94.1:443 | prod.tahoe-analytics.publishers.advertising.a2z.com | tcp |
| GB | 172.217.169.65:443 | 9fbbb18fa652644a1923d061e80d48d4.safeframe.googlesyndication.com | tcp |
| NL | 141.226.228.48:443 | trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | trc-events.taboola.com | tcp |
| NL | 141.226.228.48:443 | trc-events.taboola.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.112.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.3.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.217.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.94.36.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | cdn.ampproject.org | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| FR | 185.235.86.105:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.234:443 | gem.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 141.226.224.32:443 | cds.taboola.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.212.241:443 | csp.withgoogle.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c1c7e2f451eb3836d23007799bc21d5f |
| SHA1 | 11a25f6055210aa7f99d77346b0d4f1dc123ce79 |
| SHA256 | 429a870d582c77c8a661c8cc3f4afa424ed5faf64ce722f51a6a74f66b21c800 |
| SHA512 | 2ca40bbbe76488dff4b10cca78a81ecf2e97d75cd65f301da4414d93e08e33f231171d455b0dbf012b2d4735428e835bf3631f678f0ab203383e315da2d23a34 |
\??\pipe\LOCAL\crashpad_4804_RVLBBHSTREOGNWMR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6876cbd342d4d6b236f44f52c50f780f |
| SHA1 | a215cf6a499bfb67a3266d211844ec4c82128d83 |
| SHA256 | ca5a6320d94ee74db11e55893a42a52c56c8f067cba35594d507b593d993451e |
| SHA512 | dff3675753b6b733ffa2da73d28a250a52ab29620935960673d77fe2f90d37a273c8c6afdf87db959bdb49f31b69b41f7aa4febac5bbdd43a9706a4dd9705039 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 933e80c9fedef09164625c50c4048e58 |
| SHA1 | 2ad99bd27ff5aa5c43e2301d321b443445a8bd5f |
| SHA256 | 4ee7a2f2a08da7f84095cdb35918eb118a72d780e1372820633722fbb42f47ce |
| SHA512 | 8fb3e6241da12f5b504152a4857b4b7f484c58d034fcd7201b868ff5800b8e7f405afee56d7c839dd5d3466c9095449f6f4c296bb456d975cc0ea93abc002e1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ed2ca036be52dab97243844f2fc40e0c |
| SHA1 | 7be8cf159d0f5911aade86865a17d198cd71dae0 |
| SHA256 | 0a1c15969fe0ab34d230bc89d47801a46b69379c2fa0d1569b57a495d5a55cc4 |
| SHA512 | 452d667bd2c0daed7939c2a3288cad2864bde1782304b22231506c62591a062fb0a560a6c7c04f40c394f45df2b5ec1da656f4e1c2f0d7b6b78b2f651195225b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7020dddffd0a7fd606ca7f674052325a |
| SHA1 | ee62654371f8f38e17176b7eb838c8c167ad94f9 |
| SHA256 | fb6a496765f4f491cb06f9c0a4d8aae4713a8c3a675756cd37152cd75571ab6a |
| SHA512 | 0d3cd510471ad478d4bfd75f16efcffcd33e5f3f31aeacb09c54d47c183e4852cdc365d38b32f46f89a9a04dd28cbe84cbaee3ef693cfea32fa1e1157665dd79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4c97fb2fcef68c081071e8925ce852c6 |
| SHA1 | edd9d22b7622a22e88fa6a62fd3a4865448f8061 |
| SHA256 | 6757d74cc1887cc1fed2c410886977f90a8a99eb509d8e55c43fb523bf331c70 |
| SHA512 | ebe29b4cfd41f2b6a0565365565d7a86f5b3ad161fb2c1fca09e0d629abe31c5a188b2fae3c8cf195881b805976cd9d584ee3b21f777d4470558eaa60cbac823 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d51cf82de87717296d31a050f11ede5 |
| SHA1 | d64f1e45ea19a5caeb07a2eb138a3a10927a9a0f |
| SHA256 | beab5a16842c5a56fd4c87d3b8f70f4310439606e304cfa04f8a6c8ada337522 |
| SHA512 | 38d514eadd71a331d671d119c08eeecca688862229beb7367130dc8a389eec83dc3d1c1c5f0f34590c31f874e43d1aeb4d2fee368105322ef3298df6db50b450 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dfebc62d3319aa0bfe35b0f6d066740e |
| SHA1 | a3bbf4d43eb80469d7cac4ceb6dd4a3547eb460a |
| SHA256 | 6ad28391a68ce39fd0e38a108d052e19e635c0637242c038a2e5db6b29aeb6c5 |
| SHA512 | 425ede2e2c758418e083871fc81751f916f91888f1a961c18585c7d2a0da58d21e3b659710f41fbd0e92e20a308e5a7e086d68b350b3dd52a1e2df470005cadf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5047260abbadd4938841bfc854acc923 |
| SHA1 | 69f2a697c9bf3365c80b4f27b77966b69205457d |
| SHA256 | b794bbcb47e064cac5f9d9f597d9400df4d6f7cee125e9acdeaa79d96b7e979e |
| SHA512 | 1b69788c2c08096f2baa57e68ed69732f893dd90ff21f92bffcb4730aed1e92d14ec56c11ddb352c4c6cadcaaa64696b86f0206e9719944fa567438e404225d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57fb96.TMP
| MD5 | acfeb290a1583a318f103e12136d5d9e |
| SHA1 | 6086f3d2444e55952cf63a0bfd5d495aaad609ce |
| SHA256 | 8cdd5e0f81fb42e8a01792232a1be5670be1db5e4cd635e71e1a793737ef6c82 |
| SHA512 | 3779f11134fd2bd567135358029d647b535cc4791e34c57484befc1b380a751d49d3b94b31e8961c6d1d03d7c36d90f8a9786dd1a39750323f31f3db9e143b78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d16a955c7faf43167005cb77dafb347 |
| SHA1 | 84919d8a9743f530c3e7273da5d39e7d394a916c |
| SHA256 | 56b99ba1ad20dcbb57536be57c3a18f187b879af949ded78689bb476c255e6d1 |
| SHA512 | e767e86439de9adc629878ae10b8ee374b54c41ccf9d420517fdf30b2878ae7efcfb4b026a24a8a9932cf20dd8a5c18cdc120261c04679de2b7caa8945b927cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 08dc95453a6a9b6f625670ba7017c725 |
| SHA1 | 4e28d45de60077808ed107127d356fb633c6ee39 |
| SHA256 | 1cf295e5fb3969fc71603edfc489efda5bcbc9b833d92422cc64a7e13016a84d |
| SHA512 | 47e558e24502b0ed5cbc379c7f914fe9006c2bff48b8567dd745c97d02d49e8525d7fc487a410b095d1c572dfff1defcd4a17efbcc55f3c4de9f4394d0bc1f4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e709f91d63252a9a7ac5fdcae597d76a |
| SHA1 | 9c181fdca346ee57de6e7005e9d79293ae94cffb |
| SHA256 | 164c2f51b993590497f938083772575092e0ef40459e8955e348bede6440f62a |
| SHA512 | 884d8683edab0bca00e2624095549bc1eacdc4ee54e22d83a91d2ef8b18fe2a6dbefa211a07d392d9657c76461f1cd08db653b01173fa844ad59f6f1be4c70c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2955b1347c9640d80d99835a05809935 |
| SHA1 | ee99f263740bdc44a2c5f63364b3f9b940ee457b |
| SHA256 | 747f5b5602aa91342f27e017a62911bc466a009c39771ba1c0477b2731cd71c3 |
| SHA512 | 1846927658c5762f43a3e15648f2daf21794193d0d7f4ce19740012d5e47e3c7f95245b169a75eae15d5bd9078d5828f7ccc6bbb28255c0e4fa5eee80d559491 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 01859503545dff348bba4537e154d987 |
| SHA1 | 04338aceb516bd97ec803c1a9077f9933fc4f061 |
| SHA256 | 741530e6f649144333b2bd8dfea48cc74fb97d2726367fb80a33de05677f1257 |
| SHA512 | e7dc8e024cfac45070371f168d00be8740378a70cf9566054961a055da4ea21fab07b6e745729e90f33477d3a25e6f4a06a524c36949c8d30c13eedf410e415f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e24aaf2c84a9d48b157781d53e0d134c |
| SHA1 | ddd46eab17595c2fc26f9e5f9501d67e563c7ee6 |
| SHA256 | 1205ecb731c0a07ce62ae464d70528decedef908389d38fcd628923fa4614c08 |
| SHA512 | c9c1ed39e7231b10728d6c15f183ec911078d8db27d1ee2a6be3f6c1844c1ed1d34e9a8c9c2966c5a75dcf50fea1e1a007a05169d4e8324ca08cb06687f70f63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 329aeacfd4685718ba6b1841c4a9c3e1 |
| SHA1 | 5a9662a86abe535bca76026b9526bb35f56fc984 |
| SHA256 | 7671fbd1e9e29075addfc096d044180282d39c4849167e1663d4d336940b62db |
| SHA512 | e607aa72d702eb5d0a6a6ba36f0d8f32d48fb914cd0df6efc99c3ac526bc18951982f642d7aed5f2aabd51fb5ea16f06065843f9c716cdec954cd5f0d48fac43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6970a9d2b307e8a349fd507b4c96e063 |
| SHA1 | 86da1c31fd3af64bd0a913f04966c12f04e7ed81 |
| SHA256 | eb6c9c0812d1ea7d17b101c29a692a68fabf7b376544209af732f54bdf807723 |
| SHA512 | 7d0e2c7f46e3a96900f47888929f3c8f4fbbe63534d17200bd0763440d45f2c50085ebc40fb4852724c92932a81c2849e09c7cd92a53e64d2f22303e9853bb62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 73305382072ef802e7d298479eb6e967 |
| SHA1 | a24e7bc67eb97c3fd2313e370bff443342c87481 |
| SHA256 | 00f1ccc643ee471956b9f9475915de7e5a346d018b6fa7cbe5f767f3ebfa177d |
| SHA512 | c52f730e2a05c6027a57cc65a0c2d0792797326cc7130841b7e830c4196257643ea673768d73aa3579f3bf50f38b7c35392616d49abb75a261886ef97c76258e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 596ea6f4e25e9655ba0c3d8dfcf6e982 |
| SHA1 | 603e3c65946f94597ee557a28c504da256d8af70 |
| SHA256 | f261a7d88e9232a722ff2c61f794da33370389d1a65012e962cb704b672545ff |
| SHA512 | d9cab805cc12ee612475f634b67ac80df73cebb2e3db46f93b79392771677702d3c948d703d79beae10782e8e0afb71cfa1f5dc7a28f36ecc837e9c6496b58c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f9d2f83289f1c768e1488b5945facaa7 |
| SHA1 | 0c2b26bcb6ec37963cfd8258adef3ac060a64ea2 |
| SHA256 | c88741f375fc4aa88aa99cc9d85817dd7a2491efdf6cc0f3497cd77504c4ae58 |
| SHA512 | 55f5b771c083fce5e11533646536b6997fd6ce8d01613206ed826e037f79aa06fb7a4270bfbfd1e96f0632d973cdf2dd015026c3c3b994f13c20ce9ac66b1f42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c48b25d57ccc3db08db4f36d38341c23 |
| SHA1 | b6cbc5fa24459665959e2f54e0c8dff74ef8d481 |
| SHA256 | feb516b392673e3e9645f32795e47d0f50a7000bba373077f2674f2aaeb98878 |
| SHA512 | d9f2cd46a929961bdd881fb1178dd62c7a0ca98226b222c98f5a53f30f24f116eec8ca0688e208f640ed234ebc2311df66d0c120b4ff86467bd0e1964e497b1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0df7f8222bf9708aa7c0c39d61a48261 |
| SHA1 | f27a41ba540f9b661756551bf6bc712a5aaeded0 |
| SHA256 | 6131ab1f455a2fd44ab0c554b2b02a965dec01a429abaeaa8b8ba6696105df3a |
| SHA512 | b153413572b6243e06d5e6a6d695a30406650052771c6de552ff2f8cec8c9984f6add538efc4995b13679ad2dd4900415eef3c05d4761ddd386d68039b789cfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d726a669e7d6d0dcac310cfcea017fa9 |
| SHA1 | 4c5117ccbcf0d9e912449c7e653b2634b721cdbd |
| SHA256 | efda17995f7e8cddc86f16a0534b672b76fc1fadd8b0cc315422d40241a84d90 |
| SHA512 | 5e8db786d53b8923670bb01afa3bd20cba3845ab6bd0340b8ec52352a98c535c567ed7e9d1d90ca4d8290a9f5300c9344220bf75df1e409902c20958ef8d9b16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe595ccc.TMP
| MD5 | 8ad49e2c5c95574e167d3d0c2741dfe9 |
| SHA1 | ee4c7be1d1fdafb3b0c881112d77d51116dd53c1 |
| SHA256 | 83f61fceb1ca8fb7fee3cf31549e43df2c319ef74d87551f42d717454ca821ce |
| SHA512 | dc7c3b9fa0113fc5e0ebfeae52d39568860f586528a56ea8c93bc378d0e197d48394403ee4e567856bedb6eed27526f266bbaa9ba56aecf70625392257cceb46 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 1a4ed7e6abbd0bdbe515c5a9a5095ac9 |
| SHA1 | eaadefea3a05f15a48b2f72aecbac4b9ab3307d9 |
| SHA256 | ecee9301816e58ef438be402826dbc9a5231c5467b182622b75364a004483871 |
| SHA512 | bd9f8e258eabbb2b94fbb4cb08385f9021d1d2e773f9e5ef0ed4c5c59ed8e3404f495a42de20c19040e41d3e531ae7db732832beb5b26d4480cb6f0b0939ac66 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 16a6374c3f724172104848737d339936 |
| SHA1 | ea59921280ae14ceb6c20dfe46e5e10b5b7e282d |
| SHA256 | a4d76c7a45e68cd7ddb9eddca8141a9c02c2d5ed92327724c5f8b3d19068a9e8 |
| SHA512 | 7ea8fecd6a609b420ab2551a6a476d0e06fd05265705fe8c4976ad40527184626609e193d328e73f92a1ae71a7325a152c5b29ec051d4af720172dfb97801e35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f1e903d3-c49b-4b28-9597-c19dbf214636\index-dir\the-real-index
| MD5 | 12ae01ed11a82d75aca3c0e38b6544f1 |
| SHA1 | 4f77aba82fd9fa68a14dc6284810b84036157f2e |
| SHA256 | 5a917e1432629bd4338e8eb7ab60c4900018c3cf48830257353f96244e99aba0 |
| SHA512 | 4ca2126cf1eba788f8bc1828107fdd43c1d6a05287882be6e61f19766292c1ada04480e46701aa55b60b74a4ac96323c24dd76039ab51b3224ac8f7e9689daeb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\f1e903d3-c49b-4b28-9597-c19dbf214636\index-dir\the-real-index~RFe596874.TMP
| MD5 | b2b8d161cb58f27194edc87d0872a791 |
| SHA1 | c61edae82a52787a90886d46f7362ec3c3d6fccc |
| SHA256 | 70fc797ce80be11380f288460bed07136aee2470f792d33b7552eea25c588db9 |
| SHA512 | 4cfb51b7ed804e73ccb1dd96574090af74736b40f88297400fe8913b45552b3090aed71488109e38a51c37d5b71b93915c422afa3d26abc87d9c6b98ea3e9ec4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e52e632e-e1d6-46f7-8f85-427859a95df9\index-dir\the-real-index
| MD5 | a950c0ce8dc7e3ede15e6bb7cf6fd454 |
| SHA1 | 8c223d7ccdc9f4c34e2c448cfaec075cbb1f2540 |
| SHA256 | 131385fb1cbe822c6fc772b7f6762398c79b8abc9393c2bc96ab2e0ec1df2713 |
| SHA512 | 1c4766acf5169379dbd0b7d391a765773f0c434924d5db8c8505b37ab073fb3c86dec2853147c1f4f3b5ac3671f3b62479d78158e577b9379bef622fc63336a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e52e632e-e1d6-46f7-8f85-427859a95df9\index-dir\the-real-index~RFe59697e.TMP
| MD5 | 37c3dc6dc1a9900dbb750c4af8a69bf9 |
| SHA1 | 7ee302a3f97d7ac2c91646432db21b427e0208e1 |
| SHA256 | e5ffdafb86d1bcb7f719324aa0d579d18726274a18b4c9c8cd1303e353e322d5 |
| SHA512 | 724a5ecfe4dfa68c6ce76b21a599bdcbd7d715e943161e3251ded6559af6d971e8bad40c69ff0139778b4aefe0cf55b93392fdb794bcf3ef60a70d4a866b1e4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7b3a37d6329a780d8302a11db2d5666a |
| SHA1 | 2454fdad78ba8b04ca0663950f5946cf7e03ef3c |
| SHA256 | 53ee01c86aeb5551023ac692f8198f04083e3aae125de18f0fb8e0318efe47cf |
| SHA512 | 4eae4da614a99929c0bdddf5a5a01d772d0e4c1c844a5342dc4e3af1c71a033c3f9795b4879d0ed9987894bf3306d81eb5603d346e06814f75e6766009609a91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3f65c8ab7d241182cc34dd8026de23f6 |
| SHA1 | a8a5d0591da854cd5d8e79eb1a30e244df1277bf |
| SHA256 | 3fa43b4cc75fe606660c7f1f3b189cb3b551b3754b5a5f686bdb1f5801487898 |
| SHA512 | 528b37669343f4b5c8815668277fced2fe9885c81fea90526ace5248189a049b9323cf55ef21d82744f7d2e8af92fb76d14895bac18b0f0c311750e39425d215 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eb1cbf3b2cf54af9b0cb7188ec253515 |
| SHA1 | 59d4dabe36307ecda4f6b6c2959e0748112b92b6 |
| SHA256 | 1e231f2b2006347f966768987e5ffa382c3a7689d5e1340af5c61ed624dc522c |
| SHA512 | 330015e2108f243ce9a1c2c72e85f46dea532415d2b010a2eb9a2b31f819aa5fadfc4fea89dcf203725c28988c1c964cb91a9634962f1fa578c522941f8117bc |