Analysis Overview
SHA256
37203a1b937517674ae7c2d11e3479c43a115d5766c21788cc99c2bfe2722cc1
Threat Level: Likely benign
The file 780f10bf5a5b1bf72effa6bf60d01d65_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-27 05:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-27 05:31
Reported
2024-05-27 05:33
Platform
win7-20240508-en
Max time kernel
117s
Max time network
127s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000022698254d5b711c852970e0b65f745514301b175a89509f35d4f8cc2fb67036000000000e800000000200002000000007329cd6d7e33076207c2c3d51c73ef1d15ef70e0d9f3a95813c7070ce3eb2b190000000e38c1181bee43c52650d6f383a1e2366191fe61ed8631877d7c3a7c7a321ec4f98c8013176ad3d5ae0780080ee1f2bf3fe664feb21ac0971ba00f3bde46bac91e07e598c588e30248b36182932248cb13299b2c945704c24b80a90bf33765575d3b9379ba70cb006949e9533bd940656e57ff78567e0df6c2cc0e14b0ebca5e59f3279dc1b89c32634c6ea94e6e93365400000001846d3b6f32b6b32801f76887236be0495f0a5baa07c672547e0e9317f5983fff379a13a51d1bbf2ae62df7ad6a2528e2afdebcabcc3d6043ff98491d02f710a | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "422949747" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{588EE641-1BEA-11EF-B44D-5A451966104F} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 30b49b2ef7afda01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000587104b0d2f7da409208cf3ae9e77a2300000000020000000000106600000001000020000000ede0b3e83a4ce63b1cebaa2628663c6e737b231ca7010256e31215f8de8db94e000000000e8000000002000020000000010a25aef795217bf5214f3e1b56e606e24598586b65679ea897de9162f722bb20000000f6597fcbba38e954570dabd4605342c4be416246235f853e25dbfbcef01974ca40000000ffc2f50b897cafca70dda8b7984af5ce7b28fef4ac4b2ce91089246e6d31129171cfb413a9a135f4b67003e37c319e505178af2d8df4e4770365a947dca5fb74 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-268080393-3149932598-1824759070-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1712 wrote to memory of 1144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1712 wrote to memory of 1144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1712 wrote to memory of 1144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1712 wrote to memory of 1144 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 8.8.8.8:53 | kit-free.fontawesome.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | secure.aadcdn.microsoftonline-p.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.21.51.18:443 | kit-free.fontawesome.com | tcp |
| US | 104.21.51.18:443 | kit-free.fontawesome.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| FR | 142.250.201.170:443 | ajax.googleapis.com | tcp |
| US | 13.107.246.64:443 | secure.aadcdn.microsoftonline-p.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| US | 13.107.246.64:443 | secure.aadcdn.microsoftonline-p.com | tcp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| FR | 142.250.201.170:80 | ajax.googleapis.com | tcp |
| FR | 142.250.201.170:443 | ajax.googleapis.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| US | 8.8.8.8:53 | x2.c.lencr.org | udp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| BE | 23.55.97.11:80 | x2.c.lencr.org | tcp |
| US | 13.107.246.64:443 | secure.aadcdn.microsoftonline-p.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Tar236D.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\Local\Temp\Cab236B.tmp
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cc3828c242868fd56f67c8f73f2535bb |
| SHA1 | faee8220936b791a0bb23017cce2cf0c24dd2992 |
| SHA256 | e638b43acda12d232ac4d813536dc5b5b6c285987953dd4f9ac030ac9436e8a6 |
| SHA512 | 7094d2623d90eccad28e7a30c909eb6efd58ab0537ba7d9bfb726b69db9a391e9d3897ecad4ef26627173df2535f6f9c54ef64a457d97e5d1ee6e27cc99ef0bf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 063c9b2116cf8ea7549726e5c08f55c9 |
| SHA1 | 8ab07f202744722936f678a74c7958e8f22d0909 |
| SHA256 | 6c0a78d01b85633b41a2eb67cb108db4567860dcf47379c3350be9fdd380edfa |
| SHA512 | c26c0eec03f6e634b594430fd63f71a81e19b35d935c835525e82cd2abae44bee3228ae793723dd17492f3a72d48a30951c8559aa2de5e881dadc73bb4a47241 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5ce712f72b3f9d6793cdbcec66f0876f |
| SHA1 | 6e6b08f982dbc5e8701d00d55a5e19a3de10c590 |
| SHA256 | 881889a6d7f4959bd25b1b9234a84d4157738eee32658dde966bb998b10add6e |
| SHA512 | f7cea0c6371045dfe9bcc1b2bef10398af42a3db38b399e59277ffdb8c7ffb5e414bca26a9ef6475a93fe902299235a1fdc258aaec14bb28097a1bdcb373fb0b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1d809e6e63ae167708320a7833dcbef9 |
| SHA1 | a66196a7c7241f35778f796829fe750d8de3384b |
| SHA256 | 17495ea2217b8da4923fa162d3d2e7707ecbbd0fa8c3a53de8adc7fb0f317c81 |
| SHA512 | 2acee0e1f9b0ffbb241c37d561d094a834d0ea5f887152604b1cc3010654459f6b707c11013913ebdcd0f643b23c99d03ea57eef294d63ffb30369647f848dc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | 59c19ea4d32947b0b86673c8a44dfb4a |
| SHA1 | 7214a0c2197856a6c9ae2c3972cb285be8441aeb |
| SHA256 | 94eb0f4823371ab6ec5cc67c1784045e9f06f3c2ec3809260d666b85bf71aff7 |
| SHA512 | a5050b79a493dfe7d86a89ecd50b195142dcab9fc8dc687c0037193118b562e9cfec4afd2d9ccfc39f68a42d7da810f6cb868eda08c5cd6eca5c3c3ff9cbd67c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6b281bb7839a2058164794bd56bc5cd2 |
| SHA1 | 67ff01239903dfb6078f1d83ceb8ca5137cebfa3 |
| SHA256 | 650d6b6faf9338aa4275d0d4cc66b15e5f0fe9ba13d99ef46c265536e6a2dff5 |
| SHA512 | 5e51d17dd4db67ef995084ad99bc45ac0747c5e259181254ea78c73f77e667739f0419a32e675ab00a873c4fe54ee1d188a99bc4a2bfc4de4318635d1edec2ad |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | af27c59b7983f3cc32f5590e6398f8a2 |
| SHA1 | 890dc606919c4d9562e1f73b7c08c90538451afa |
| SHA256 | 7155623b9e6dd21e7672c30496be2f46edf4d9796c62c4ffbb9a28b0b9885f23 |
| SHA512 | 3c99bc772555389a254c839ae4274db912ae9d42fcfeffa5788bd6ad32861ca524b53d152402f8b3444db31bc23dc6b286782de85aa615e541827c81bb2d5459 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 09257353552b04bc3e2bb158ec5b9dc7 |
| SHA1 | b7bae3cff2c389e4537ba9c17ebafa0b6a6d90fa |
| SHA256 | 9fc9661ba1a83cb0461a70501d8ae4a3c542a2b826a3c69e7cfc3f988eea8cf3 |
| SHA512 | c0e6193908940db6245784204f04372ed53d8da4a36c02c4c3ad879decfbf487c069b73e22557546ea6b0e2b5ec506509b65a877f29743b2879d1e7343629279 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 63b45eeab366a3fe112cce5597ec0c66 |
| SHA1 | ac29519dc84dccac766cc8a7f46450442455f586 |
| SHA256 | 4291226ae1159cc9ef3d17ac0e89ea312bf6bada17405eff3a5be874adcab929 |
| SHA512 | dd44e84efb5ed68f01a74694dd683c4cce77a5d1384178eee6062bedb2159ac1be3fb7b0c65113a8b779df392618b32ef19d14ac6e76fc6fc0e1fe9b48ff2f3e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | daeecc74e538a1d4193d6a05e6a0e6ba |
| SHA1 | eaac9fcd61b260c4eaba3cceee82d9b9b3869f21 |
| SHA256 | ac2313b1846879e516f42352bb923346742b49d2cfa3c38e82b16f6c017c7285 |
| SHA512 | c6d1f3b0ec0f50c5aea9647de54cfd6927c78727a3793fe809121f0c21e819b46abeb2c2046573a50fb933c2e2282e65e173a87a88e1e680decbd0a315a7d06e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ecfdaa941da80670a909a69cc9953421 |
| SHA1 | 0ce2cfb0b7cbe60e25f11d5c4d6e8965de2f754b |
| SHA256 | 9416c9f54ef940c8e4e6b776069e636fccbcd9b969d812b6a33f99420136788a |
| SHA512 | 14d2d0e8b073c3547f52e92929a3447603e59eea2ef5f7928909584cf30d727a178bbf110cb929e4fcdf891ec64359a4e247db5422e51dc3bed26d1abcda43b4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62456d2f5054cd159fd285562202b61b |
| SHA1 | d6bd416f06d6cbc318adbe72e6a0f017e6357209 |
| SHA256 | fcfc8e788681dded1c23ed9a1cfbaab7ad936d601b2c088a2b2315e4edc4d960 |
| SHA512 | 42fe78ad39dbd2cc1630b496c81fc1eb52515f49e1c0e10fbc4ae90cc8d6cad63baf600133c399331b5def681483c61e2174eeb6c06ff11ba511600c64308f49 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 07d682fa92cf07349b160f0f3fd96433 |
| SHA1 | d987e5a488f027d11f5a7a68d73351f7668a9ee7 |
| SHA256 | eb28595dc9e2714141fc52b19a674d94751ac54280672462093a7497d7310bdd |
| SHA512 | 11217a8c00d7230b8cfd64a84f9c47c52c43fd7ca5808ebf993cda0a18b5881b8e229ef881e6bb6a9411ba5e7be0cb130544fce8e8ae7caf0b8e94da1293b639 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b633e3f59ff93e2a0d3227577b9eceb1 |
| SHA1 | 4f20e5f6147d6be5e9dc7eb1440a1c0bf66dfbf1 |
| SHA256 | 8973f33da903ad7570c96dbefaf6d700472d3e895c2d18c891a83461e71ef265 |
| SHA512 | aceb0d72b0934ba29f22f0ae3d2c73102575c387fbb3897a2b73f4feae67bc28d90925a314a13bc14cc46504196f607e1fea139983531d127e55b7dc8bda4afb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f7a12f3d0249998fc831def9cb137f2f |
| SHA1 | 6b8b4eef0bcb0fd09ba8c3bb094effb9ee765a49 |
| SHA256 | 54631bc960d2dd7b640cdc9cae594651696327362f29ace4cc523d0f36bf9ec3 |
| SHA512 | 19b8010b3ac4c145dce4388e3be4cc3db6ab69057767f0edc8b57cd5225f6e285b6161975d81b5367500aff98cffec5032c31f960db835e60513466e5d8e0be8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62e069ea18f776de84eef2a8666dda79 |
| SHA1 | 35d04112c02b5299bf86f8efc782ff49c708d86e |
| SHA256 | b06435087475eaf3a825866ac905141dff9d256f839ace09fd0c6d91c0ec95d8 |
| SHA512 | ba8a303fda289b112a97c8982ea28f40246b484a858e835edabb8a30b74170dba4388ba4cb13c1275d0d1fa67107008387542fdb8ed4ee44a85632df23cb050e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8f0883a5993f347f75c6b03948b5d067 |
| SHA1 | cdb201e347000151a69660d8d45eb7e799dc659d |
| SHA256 | 872a711d40fad753c55a47e9cf253a903b20b7cd11de3503e1a3193a215f2c33 |
| SHA512 | d15880897a9b067b3c11095724faf22060e70ab92d20493ea6d26c58285afaec2280a5c85626d072ea638280b2d2569ff4ee762d49034cffc565c5f8c58cee8c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 57a0c56044078ba8dc508e23e05dace5 |
| SHA1 | f43d09c90cec836c3899495200a2531ae433ced6 |
| SHA256 | 4a3d3bc0434358e75f506470b670f8e911b5d119a99a494d2c0eecd42f271bfc |
| SHA512 | 90b1ee2bcdd8c059cda30fa5ece3f2f273a65381f92b7d21e866d87bee1d095b826ee6015eb4e9abd46306fe9fc0991ceb6f9e5aa5606359d271cd41a62bbee6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fadb5977364412c963cdbdae91da8f01 |
| SHA1 | ac2eeecf8c83ef454beb68adcbd0a807381bc852 |
| SHA256 | fa27b20f54dbf42a3a9b0c1241329ff4f0a48278f7476d1b50d05c3a439a37f5 |
| SHA512 | aaa2b95dfecb20eee354e0ddfd42d6afc4fb8cfcbc3247565bcc5cf0d3b5de0fe74d5a679e34f20fbb5182e7d62fb0bed58d905f6e2cc31a2f90e8d2cf28b46a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2bcaa37846c48c94fa795b92f53cd19d |
| SHA1 | 2c855d1b6854e305acb0ca6896514d5fa020a19d |
| SHA256 | 9b84a598ace9c16a1ddb6299ae3d8ebfc675821280daa83e1ea6fb1fbfb2bf15 |
| SHA512 | 7563acb0e7ea1d340778c72e03b19cfae27601d1b8efd68c0b25a7b2ca7cf95262485417be7d6270f854bb6b81d88e8ddc3eab90549e2f0dd703b2124f56dc85 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 986cfe7b6527961938e32a69305ce3a7 |
| SHA1 | 9668178c62883345a2bac80e2db560aea8acb4ca |
| SHA256 | 97e4746c3d8ea713e1a1ffb82b86feb32172ffe29a309759514f70789b6ae6dc |
| SHA512 | 283d733a4491405d5396e141a3cdc1f21341f72e8747877f201ad8c44d947e013fed1aba0995f822a399481a162678e666e6fb99449c3692547313e79f793b84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | abf81391c4e2b2a00f55eefca65021bb |
| SHA1 | 9653caffe7b5a41b1d457988d3e86670d19f01a4 |
| SHA256 | 0460867ee0662bb54a3614cf8ca22f9a6f6e6009b2fa8510613751e0ccdedc6e |
| SHA512 | 56c7e885c3e873bbf19d869888671d695b6190b408a81c3e4c51bd77d3001d31dbf68bce5d23fef7735751c28f1edfd8544f62ee851227e6f2c6e0536a52c9e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ff9e870802b6f5488f07adbe2f312836 |
| SHA1 | dd3fef8754728b7c73342434b6d9909bf51ef1bb |
| SHA256 | 61f0958cb068827884e463cee10ee9848bc920e6c725532f5614a568edb45658 |
| SHA512 | fb411497cfca4d3f3f2b97cbde0c710a281e1ac0c583bc407fef480dd2144af4f64164620206be47fe6eebb24f4254b3c15aa5e16f1ceea01e35e8b364be2167 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cc932412758a48f85d3cbd1bad87b6dc |
| SHA1 | 82fdb100f82b9432e18b8b30a48fe9bbd3813f7a |
| SHA256 | f341b60924c2c53224afaab99c9639ec9f0976731a41e06800f2f88169501dd7 |
| SHA512 | 958cd75a48e2a80f51c41e16f8dcce6749614e6e535987578f54b251605386931e81daf9167580e72fe470a3c31ccb670d4bf56674c7546db461cb520a30be71 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8b67268a2b898d6ccf4f07332773b6f5 |
| SHA1 | 3d1dc8057f8949f84e0ea2c6d47e7933161ff2f0 |
| SHA256 | 41aef1ac01c4a5f2f1f03bf8fb2b7084e2dcf8e2d016f2479838f3698071cc8a |
| SHA512 | 0fc18a18318beea5383596a89e77fe5e1d3be6b2e340586e6eff10313f058476043aba06cac4246d537da15f3fbbb8f476f63d58e743e51269bdb045fc02df79 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 04f9531eee548d5065fccf5afccee426 |
| SHA1 | ab0ea71aacf7d710724efd3ff2aeeaef145bc469 |
| SHA256 | cd50f6959053917c3254af96b7a338b4aad539a4d72ba1e22505210855436ac2 |
| SHA512 | af87c2ee822052b1c7008dcbec3aafd9961b9ccab4c1655f6d7f55f6a4913cd686810c8300b9440917d9ff3500e4d3f0722c2d926d150d5e3db94f070a897516 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 49b7f1a4d8ec2b2275f728af161895e2 |
| SHA1 | 434a2c5d081ace4d8141f01772db1e5519fb2ac0 |
| SHA256 | c32ad5f874ead27e4f99f14b85888226b0a4eef4bcfbc6376249849dafbc966c |
| SHA512 | f98933147709fd308e614b0da986d2e5c6a6ebb23fb9f86a5692c96dcf56ea0d875c8a2c2011e7af680014865c71ac7f23c9d3c424d8a922e3c7baf5dbb62796 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f67398c0ad29d0b5eb81dd5ad8dc93f3 |
| SHA1 | 007555dfe2f2e712ff1b97edce8297baec4ccc13 |
| SHA256 | d5e6cec23fb52b436654f884a454a7bd06a9c790a6251276387535566b7c4123 |
| SHA512 | f21c9abd1487680aa77bc54f5a9006875bc472cdc71ddf5df3d2b93cf6ef368312ef25bbd0251e55f00506ee2d8d9fb51919d6a22236befe01d2567617944955 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e9f3f52358e0eac49d78d9413f8ad8a2 |
| SHA1 | 80e8f41ad3871fbc7fc35f4672606d13ee9b546e |
| SHA256 | 7b7e123675098373e9dcd28d89f0a4f98ea19f0140f7e782247fd8a7669a1d9a |
| SHA512 | 42ed844db96bdd49f48460baee4960ac581dc7153d54159ae48dd76d6d42ff38d822597ebdea43fd6421140cecc7ee6d0b8dd69e5a0d3fcd57941f540f391453 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5e0e16d6556fdf5ba2390238200ab29f |
| SHA1 | 7ea59e3090be86e60ff5897ed01c995c6ddaa649 |
| SHA256 | 4eca7806b29b258941092d26db214729a3b7a96e1585e66a9d471884d0c58e8f |
| SHA512 | d59f2a1b2dc8d311c505bc29e6e0005c0efc2be82a6457a26a43df0b8768b1080a0926ebb3eae08f9ea2c791a191d1681170d68421e0a99bbd9ec5c9ac498dbf |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ccd38c4adc8bf2da89eb1cac2bfa5c3c |
| SHA1 | 0e71ba256b5b9222e4e3d233ad06aeec40cec652 |
| SHA256 | 62a6e63aa2dc95dc418fb6a23c91b6949c4ecb907c7858c0c9f68f9e75283dfe |
| SHA512 | 5c1b7bbcec2891c97ee017c6c2f35e0f6d8556b7d2fe33e4a3c5a58eb64fc931c0a562176e1f79afd71a30b605cb9514ab903f014d4aab282f39dd656ae3a639 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fd1313bec5491a78eedef60eace46ced |
| SHA1 | 954a3002193b596680bdbeb012eeba79f5d447c4 |
| SHA256 | 94708354272caae3f57023a76ba749094f29d028fadb07e2378f58d215f11275 |
| SHA512 | 603c60034005961c04cda28156bfb151d4e418ee6cc4c027edf4cefca3d6b0abbaa2a71444de34db0a9662db15cea456e744ffebe5eeadf04f3f8282ccfe5536 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 48d7d693be9686dd52bde89d73b403d6 |
| SHA1 | f54b0b3e18757131a4cb60ca7fc48f9222e722c8 |
| SHA256 | b17174f5f21e2d54f36e63fd419f7d77290294787f10e9329e4f19fc6869d40a |
| SHA512 | 7d9c2ed07c8a3cb06d1b9698f66fd43e4247da22d8a1d9c505508e7c5c0e3940f43c3d3152078a7acbf6d17edf384ff53a96a4173fc378f53b1f92b26d473817 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8233b7d1a57988832ce02985ab9610eb |
| SHA1 | af8ad8ab485d33250df8a6d029e76d58777ace17 |
| SHA256 | a4406c9ed9c1de078583af3dc8adfde4bbf8e3f7c826ee1f029d34ff57328260 |
| SHA512 | bdda4f895bf59e400aa72548d528df5d166d59dfc0640cad1ec7c4f35a102551cbe4a086bc9d0334ed285e9e19cc184e8954b556a962f375f0c52bc31875276c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ed4b0362ab8296fd7deefc0ad466681c |
| SHA1 | 8f158fcef04a31933bba51b1a430c9c4aa84dd4c |
| SHA256 | d2229ec8da907ff155c6f705f30ef91eef1d732a22be111d343671ad89ce95bd |
| SHA512 | 67c59961466fa5e621cb7cd6ea38751b2767cc55ec173aad95b8ea2883fb8ef830216b0132fe71613760d3d625218a295694dfb8483ad0539deec6e136033767 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b1fe6055ea1077d2d75dd5e7ca626e3e |
| SHA1 | dbec38a0b35eec0fcf8e6b9f669321b44095b5de |
| SHA256 | 401adf6201907f231424d0b67fb7cf7dff2f94ec30f2b6e083e2fbd58a706dba |
| SHA512 | 2b81dbeae2aa6714169f2f8ea442e920c42ca13d0f505f1998e1ca28d25b7b96017379201574dcb7feeba4f8886118927c4239196aeea5ac047ef946dd905ed3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 39aaf09d69e39600a14f0f1ee65d0a75 |
| SHA1 | ea429611939f9deb591f05d2b7048c2c186bda24 |
| SHA256 | becaf873164f692a6725ef90767552fe22883829e15ec67b054e3be9cf2f4151 |
| SHA512 | 0ae7634bd86ae2154345b7f6d24f2b373a0a1958e1a302ec4675f1e13a6092a85dae53de5f63d679bfd880be2f4625defbdef95b86790c0b76b4483ea6bace5a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8d98e005c3de77faa7dc423e24c105da |
| SHA1 | de55e08f5aefbcca48b5c9b6986dbb32f07a2844 |
| SHA256 | 5ba523e50e703174716299fe5a7c1684bf32cecdf8286d099637a655baf19112 |
| SHA512 | c35944f780297e566e7166f6801ed01b35a7bedaff1b64c825042f48563af1b371eb9d64891371a759fb45c7cf54a7a06307b474e730ff2226bee4a16d71739a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 71177857a2c414aa8dd5bce6f1e27595 |
| SHA1 | f551fde8a5f192d2738e286ef105c16a606de22b |
| SHA256 | b5389cd24300831367ff5d579b8caf02ce4011c72b5f64e541f0c93df6c3afc7 |
| SHA512 | 3cbdcf627d2fdee3fcbf3352fb7115087990db4f845c3c41dc4730e6ad6f9d524137ed962af3e5bcfe5c581bef5cdab5d66d0ecefbb33233bf5e0fd8463465ef |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3f922fc3045ccc5f98ea2d2557800ee5 |
| SHA1 | 74f2ec0f61c14fc0480300321c68a73c288e9bae |
| SHA256 | bde060cd7d5889490ac0056ee055bb3bd17b1c27d9b3428757f9a82af38fee38 |
| SHA512 | f7cdece827a919597335f3e79180d86f2acd009bb74b49c9693b04025c83b526ab82c18cd8286d7396eb47da29b8a68f0b22e5e3f854d35d1ffdc3093184f336 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a8b99dc5984b0bf78d1616eb9bf649d |
| SHA1 | dafce6dbb2c0c345ce63ecfd9f2923efe3d653b6 |
| SHA256 | 043708224ef70e443cc17f4541a9d4b3313f1303540feb6ba3479d8d38451540 |
| SHA512 | ba8141b724210f3cf21f2a143e0712dfabf1ade8039c3882b7975671633fb64e6cc522021b7da4b82f6208d0497e885489340a3150421d2c697ad4837e5c382a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 84b58b27bc3c9fcedc18cc9843b21754 |
| SHA1 | 57aeb7aa9b67d96c136f30f7e1c6fb3554f0feb3 |
| SHA256 | 9879c52ad4e29e8fa314556e4d6b548f5fd543148af500f0f03c2effd870f06c |
| SHA512 | 84d8e97550c63f5c1e1726db598bcd7e212781f0d60b057f6d69b7dae18df918e60fec1cfa073b1f49d9f4d6a9d79202513082f2e3b1894a766b095596943627 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e5b1b13260636b78e7bef732df937558 |
| SHA1 | e4b314799a12980a5bb71225c30385b306dd7891 |
| SHA256 | 90718490829c2a3ccc8fe805af9ff92d1029f56edffa921db0e1eb515e18b060 |
| SHA512 | 632fc42ed775d1ab28073e395107190b245d888b4845fb6e6ccfdb08c52e8f23511baac5da13c1a07b8f7c500ff5a6517fcfbd8008ac575aa94c3bf2bfcca9bd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9237456e1a1c62e6cd748583521ce02c |
| SHA1 | bf0f3bfca7df7fc2758011387bea72e06535de76 |
| SHA256 | ce4f596a61f6d3298ada48b6b1c4c31b6ade625503261d0a5e61a6afaba03406 |
| SHA512 | 2a5aa0c6391ac7c864667ec4e72cdc6f266407915db12e4fc8a22cb66527c91219804c185e1a988de3eaa2b8d353ddbc0a5b100a6c08bb665e2a6fdf7e1950de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0505a442234569806eb0f76892024d73 |
| SHA1 | 8cad5f1b5ffb809eecfecf0d503ed6ec440299bc |
| SHA256 | 7eb6f21a5078711bbb8de61fc98d71edfb87008c03e2beff95c07716989c8cc9 |
| SHA512 | 0381a6a96741b0a66b74a192efcfe7e9b6fe26e4d81d3ac2916d1c6cb03c05e580bb49ba9525bf5c9f73273381656327f6b7ff0d8b169c902e86cf1018875b56 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0af861f519f58d3598834eafa9d07cf9 |
| SHA1 | 73a767137b2b747a770e2ade0ea4b6b052f86d85 |
| SHA256 | 06f5b5634761c5f6d77b544992ae2fad94868448653a4713419c508790daa186 |
| SHA512 | 47eaa9234828ea65056ea3f1627e6e9798b8ec4c2caf65e7eb13188788be712aa4637cc16cf00ce3d2594a4732725f6f4a8fc72a002c84fa44a8c49d0218b2a9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 169388fc8d09f44d3d5824f51969f978 |
| SHA1 | c118c10d3f3db2cb2b445b148c1428bec239594b |
| SHA256 | bd13d928448ad249a9f1b37eaa022ef10d2f000bcf9b153a4604bd2d28b705fc |
| SHA512 | 1838499a94eb721e5f8c797c1202c23bdfd7a246fcb07f32819ceadd4a895d108f2273699565c2733a5ed5b35b8535bc58436f721c0402bf3e227eb4e92ee72c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93dae736fd31549a6d8cbcb3da9e4c5b |
| SHA1 | f524f62ffad86ec6808c079f745dab08cede266e |
| SHA256 | 189d862cfde179ebe5f5954a3e85cc74387a059828e9e13930364c4a56598a48 |
| SHA512 | 1c5d2f9a07bbf6ba937a7255aa7ba99141ab71b6e2925e28abb26952ca0bc55195efb84bbd1b6717833a3e86073259af456805f197f58bf13e2a482304b75c74 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3dfde234a0c1a74bb634a234e11d7563 |
| SHA1 | 631de501ca6eade42c5911d13734faf27c8e22b8 |
| SHA256 | 3089b5ebe0c27810a733fa4db00cde838551458c625f73fb1aecc6f185186cef |
| SHA512 | 9f42750b6f585377ee8c15b8aceb4930a1ec981a39097ee3365b62168cb2971ff7b0bc67a675f444890a8a6042b2c4c5b362e27d0e710fdfe797a62f9c6f5120 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ef9955078b22f1144449e6fb1669ae96 |
| SHA1 | ec8141965cf0a88e412ca6607fe08ccd0ded8db9 |
| SHA256 | b126918be71d7bc1d4a647ad4380c00b1768c8fcdf1d53cee6026d641504cec9 |
| SHA512 | cf96f8ecaf2f9aeffa715c981f784d4998ab4e09795f095bf5d290b4667dba841b96cdd4c35550a674f254159357349d518f74091607f15bc162f9e398857dbd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e7c5f1f0b7ddd4e56b259a2d92eebe4d |
| SHA1 | 17eb5b54dac7ae71b6954135e6e499eacb61b428 |
| SHA256 | 44ba34187e09502f5891d5488bd6b8e8068808f6dc09199ac53167519ebeb2fa |
| SHA512 | 39a87d5786286db4206c8450b25e691c72356981d5d8a5399eb5f9c16725f04d59bd6a509e2a64afd1a9a9ea42b9cdc6cf1d68b2602d3ccf80f5a16853bac635 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a5f602d6e5d1f5250b4648557c83d374 |
| SHA1 | 47951b78c70187e8a0cd496f76c526f5bfc37099 |
| SHA256 | 6dcd13bf2260f673c0250308be7b95cfb2acd55b6e9567af9157d20b80229380 |
| SHA512 | 827dabee119ab96a3a0979e30829febdb4a5953ea024c98b67a170da4dd68f4d7505ad99abe5009631f719b06706a0db6addd75d47d84c9c9357f737066879d7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7a7548b065941a37ebd57527bc69243d |
| SHA1 | 45b5f115092dbb421aeacf5dbe2f2354f0ad78c5 |
| SHA256 | 89202be05351de2fb68c75e7db55f35cc5133d10a1b04c600a4791528a181b4a |
| SHA512 | a1b53afa2e303e554dde889e8dfb17e395e3c1781ef14b8acf747572fb607b08054722c31125cef27bb484f57c96772cc9fd61592252c683ab1e0ed45e37b9e3 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | db5ad16ea290993ba5ec9d9a00a22971 |
| SHA1 | 05e3d7f165e9bb19f028ebadf64c19dfa0da3a27 |
| SHA256 | e4d5686a37146c709879c936327924975b13eaa39504b23aa2f1885741cbe7c0 |
| SHA512 | 25fd7f9145afd36daac08e0f7614d47afb84767cb51cd959e6efe85fe6017c22c063c0476ba43c1da886dcadea14777b904dbadfc1200af8e3539faf9738effc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a7bc3e6d1189a80d5047fe0c8a300335 |
| SHA1 | 106e4562bbe142bc3211c8ff1259f27908770ee9 |
| SHA256 | a0af48049f89014f933c13e5b2864ec11c923fec4cddf20d55075250be831a30 |
| SHA512 | 472bf1586be1f5a2d358d5cfa4eb1c69f62f5ba576af510c907411f09c42f44d1706a915b7319e6809b8b683fb17f12af5bb8b1c0fbaef11993f0fb65ba92c4f |
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-27 05:31
Reported
2024-05-27 05:33
Platform
win10v2004-20240508-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff86ae746f8,0x7ff86ae74708,0x7ff86ae74718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1980 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1812 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1964,8341918985042530876,2429752700113340428,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | kit-free.fontawesome.com | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| FR | 142.250.179.74:443 | ajax.googleapis.com | tcp |
| FR | 142.250.179.74:80 | ajax.googleapis.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 172.67.218.119:443 | kit-free.fontawesome.com | tcp |
| US | 172.67.218.119:443 | kit-free.fontawesome.com | tcp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| FR | 142.250.179.74:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | secure.aadcdn.microsoftonline-p.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 13.107.246.64:443 | secure.aadcdn.microsoftonline-p.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.218.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4158365912175436289496136e7912c2 |
| SHA1 | 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59 |
| SHA256 | 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1 |
| SHA512 | 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b |
\??\pipe\LOCAL\crashpad_2740_NYAUOEBSBULBNFXB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ce4c898f8fc7601e2fbc252fdadb5115 |
| SHA1 | 01bf06badc5da353e539c7c07527d30dccc55a91 |
| SHA256 | bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa |
| SHA512 | 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0dcc8fc7a5076717ab62ef56346f70a5 |
| SHA1 | f7ad7582d8e13227d46ab4d8aaadb5f6a9c6af37 |
| SHA256 | 944e4c86b672af3bea7ea33c92c217af086b0adce5a6685f41460ad2b481284f |
| SHA512 | 0a7904b3d102fcbee1c5d4e0816afd3366d4e3461cb9b9710156f25149c4d8a16a1fea61211de17d0ee195415af8e4b9d1746ca4bbd56ff7947bea1409156b97 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 5164f6cd5687308a753ca4771f5ec799 |
| SHA1 | 7e1b077660d5a1b9a44698b40057e6be6ffaa523 |
| SHA256 | 14e2a05ea6a4bdf5bf1a4d484b85f3c06ca1d1b2cfec60d7eebf3353ef9a6ed7 |
| SHA512 | b5475904e6f0abce30ae2f0b8afa088de02668ef66eda7041882a8f703a49359ef5ea44387ef2086f2ef2594f51987f5756b7ea8cc9f7b205963d7209a671aa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7f308a476182cda25bde6f2e2d101df6 |
| SHA1 | fd6a8f11f785d7bbbed1475d1b864dfc8019485c |
| SHA256 | eca81b80319c9ea90a76ac48d6f4a1038c400cfdc1d69772f9869378f734632b |
| SHA512 | b2d0295ee398ee06e045e2fff8a598b1efa6f3aa012b45128bd721a59a1d9137e72f89986d90b14198ba333b36219829b07e2430fe64ef948540c439f068b141 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 824017007822a7750670b2611b67ab82 |
| SHA1 | 0ebca7305971f83ce8c9c52009ba4f3295891bd0 |
| SHA256 | d95d6dc5a1334288fe7a2b68ed2d129ca0d4c528824fb04d32cd7ea340008ac4 |
| SHA512 | 4b43e2acd0ee3100a2c5dfef33117cf595891a88ed4f258875d2c9b870c06345671988ed290cabc5997b3c2c0a4eabb52a0a304f290e293a410c7edb67a828fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | acc52d88fc3b61660c408e22b17be059 |
| SHA1 | 332713fe4049f64caad2ed7580f11e07a7bbd518 |
| SHA256 | f397426b514a63389ec9ecfd62c8a0cb7b05800eacb78ee6213ef5952c556349 |
| SHA512 | 7f4b4a3f3982ea121718b96ff5fcac34b6924de56e6c78dd5b1b1c8bdc061fc82e0baf255a234d467ac54f5fa16f81cf7d72e366455731dcca7034a9c38664f7 |