Malware Analysis Report

2025-04-14 02:51

Sample ID 240603-jjwdjsgc8t
Target https://web.archive.org/web/20240530001201/http://www.brandmanual.intrum.com/sqRdtt1sfyBRUpsR.html
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://web.archive.org/web/20240530001201/http://www.brandmanual.intrum.com/sqRdtt1sfyBRUpsR.html was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 07:42

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 07:42

Reported

2024-06-03 07:47

Platform

win10v2004-20240508-en

Max time kernel

304s

Max time network

306s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://web.archive.org/web/20240530001201/http://www.brandmanual.intrum.com/sqRdtt1sfyBRUpsR.html

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\System32\CredentialUIBroker.exe N/A
N/A N/A C:\Windows\System32\CredentialUIBroker.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4016 wrote to memory of 1568 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1568 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 768 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 4524 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 4524 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4016 wrote to memory of 1152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://web.archive.org/web/20240530001201/http://www.brandmanual.intrum.com/sqRdtt1sfyBRUpsR.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa37e46f8,0x7ffaa37e4708,0x7ffaa37e4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5272 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6956 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1

C:\Windows\System32\CredentialUIBroker.exe

"C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4660 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Windows\System32\CredentialUIBroker.exe

"C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,7530120504702444200,7570811269827363746,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 web.archive.org udp
US 207.241.237.3:443 web.archive.org tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 3.237.241.207.in-addr.arpa udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 archive.org udp
US 8.8.8.8:53 web-static.archive.org udp
US 207.241.224.2:443 archive.org tcp
US 207.241.237.2:443 web-static.archive.org tcp
US 207.241.237.2:443 web-static.archive.org tcp
US 207.241.237.2:443 web-static.archive.org tcp
US 207.241.237.2:443 web-static.archive.org tcp
US 207.241.237.2:443 web-static.archive.org tcp
US 8.8.8.8:53 2.237.241.207.in-addr.arpa udp
US 8.8.8.8:53 2.224.241.207.in-addr.arpa udp
US 8.8.8.8:53 wayback-api.archive.org udp
US 8.8.8.8:53 analytics.archive.org udp
US 207.241.237.8:443 wayback-api.archive.org tcp
US 207.241.225.195:443 analytics.archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 8.237.241.207.in-addr.arpa udp
US 8.8.8.8:53 195.225.241.207.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 hackerone.com udp
US 172.64.151.42:443 hackerone.com tcp
US 172.64.151.42:443 hackerone.com tcp
US 8.8.8.8:53 42.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 profile-photos.hackerone-user-content.com udp
US 8.8.8.8:53 hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com udp
FR 99.86.91.60:443 profile-photos.hackerone-user-content.com tcp
FR 99.86.91.60:443 profile-photos.hackerone-user-content.com tcp
FR 99.86.91.60:443 profile-photos.hackerone-user-content.com tcp
FR 99.86.91.60:443 profile-photos.hackerone-user-content.com tcp
US 52.92.193.82:443 hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com tcp
US 8.8.8.8:53 50.201.222.52.in-addr.arpa udp
US 8.8.8.8:53 60.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 82.193.92.52.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 bugcrowd.com udp
US 151.101.130.132:443 bugcrowd.com tcp
US 151.101.130.132:443 bugcrowd.com tcp
US 8.8.8.8:53 assets.bugcrowdusercontent.com udp
US 8.8.8.8:53 d2wy8f7a9ursnm.cloudfront.net udp
US 151.101.2.132:443 assets.bugcrowdusercontent.com tcp
US 8.8.8.8:53 132.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
FR 52.222.196.131:443 d2wy8f7a9ursnm.cloudfront.net tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
US 151.101.2.132:443 assets.bugcrowdusercontent.com tcp
US 8.8.8.8:53 sessions.bugsnag.com udp
US 8.8.8.8:53 cdn.segment.com udp
US 35.190.88.7:443 sessions.bugsnag.com tcp
US 3.165.111.143:443 cdn.segment.com tcp
US 3.165.111.143:443 cdn.segment.com tcp
US 35.190.88.7:443 sessions.bugsnag.com udp
US 8.8.8.8:53 profiles.bugcrowdusercontent.com udp
US 8.8.8.8:53 logos.bugcrowdusercontent.com udp
US 8.8.8.8:53 132.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 131.196.222.52.in-addr.arpa udp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 7.88.190.35.in-addr.arpa udp
US 8.8.8.8:53 143.111.165.3.in-addr.arpa udp
US 8.8.8.8:53 api.segment.io udp
US 44.234.198.184:443 api.segment.io tcp
US 8.8.8.8:53 cdn.heapanalytics.com udp
US 8.8.8.8:53 widget.intercom.io udp
US 18.245.175.117:443 cdn.heapanalytics.com tcp
FR 52.222.149.102:443 widget.intercom.io tcp
US 8.8.8.8:53 js.intercomcdn.com udp
US 3.165.113.9:443 js.intercomcdn.com tcp
US 3.165.113.9:443 js.intercomcdn.com tcp
US 8.8.8.8:53 heapanalytics.com udp
US 52.2.33.88:443 heapanalytics.com tcp
US 8.8.8.8:53 184.198.234.44.in-addr.arpa udp
US 8.8.8.8:53 117.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 102.149.222.52.in-addr.arpa udp
US 8.8.8.8:53 88.33.2.52.in-addr.arpa udp
US 8.8.8.8:53 9.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 api-iam.intercom.io udp
US 54.86.231.236:443 api-iam.intercom.io tcp
US 8.8.8.8:53 nexus-websocket-a.intercom.io udp
US 35.174.127.31:443 nexus-websocket-a.intercom.io tcp
US 8.8.8.8:53 236.231.86.54.in-addr.arpa udp
US 8.8.8.8:53 31.127.174.35.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 54.86.231.236:443 api-iam.intercom.io tcp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
NL 23.62.61.106:443 www.bing.com tcp
US 8.8.8.8:53 brandmanual.intrum.com udp
SE 13.48.144.176:80 brandmanual.intrum.com tcp
SE 13.48.144.176:80 brandmanual.intrum.com tcp
SE 13.48.144.176:443 brandmanual.intrum.com tcp
US 8.8.8.8:53 lindorffidp.topsel.fi udp
FI 213.214.171.18:443 lindorffidp.topsel.fi tcp
US 8.8.8.8:53 176.144.48.13.in-addr.arpa udp
US 8.8.8.8:53 106.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 18.171.214.213.in-addr.arpa udp
FI 213.214.171.18:443 lindorffidp.topsel.fi tcp
SE 13.48.144.176:443 brandmanual.intrum.com tcp
US 8.8.8.8:53 26.178.89.13.in-addr.arpa udp
US 8.8.8.8:53 brandmanual.intrum.com udp
SE 13.48.144.176:443 brandmanual.intrum.com tcp
US 8.8.8.8:53 galaxysec.co.uk udp
US 170.187.168.32:80 galaxysec.co.uk tcp
US 170.187.168.32:80 galaxysec.co.uk tcp
US 170.187.168.32:80 galaxysec.co.uk tcp
US 8.8.8.8:53 32.168.187.170.in-addr.arpa udp
US 170.187.168.32:80 galaxysec.co.uk tcp
US 8.8.8.8:53 www.litespeedtech.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 439b5e04ca18c7fb02cf406e6eb24167
SHA1 e0c5bb6216903934726e3570b7d63295b9d28987
SHA256 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654
SHA512 d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

\??\pipe\LOCAL\crashpad_4016_HYCOXONKOGTGEEZB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a8e767fd33edd97d306efb6905f93252
SHA1 a6f80ace2b57599f64b0ae3c7381f34e9456f9d3
SHA256 c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb
SHA512 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 316efd8ece71cb3c7d031751f12c4506
SHA1 4458a88ac30304a2deb250e0d8535ed7c78a6ef9
SHA256 87c6b8200109f4a2468fc24bcb97218018332941f6bc708ff81fd1257ed8c97d
SHA512 0035a1619191506aebf739748182d716146508e9df818f59a30e13567d989dd569ba897fac93adf6b748423f4cf92403fe997070f7030c9fa4a80056b72ac4cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0bf7b41fac264711ecc53d4d4b94d448
SHA1 77b46ff35eae19aa795a2702a98ed9ed04b8f5ae
SHA256 896132635739977bc7e387e58fd0a2dd6442bb5a67a7c51046d9ae2754a7b108
SHA512 e086a5674911cbac5d7d0ddb4764a85ebf54b3c90237613e5d5c7c973367b57cd4bf556d18dfd176d42eacf54e89f055e4b8f335fc2c7b4827972126747b7a3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4bff4bc8a1ebbf2a611a8fcb2eb17bf6
SHA1 88ccec69bf1b769cf337ea2e6d5bb1b38ec09357
SHA256 e907749d5e7eeedf1bccd8840a29edd24fd5adb0e8d8e1ab419cd9fc42e011f7
SHA512 dcce4ecbf37be3c03f7a048c184ca55660c03ee17ff901a162a4cece6e4dd8bbc0fa278949591a5b7b9343a6b43dc52f2e3cd26f2c8bb3c0b6bf6b2bdaf9e4f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 13586dc1c1269983f1d8a47985e4f71b
SHA1 f45c93ba98bdf3a830b412031c85f93346895c07
SHA256 6bc0b98431a041da2939baf7f3324b8168d0666c2d553cdc711a2a75c0ddb52e
SHA512 7fbc84ec2ef04c687db32d09125ce99791d54f52abdc841ccd968f4794c1fc18a6ddd675c2cba74eb93ef32b0d9728a95c3de07ba9e4312f4994fe9e8db032e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c38436c4c088e9db8143b0c0fcee6384
SHA1 7ff028b48c644215f1d48c26aa1fc60b7ea1cb67
SHA256 2899c5bca9e67f985cf2e2ac0d514eb421d62d55f4146a6d3e8429597415f3c5
SHA512 a9b14d651ec061f27e54ce3e655baa52f64e848cd8d86ea716aed21e312f7b163476e4c190e72b703a5b8945ce3c4440313cf16d7e74a704b778def82724235a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 18c0c9f978f9a333c4fc515c2e6b40de
SHA1 6ef6c293efe00b59740c9c3bf22467ab2d991ef6
SHA256 9646b6f586eec0fdf326aa0305b34d73c80406b8ef6dba66220f7a4059ec6a08
SHA512 fde11d2ad67917fe97c560d657c37c1bb4ccd57d1f6179ac363539330fbfee7014fd1dc0b6f7dd703be05ee3b951c68a925ff4cc010ad8b29af5dd4009aadc5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e364480060490f009dea0c6e922ccb63
SHA1 bb84b1d6a671b7666aa8d99ced731cc9f9c3911f
SHA256 0ee3f59db1cd61d92cbb4ddf06e371389415f1022d3bc1b299ed4d0b460d0902
SHA512 74636ca065ad5f48a2c72585c38d2be49da4e256377ec8bbf02a80c4b516ec81dddd78c40f9f3e418e7da40d9a50365e2c74f1575e0ff911e6409e32b3fe0f8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe586210.TMP

MD5 12d16387ce5a78fa3f25edeea2272385
SHA1 f1d27445a515ae7532f8150eb6dfc10a86b1d0b6
SHA256 5e89ef5d564a07dcd94125a9223d7226d043015ac9d0eb31f4f49bcb3c96b85c
SHA512 1e423aefdcf73fa5b2e6f209af7515a4a3cb26fc06a04319d85a21757360198ef07b83d7caf620540133b7b8e8cc65c5e53ef3070e4551ced7a5009da24fa777

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 18725bdf7a49414b61cd236735b9df30
SHA1 05f45282f8ea68af3be03750e0879faa7963d932
SHA256 3ec4e77eea06c2d79bf462b72923f23acd6089baca68462a2e4dbdd7b951bbd5
SHA512 12d4af675bbc5f83611564e9e93f71ce77bc363dac0c8e997a1d8e9156298cf7664fb46fc7048f7cf77d646d66ed3d400effead647b9ae5d3f70f09f0a30c573

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a496bb176a8090ad14849fdbfaf10bac
SHA1 eb5e4712b1c24784d950e7e7e10bb26eac9d1f73
SHA256 e1c19d370fc303b4cec4f1a6ec6606b65df4b10ad0b84badf57e16bee6c82869
SHA512 9f3ec94248a8cc2bf1f1ae37d1912bd278fa536ed01ce0bae78a938d1fe054cbf4aad3d023f43b771b1548199d20cd9e9cef8323ed58dde9f16e646d86755a0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6837ad97d4ffc1a72c882ba9804c9a1c
SHA1 3e0ac9659a23862e33569d1109f7c7d0aa7aba77
SHA256 d7a32bfeaf4b4b3c6063d8c7ef109329d762d59e3143cb0c6f05934a822d1747
SHA512 f22a35a4f8f76d0bba350b6f578391a8844f3b4ab56babe01a2b9f6e370b5906e8846122d6433a0f908994b12524c47eac79e8675daef2ce469d524f51244dca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 64cf015a1eb082f0df7a97c82aeae5e7
SHA1 d18041ae60306e60201e01169fd902c8f945ad19
SHA256 0b7eb9b16ea6d14ed1a41caa1452f9634bcbf32c33068e4c3428aa8a7db555b0
SHA512 8ce7061625365188ac4ac9262c8df2241e8cee48194c3df98f573140b4f2d227229473f8e48315d76ff735c579a186570ca67476bfa40422ea8e66f7a9777c5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 40fff4e0b80b59074135318ad2728a73
SHA1 3ec2c4466837b70076b8fa8a39add08a3d5d74e8
SHA256 79699d0ea581d3a0ed2a6e294c69e5a57a2bcb68603fd242e09573448600d5a9
SHA512 6145fad242ec277bec1fac222d2ff7d303ea3a89fcb41e1a62aa8c4e758d36fbd548cf8bc0c054ab473156e33f448c8941391822375935ff3d40dbe98f2acbc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a220d33010c5ed76fef6d3ae7e80ccd0
SHA1 1ea93d1dd4125e9450f2b516d25ecac389210ff2
SHA256 e571f16ef1a6574d45bad40da5cc92ae66c767fcc04c7c65f7ef41f273167f2c
SHA512 90b8c0629bc5105c401b24226e080c06b52a20d6f2ec409819b9553da27cee97df5359dce519df84be28e29435989c7da5406acc5a9d70362c61e16bd1d15eb2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1b25e7ea9328ef61042faeff1bbb7e25
SHA1 87a194a4c30bb9e1f621b0d4972bd7d56204bbb0
SHA256 54f8451313b1b98928f2cbffd4a1bd370c573daf83fa04ecd07ac86c474f6edd
SHA512 f05ef5a19b4ba4864316848aebb3a1709d2457eb800765bd700ceb0457e16a09184cc3e5595fc788d3c5e90e1eb802892461cddba2d2709ad392d0e123f3266e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3496143f05b355e888fe00b868278543
SHA1 f70ec812a41fabe4bf396731b9601858f829b31d
SHA256 cfd82972d40ad281a02a399b14a1ed19977e72e12ea5d4e8942356dba2c66c19
SHA512 d571a6da604cf62ac41546b93a3fdbc8cd3255106cbd5ffb854cccbcd64be0f7aae0b0442f9edacab04a70ea8cb5a358d0cb6e0b8b17dac24f7357f8b320674f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 61689adde7679e8b69ad717e640cf7b8
SHA1 6289d401b29aa2d110ce3ad57516771b50234e20
SHA256 38d8b04473dc73216494fcd83ae6eb105a04d03d4d997e6629e1de2ffc79164e
SHA512 acd3ef061be3e762c19504f10c93d1d8790fbc732dbb22486b5728994c3d9945a4e0777c6464dd8d5aeedf07319c3ae15c878b237e0215dfe15ac440acb46777

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 cd0018984b0103e556b7dd1088da797d
SHA1 0bbe86ec4291490172464a750bb9eab2a204189d
SHA256 fa23dd6c4f39a87bb4a9791e9f29e9a29040c672d5f5ae4862fa180c6bfd2e9f
SHA512 74111609cc65417883af4978c20c66d01f25dd3405b1fda123c14687e797c3a203148e695ae41868182ab2d37f1b0b1b6755f8c747f693a6051c849b8f16adb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4fee20f676177b18aa065fc1b857bd71
SHA1 28efb4315e952220eac914b0d5c4856b06f5c552
SHA256 4365db566fadf046e8548b134d1b0b8ab683c145f878fbf9fdfa3138eb18c586
SHA512 089fdfe261038b4c9cc654b118dac0edd18d66966f9c5f57889e876b413b6aaa29563c815c52c4639472cbe196bd90e23e9fd544b801bc9751b453caaaae6e49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b678d9df70e92390bf4e96daf646f1ac
SHA1 97c69d45704ffcc45ab6419d91b83033509c7584
SHA256 3c1b8760ecf90d0c6030cfc9f2c778e8494d60a6a2eff8995d87e0c140a1d463
SHA512 e989cfea1dc265f039e933f0d25ad98c977f47613086e441797531e9849459a01cab33879c470cfd025e023d729e849ef89dc72a20fe1fc8a1647388187f7ca0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8dfd74939a0b28733f049562477d7df3
SHA1 2c0c0f3edbd3889130880bf4a580e44f08ff655d
SHA256 ae5b8010f534924888c7d9df1e7aa5c83ae6d8d1bac6f4c13760496721ab969c
SHA512 bc850b64605c097f77e2aa9424bb1ffb5047c2e3b9da7af60598cbe5a0899139a0001de3f4c8f54e4ef43fc0def32a26cd4e08eaa628bd8ee772a6fca1b657b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 992e7144992b6b936a151817569d854c
SHA1 cc860cdfa7897e38c00b426dccd48524e0a259f8
SHA256 69673ad632026fe48f231cbfbd8ebc489add73d5488a40ba7cee9fea8adc2cfd
SHA512 7a8c5e281c930662349384735f4fdd167aa9543c14b96c2ed1e90ec098350e76dcceccaacedd5e2088ca86371fb9c4f71b541f22038707b5bbbc0f2c5a6ac525

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 67c0a94ea4c1cdd5c6d250122a4bcc81
SHA1 af96cd8d30ce2faa4756a5d3aa8e82c0238233c6
SHA256 cd97b09da6a89208898383008fb18f742297d9b50795d4dca0d9a7cb04e9a086
SHA512 19851be91b187b6b54270ceb05ec31f7794c45d89b2608d724a813a7ea87417394775db6a2b1ae31ca4d1ff2f57c46131f5d413195012c4efff05aa2ee20bbf3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 d6185d2e4f67296bdfd58992eef55cbf
SHA1 61a6a399a4c58d9e4bcde5a3b81963251a3eafbb
SHA256 34240bc0dbd2cbbc4acd94af1572ae5c9b7f37779362a57e550761279e0ed413
SHA512 80ad1f4b53d0778b0de6aaea2e9e7fb91a14843168a82125bf91e14f90ee09e97db43f077d7c8497f2b2e680ddcff3e0d36d613ba85e47a62a60635217122c6a

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 1b185a99e70d77713a550f553668a247
SHA1 a5ef3469d58737229245db9ce77fefe6c737e9ea
SHA256 e1e2239082009d866a2ec3a6e59e2dfbb78f24ecbba82560490a64fc3170a9d0
SHA512 e5cca7eb3e42bbbef390fcb563f056461d4b354d8f81948840ff2720d16ccafb510b17e3e7e3bd6145d34bf74a6c741efe2ea8310582cd0eaba2233249f537b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c63b68dbe7739f512b5280f5a995bd82
SHA1 37cf84a908ff0241687e7568fb9080cac29b00f8
SHA256 00ec4db4abd1904512a58c56a42797697ede1788a5d2d7bac1e3b847ccbfa908
SHA512 2f21d7192c65684906c09971f225d3f3314993f5b2e7f763b1e514246a4af992e42443a95d1e97aaedc0addc4af46ef45b3383f1a31f4ec672abdef4553dfc18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5f7f5984234a157d2e55ddd42976f327
SHA1 6f6db57801084abe44b40c3a90d97b621823eea4
SHA256 f41d8aa680c822ffa7e3478d1bd918f21116e21e7e23b641c1dc9475015147b3
SHA512 01e917a1b69892d768821b90256d1a757e94147ce4d0d0ef47d8a04ccf56fae55c9f507bdd2ba00e3383f059ef5b547a67a94e457c230193cb646e3b90a6b399

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 55be75ce12bfef3672537b8d5533547a
SHA1 4f3886df999272baa36bc90e56cc1c03b5dce732
SHA256 7ad8f2f2f8b7e0cd70ce7f1b11a111e82623a38e301958a529540b56ae38788a
SHA512 9fe0af81ff50c22c6acfd1d34253154a90ee0ab289b68fa00f87fd8ce10eb80b9240dbab14ed55e192eb4ee4dfbbf9c211b2f0f08098dcfa2d7e6073238f4676

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8854446d5f6953e984c80b28479320c7
SHA1 9ea1316edc08512982278cb00c2fbe09f3cafad3
SHA256 9cd8ac0ea8eb2fba659553d4ea2a59f6875cfb0cbd1e44dfa967016729101389
SHA512 41862b630f05f1761869e40a3436a25d156e281399a345fb5699853524a46caf102aeaf60eef7b90ce8b7e5a09f10bce19b40b2d0b33d7bfde070d63967a7aad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 cd836b9fa0c32c96c4905cbd7f8d8e98
SHA1 6d5b43b704424cf1f3cb80c0a9f1e5706d74d02e
SHA256 f894958a78d895b9d49e06185402316857430aca80b9e92accbb9a5b7a709460
SHA512 346aefc4d401b468cb25d5d6a41c47069b353d05bd6685dbef50f8d6ea4d41069e6e0200ffcdbe8f46dc44b9716e529dc9795652622d7f27195dc80085b70cc3