Malware Analysis Report

2025-04-14 02:36

Sample ID 240603-mmgakscg23
Target 9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118
SHA256 557cd21bd535fb5219972f8b29bb81f4ed346edd53fecb3100f0c60d97f9de7d
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

557cd21bd535fb5219972f8b29bb81f4ed346edd53fecb3100f0c60d97f9de7d

Threat Level: No (potentially) malicious behavior was detected

The file 9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 10:34

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 10:34

Reported

2024-06-03 10:37

Platform

win7-20240221-en

Max time kernel

130s

Max time network

131s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118.html

Signatures

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "423572753" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{E4FFF1F1-2194-11EF-A965-CAFA5A0A62FD} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118.html

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2868 CREDAT:275457 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.aimshospital.co.in udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.2.137:443 code.jquery.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 107.154.168.198:80 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:80 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 142.250.187.234:443 ajax.googleapis.com tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
NL 23.63.101.152:80 apps.identrust.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 maps.googleapis.com udp
US 8.8.8.8:53 x2.c.lencr.org udp
US 8.8.8.8:53 x2.c.lencr.org udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.234:443 maps.googleapis.com tcp
GB 142.250.179.234:443 maps.googleapis.com tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
BE 23.55.97.11:80 x2.c.lencr.org tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 medicare.bold-themes.com udp
US 35.244.153.44:80 medicare.bold-themes.com tcp
US 35.244.153.44:80 medicare.bold-themes.com tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 35.244.153.44:80 medicare.bold-themes.com tcp
US 35.244.153.44:80 medicare.bold-themes.com tcp
US 35.244.153.44:80 medicare.bold-themes.com tcp
US 35.244.153.44:80 medicare.bold-themes.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\Cab191E.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar1A0F.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 baa78cf5d3922fcfc77db56e6769a882
SHA1 0d59b8bfbce2de5062f9338af44cdba0bd67d8df
SHA256 722d70053edd2580f4ad1183378d2f68fef7d15bc4da5f2a0c582a6a26155ca8
SHA512 f07d167f55069963a9eb46e94dd0e996e7cd3d3b151db7bacdf263a17558f494429bb2c20e7374d2d1d239877338036ac7d9289ce1b3a5de112c6f09ab7acbfa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

MD5 9e6cf2fef82657aa35760eaa914b6fe1
SHA1 c7e5fcd9f1c1592fcddf463cc47888c8364440e2
SHA256 6da50ab8c254db9353707ed64b92433b044ddeea3d861e6a5ff263b8a1518bd0
SHA512 c4c88c4fe47fd7c600241b13960e34a3e3387da67d32b29683c5c58089903a5fed7b387eb5737cb706f485e34cf66c4b52d0fb9aa6591efa4c6e5db0ee1395d8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

MD5 822467b728b7a66b081c91795373789a
SHA1 d8f2f02e1eef62485a9feffd59ce837511749865
SHA256 af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9
SHA512 bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c502298687a83a5827db936a658e799c
SHA1 f80b2a200dfce91eb2fc608dcfcbc85b0abf03a8
SHA256 84af6d14a6f10347a1b4b9ac1aa851ed2f1ba37127f74cd106054c074068f5eb
SHA512 7d314ff24da90b98e285f900f24b3416ae5037ee97ffd804dd1fb5957ca47afb7ff730ba059f203e6055883154854a0d8134e854bb80144f92189d7cbfe88eb1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a96b09dca768f152de8d4c653164bbef
SHA1 d16862f383f207eefa123b94ec35af65630238e9
SHA256 384c4fb07b231a8bb128acd140babddcf9776e4f2ce4b7eb7f7261294913bd82
SHA512 98924ac6dbca716f3ba53d2257684437daa46cd2991e206dde457946f2ae6cc17ec47c7c1eb4399729b91674a80a9cbec1fa400cfd74e61c32875ab7d482c941

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\demo[1].htm

MD5 8217ff7feaced09f82b0ea6132b377b7
SHA1 ad54a33078f20b570b4e6f001218bbbfbe98f1b7
SHA256 d7dc935d14559291076ab95c78e40129d16cead033950cd83a0a770cea94aa85
SHA512 247d0e582cd92e9fd2a8706b9bcb96afdfa4722f82deaeb2d58e63ba08176964174f3e88be2a9b02aac67a17b8b0bbf055d0c4fef073f94a67a59cf32bf5451c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_D727CFA7BCFAF501CEA426110263B756

MD5 495abe1928643ed730ca074a5266a645
SHA1 1e29b95486a0eff557b8535c607c2240ede505db
SHA256 c4267593e63a51c0e3103d42bfa4667515ce34b8636011959e0aedf58e82cbba
SHA512 cb994c8fede0f952460368b3a53e8bcb76b45f92e53f38f93fbf57d91cdda01354b22e172c40e4057ac002a6e443a0a5beaf0fefaf2c7f08b3165a8dc45c5e1b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_D727CFA7BCFAF501CEA426110263B756

MD5 83a1eb088712f7a8ccf2487370a915af
SHA1 226407866914bdaab3b9deee724fe78fb55be515
SHA256 98e3308fe35775329ad4f5f8d38af4d991b7a38d2eeb1f0642d63f1052726b84
SHA512 748aeee9b765596abf97be2a0b40e097364b6d77e24da0aaf8db4a5315f92ce62eb8718793b6a327a19ac682b1267ef9475c70ab8a0c305bbd8bf0ddedf0b5a8

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\jquery.min[1].js

MD5 dc5e7f18c8d36ac1d3d4753a87c98d0a
SHA1 c8e1c8b386dc5b7a9184c763c88d19a346eb3342
SHA256 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
SHA512 6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\jquery.min[2].js

MD5 e40ec2161fe7993196f23c8a07346306
SHA1 afb90752e0a90c24b7f724faca86c5f3d15d1178
SHA256 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
SHA512 5f57cc757fff0e9990a72e78f6373f0a24bce2edf3c4559f0b6fef3cf65edf932c0f3eca5a35511ea11eabc0a412f1c7563282ec76f6fa005cc59504417159eb

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\js[1].js

MD5 e00bad566cdc162829910f98827adcc8
SHA1 f4a4ec19404cf2de9a323ec75c0de61b78a5ad40
SHA256 50a69cde390ac75d97cc9f2bb72e9181636332bd9757ba254099ba642fd5ca17
SHA512 15daa025564025d93a540336a5bfb1a60206c4527dc9faf1d0476a6cd5015db42f791b74144f6c43ef8d5cd6fe8dd466fdb1ecf34debcd27d7c3c4e0b38a3499

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\bootstrap.min[1].css

MD5 7f89537eaf606bff49f5cc1a7c24dbca
SHA1 b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0
SHA256 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
SHA512 0e8a7fbd6de23ad6b27ab95802a0a0915af6693af612bc304d83af445529ce5d95842309ca3405d10f538d45c8a3a261b8cff78b4bd512dd9effb4109a71d0ab

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\jquery-1.12.4.min[1].js

MD5 4f252523d4af0b478c810c2547a63e19
SHA1 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
SHA256 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
SHA512 8c6b0c1fcde829ef5ab02a643959019d4ac30d3a7cc25f9a7640760fefff26d9713b84ab2e825d85b3b2b08150265a10143f82e05975accb10645efa26357479

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\api[1].js

MD5 a50e4775c307953e4334514495b187fc
SHA1 8f9655b790234bc595dee31d37c5e5c061b9b335
SHA256 c07bd7d9283831b2c0139f39c20f251f31bac33db8ba15a2e93f9364f440c0d9
SHA512 4643a47d419aa6db45dab5317c87f5194efb4df19b90182fa8421129ddffca94086d2336c00593db4a1aec685c95f2303fc3a242445566f60de5cc2e2c6310c3

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\recaptcha__en[1].js

MD5 4668e74b2b2a58381399e91a61b6d63d
SHA1 89ebf54e996e46f4b1e26f6dcda93bad74fc0a1c
SHA256 b0e3acc54460721385d2e472dda7288382f2766a06b38d2e732d034619f9b929
SHA512 b2ead3410dea89b658bfb0ce67842569641cd6c29889ecfb223a83637600b82b0d2e55cec26750593359663a22896f5da91d3df9f085c204803cd646a7cabc28

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2468dc7c299e606902a04a33d10ab4bb
SHA1 0c466b11928149655e87668c15c4ca450a240b46
SHA256 65a72572f049043e8808017d85c9224ef2a3457c28b23289776bfdc9377f8416
SHA512 930f6b25bce3bc2cbee107408383e100be3ee08f8f6b2b82f93a0b4d0fdc16ff48b0294f7184e8f95a99e2cfa4b2b733db05ccc7767d582de6d87e243f92105b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0d6a15af73e6d0494e758515c23cf632
SHA1 627b776e7284c015ea44b53cfc8f5230cc6c1c69
SHA256 36a9e81638931404172709203bb75f7ba707daa15333fe700bce74f6c4dd2cf8
SHA512 77e56715e408bed50b0234144631e053fc2bd6cd463df9d7ef86542e5323de99e589c6dd6d46e3817fbe24a068071ec36c85c272268a0e79858a0856939d2a6b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 fa12cc04044f0a5dbf296696f55f65df
SHA1 7435df465c99f28ad8dc8c149caf86518731ae82
SHA256 a374044831811f8d7c9917c5bfb6bd3d13ec9299c07ceb77f5ad1b2d2d80ca14
SHA512 f280beda952593fd471e76ecc1389102d713959d2868dab9bb39efa568675e87ca701fdfc41cccfe2297ef21135d7ecd669f9fbff16fc3e97fc36f5d56dea7fd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 354dd12457e295c3e6c60e79f9dc27d1
SHA1 0836958e4306c6f72cce5f7981f5c9bc4c999655
SHA256 7bef41500a6dacc5168fec4c293fb1422f4c2dfee6bd22841fd53b7967690c9c
SHA512 b03f312dd0906db41eeb63adea6eb0edaa10bbe4a6bdd5249a396b4882e08318e77684f85ad9bfd963e3b3e5b70ad759b43be8d1c189c4b4ed21599414a9343f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9b40b6ceb6ab1ad768a76be1a572cb0e
SHA1 9b0ece8958c138b5750601fed1b6317a6dc87a25
SHA256 2e4580407b5417e849fb61c89b8ab6628ce21d6eb1fe8e719681b0a34380bb41
SHA512 631316806d5b11522f3cd03fe9ce6ad97d52deea74e071f61ded673c1bfd88a1a38ddcde7a2a513d3a55080dd146f441c4d9b35f8611c3024552c75b0e6735fc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3eff7de4d1234d3777adc7af21f7b6ac
SHA1 ae101fb735abd7d3320f2b2ce6ab73570f0a7408
SHA256 d5bfabb60209b655b89b6533f565763482ff08f6ae2376b25ff9ea9a3016787d
SHA512 833f76909271d2e5a7bba09cfabd9274087e96ddb6100b9bf4cf75eda7325472403a60a4f9bafbcf4b177f0a978540e3d8109185df677a3a2517b4f70334d5bd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 90483b4ec8b8e7e3f088ceb6af0a5c66
SHA1 46e57d33070f7fc4f63d5cace7ebcfe8ae1c62db
SHA256 d6652942d01f80d0dd75217bd2e3ed65528c83904f4f16250289919198c56e33
SHA512 f13500291bbc36224c2838200b067479adb214c2877944f783d6ecd122bfed80ee11d75e75cd1a5df33de0f1f375396c60b089e29f398e86d15286eb96feef53

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 f6a2bc829831a254e08c2726359ce0c8
SHA1 b237b713d55175ae6ecc7a98dc0b9e50ec1daa5d
SHA256 b601622cff0b8e49534be7982522997b2bd3828a2a62c5934b84a11c84531821
SHA512 b17dc0bffec0709a2c35bfbbb3d5bc03dfc047858e4f0a566e4464638b45c41c807b178dcaa52ab03581ae93879ff62bb47af390bb2a380d485a70f0597a0e88

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c510432c460eebf94b8098e16ece73cc
SHA1 01b83a25f2b7a62447400eb2da593c76735ac8cd
SHA256 3e11970589731f6408434e8a8bf4472cec1f065e362cb97b80aaca74fa0576ec
SHA512 6b99bf419a06badc5330ed39e9155e3cebb752a6b1b6684a5b3ae1715f614a2ccc17e7af51f80c23ae6744c781fdbfbf12b6a7cb69a62026b8559c3cc98228a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6c2386757904b9b144f3377eb5177675
SHA1 e7dd22f746ef57886273ea928b9c55522c532c8b
SHA256 d7ff40dee2f3ebb1b9b83aab7f613550388fb8f2975a5a95143b20f77dcf9855
SHA512 08973408d4fc151354b3a6c5a3e570990d30014caafc7d842b90d6f5d3ff0d87a57c36ef8d3ddf95ad6503c861d4cffdfd19ab1213835a7583cf1441c0194d24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f2c26eeaed545f52c40dba761e241acb
SHA1 def40133b5b7c16fdb5988b645536560ce8f7344
SHA256 fd32076a3631dadde8ebbbe32303aafb4d8b6616c8c8db72a6593f06dbdce160
SHA512 83d8f041b5db563e64ae0988a6dce2eee6cfa6593f786d620641cd72ac5192b219a38c2107f877695284f940b089caf9464c503848ecd38c7d35bd62f797f4d3

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 10:34

Reported

2024-06-03 10:37

Platform

win10v2004-20240426-en

Max time kernel

150s

Max time network

151s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118.html

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4740 wrote to memory of 1116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 1484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 3116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 3116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4740 wrote to memory of 4284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\9176b4dac13d3338aa3668f1dfe32c5f_JaffaCakes118.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa592846f8,0x7ffa59284708,0x7ffa59284718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13879651634728517204,8346642411897515052,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 www.aimshospital.co.in udp
US 151.101.194.137:443 code.jquery.com tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:80 www.aimshospital.co.in tcp
US 107.154.168.198:80 www.aimshospital.co.in tcp
US 107.154.168.198:80 www.aimshospital.co.in tcp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 198.168.154.107.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.153:80 apps.identrust.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.180.10:443 ajax.googleapis.com tcp
US 8.8.8.8:53 153.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
GB 142.250.180.10:443 ajax.googleapis.com udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 maps.googleapis.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.212.234:443 maps.googleapis.com udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 www.aimshospital.co.in udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 www.aimshospital.co.in udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 8.8.8.8:53 169.117.168.52.in-addr.arpa udp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp
US 107.154.168.198:443 www.aimshospital.co.in tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ecdc2754d7d2ae862272153aa9b9ca6e
SHA1 c19bed1c6e1c998b9fa93298639ad7961339147d
SHA256 a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7
SHA512 cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

\??\pipe\LOCAL\crashpad_4740_KFRNFLIHQYSCRQLR

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 2daa93382bba07cbc40af372d30ec576
SHA1 c5e709dc3e2e4df2ff841fbde3e30170e7428a94
SHA256 1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30
SHA512 65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2ae687ba8282aeaf4b09187a9f59a74c
SHA1 3c04fee35d1ccddd116cc1bf54f6cf1c5d9a0408
SHA256 c7a741ede39d9baf6425e2acb1a9cfb251ee97aafe5226e6a36e0ff283ccc071
SHA512 b7730ce6d350b4de4b65f0d186292ed11bfd6e7459249bd77c9d084143f6bd0bdf1dc9b63a5b0ca2578c0746e46492b23aaef9001d8d607ec4fe5c60b7b49866

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 63c541481031303056eed255949f002d
SHA1 e6ba8fec21f4e6789076e4678f6327bff58bab99
SHA256 abed17da104188f92c39961f2d0ab6e1291fe52b6e19ac03f34a9ce36260da9b
SHA512 bdeb2b22f64ea25c6f97960a927637856f0f6bb9375a75c9a69a70cdc8a544e1fac24cdde3e4eccc9c31501fcbddee6a3b96f44294916cc848516b6406e7a5b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 979fc84eac2a01c0973868097018e6c9
SHA1 688ff22b2983c39c4c35b3592483a151cc15c7fa
SHA256 53201a18bf440c4311bd56048642f03504d974ef0bb7bdda36ddd0e418f54966
SHA512 987f77b8e4d91102139d22d728699be784cfdcef1cf31832a47fe276dc50aa9d936ada6422bf474f99db3a966d94f1001cf27f2e310d0508eeaab92b8d62d7ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 80667b83243dff54855a1218c167a964
SHA1 9f99409728ebec4f4ea8fdca450bd1285b338707
SHA256 4feb97297ad3511ad29b50fb466092cb72a4d453b80afa3000f6c2df3421fc05
SHA512 5d713a3816ea27f349cc12903306840f23f37cdff810a014994fc925329fa26087875ae394e3a1e53cc3209a19de2848a66ebf1d4d86fe60748c1af6cdbad7a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 807419ca9a4734feaf8d8563a003b048
SHA1 a723c7d60a65886ffa068711f1e900ccc85922a6
SHA256 aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631
SHA512 f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f7882cd2fc056b1b10646276819be21d
SHA1 466991d5828fec4f6d49517541e1d30bf20c768a
SHA256 dda3f5eb555bd059262be674c0509f467883f4c104b49fca7e64f510ace6b7b2
SHA512 ffe23c2f1e0de3b8af14b6786864f7ed9851fe94a470cecb1ec845eb0f855821aa8cc0dc25e2f41e3048277cc1fef82368530534d9b225d3240200bb8e566f61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cd52.TMP

MD5 b88c189aa18f894f3e84da792c7452b1
SHA1 0a453f9978e20737d02515db383edb57a6847e34
SHA256 ccf8ab09f841ca6d6b1ad6690e8ea26889a54c0f07d791ae3a16037218401a5a
SHA512 f1815b539731513e29a4d311d64dfd11e482b9b3bd16b6eaa19338513c186e1c5d6568bf50707ad15517f76c71594e90f28a57b3a7bdc8036a4f40872c23df2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1781a43bfad24a04_0

MD5 adce1fbfa1da2baf944e85f80b8e05b8
SHA1 6f207be129a0f3a198d9f7830a0305b665bf4123
SHA256 c7a03c3e66fcc48d299bc55402ad4451ef4c7fb6033e01a7d616fa5f792b17fe
SHA512 14a25e29af1c712e6fd5c95b7cd4b4bc6fdf329d996726bd1f38b602beb8c2744d3e696a110678061ffab4eedba0ca51bb00fb41c3c9222a977410048cb4ec82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 79fa24f40bb95e380f4addf56ce12697
SHA1 6db81836e7b36edfe08ad86a8ac029d406feb78d
SHA256 2fb890e6637b596cfce0f739c25ae3bca26841d53ee37b4231727626ab330b86
SHA512 4517891c917a7ef771b338f9d6c1cbcb8705e7a8b69d1672d3ab091e085852ca42eb345bc726ad7400cb90cae1bc17fa16893717243efceacdce58ad83da0e60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 f7b00f3253bad2d8b22e1a8f7b69db86
SHA1 d7fd54c6397fd9f49240d08ad0ed9869a02ad66a
SHA256 2927117294ab5c5b639835223c00e5156550f76831c08a68a24ad440ad346adb
SHA512 64037a4e74c732eb8b9a1be7a4320c341c8ed63788ffe479df0eb04cafb690e94eb5dc0da3369cdc27490189acc7df28957be57c49880d07ecd84bffe2974093

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5e9d12d339637ed_0

MD5 cda6a23c83a08a1668c3408ebe32247a
SHA1 5526d5ade82c002db3dd2cb01eece23821f1da66
SHA256 461c7d83da81f2a702f7c4bbea672d8c1ede825c48e9a693047bb0cd0e6a20c7
SHA512 64c336403e8ffbc9802230c2844ce950d9ad371b051104288a72df571fa1b1b83fac6d7c23230c2633b4dd50cafa3a412c9ae060807afcaf6fd4a0b98c03b94a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1781a43bfad24a04_0

MD5 5ede3ca763abe55cee7c59720201edb1
SHA1 16f3ed36a0a15836034bfa4acbd84234a0d7d0eb
SHA256 d058ee44c3e317fee81c8945a71946495e6bdde3e95ef90eeaed1ee6d375f581
SHA512 1545af4cd5c341fa5ff05fbbf680eebc6b66df07b2c0f983e5cbbec8fb3c2f00823f4b9642ff4ec1644f3e4574d2e861f830d0b093fa6d7268312258fb6da0bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 f998b8f6765b4c57936ada0bb2eb4a5a
SHA1 13fb29dc0968838653b8414a125c124023c001df
SHA256 374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef
SHA512 d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 411224e6a6e1ceed2810d48aee82898b
SHA1 485041fb0264e320500ae13f650eee6450453b18
SHA256 f37b97da617b3ed82acc725af90464da7191b5ad92c7a833c4a769a57943f204
SHA512 2610ea5e4202bd77b972c1a7717b2a2abc41848b2d6c6cbf719d7254d9337d08b96635e03af46f942ce799ba6570167324c21ddac4a53012530d1061d32fc9b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 0ffaa226d575ce6728e4c90148b952f7
SHA1 532eb1fd31843ab68fc36293adf774c24b4dbcb5
SHA256 68a86b3d6d10ce4d8b4cd16e4dad0b76c535f844a92f985de6bdaaf7d6b2f8a4
SHA512 f7bc3ecea5c0e6012463cd6decc67b2b99e9540a73df747523d87ff4df9e36a7902e048b190b9e3881f95628e683d9c6d520d254cf6323d0205ff74bb5b93fbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b31ab4ff4ce3efe9d13eb91cddd95efb
SHA1 c107890054d97962f51944e6b939c04018f6a733
SHA256 7f883ae6cc8cb236865cc598157a6d882124d5d56f0017f6dfeefad9df6ee5ee
SHA512 18fc833528b11997d02d9cc9f49d760f2bf83c27427af7bfc3b3b2e8642b87380be8a1d6d45f3a73393d935af776ff58c906004ced85e7514f5b82ea39a7ffc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ea9816d447f537ae55d239a8715a763c
SHA1 5b7715bfe5032938ab613dee479ba07e201789b6
SHA256 c5146dd61eb40e706c08c46a673c6bdd504efcf590c417f68d11be9174759b10
SHA512 2cbfc82756237a192ca3641372287340a853a86a35935999fcba33ebf6d5da22668ad6bb7b7acc1f33f9d912ad4868fdd1658e8748b77818ee7e695ec5f88623

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4e8f3b3ce000e43d2ecc5063326de94c
SHA1 f7cfd4e96640704917362b464e4169a49698003e
SHA256 3770004b46a45d6ab6c4f986836aaeddc3cf81b3d9f9adf5e06be1d5602a080f
SHA512 9c75ea6da6d08e62090ce6c05584c12d8f2955d9a5d18894e2c8ac25289e7d5cdd42948157460de7ded78be96a122ca5dc792812340ef791c2a45a6797616682