Analysis Overview
SHA256
9d64739383ca87c3fbb95eae91faf07adebf3fe6cd54a9d5a96266da6e6379c2
Threat Level: No (potentially) malicious behavior was detected
The file 91d2c8b981815512724e5de12e33627e_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:42
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:42
Reported
2024-06-03 12:44
Platform
win7-20240221-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "29147" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19878" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "39221" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19878" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B2646B61-21A6-11EF-8804-E25BC60B6402} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "29141" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "115" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10229" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "29059" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "197" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "288" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "39221" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10571" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "492" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "10571" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "121" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "8143" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "0" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19752" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "8143" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "29059" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "19834" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "407" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19752" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "19878" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "10235" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\youtube.com\Total = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "410" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "6" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "282" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "400" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total\ = "19840" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000005689685d8d5b1648821d1f86260f248a00000000020000000000106600000001000020000000f36e30905c858b086a9ff9554169268606da0ebe682529bb5d2d29bd9f078424000000000e800000000200002000000015b2971be6a4dff244ef71f6e0fde931d21f4d1183b31411d4caf2f67805176b200000008eb36c3a1f841bce8aa513ed2711cd20a6be2e465bd8182501a78ceaf5f5a06a4000000097f92cf0da00c972fdca1961d6d92f4e0c657d09e70749e480e15c7a50d21a5ef9893a82bb255413341a944fd616aefe8f1b14131807d8a05ac3b04098961047 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.youtube.com\ = "498" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2856 wrote to memory of 2976 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2856 wrote to memory of 2976 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2856 wrote to memory of 2976 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2856 wrote to memory of 2976 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91d2c8b981815512724e5de12e33627e_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | scontent.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | fe0.google.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Cab191E.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | fce740d8f2c9e7395ab76f564acb8cf1 |
| SHA1 | b14499b54baa99f51b98ba843f7dc1a8478a71a6 |
| SHA256 | 7fc91ff79b0b416d3c78a4bc54f86ad77dd0aeb1f547195ec5a31880b0fe0bac |
| SHA512 | d07be106b073840c9611d570694b560c5b04a17631b4458263c78ebc92b79942178c3c4267b4db85e593631554e6cf194d4995401d1528c5000ffffb282bfab8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 13ed5e0369cedc64c8437eb9a493a981 |
| SHA1 | 880053c91809fef7b2a3d688143f554d5a05c0bd |
| SHA256 | 3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454 |
| SHA512 | 18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | 37c87b752c9bc246ac98657cee728673 |
| SHA1 | eb304bc35ac0337bca0d0c98a50e8c392c9cfed1 |
| SHA256 | 6a3511296483d7d9685a239611677b993382c646fe191feda00ff70b5686026a |
| SHA512 | ea01b7f5d8cf1a8b47fdb2a0cc58f006656b42b1c5cf16f06e6d73349f4308cb83a9863b4cdfaaa89f9534fa43b08efc0d4f321e21f10660388a692af061c6e1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar1A4D.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_DBD1FAADD656881B5EBDBC1DB3D60301
| MD5 | 10297340a6fdf3b94c75a0a3c999ea38 |
| SHA1 | bdb2a4cfbf72fb5c4226384f7607a3c915622e8d |
| SHA256 | a05a5be2a343ea192b29857d8280590df0f85c2c6e880564b95d228178fa15e2 |
| SHA512 | c0605edebb6dc58f49fd85ce5ba67b41a31c61ec1bf7e8fbe7ba85ba2424eb4ae461318e1b34f61d03375d2b06e10a703d1515d9f47bd7a779ff3acaeb30d279 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\www-player[2].css
| MD5 | 0fe92418bcd14dafd31cf4d854a2fb52 |
| SHA1 | 592691394af239f5d823d5caa236c572e3fa6798 |
| SHA256 | f45f1399558f995cfc02656899d2338b8da40a49f558c9d04904a0c4c8c7f1f9 |
| SHA512 | 2a8408357b7c859c20d687a17fa2ceac011d33671c2592d83dbc850637f8215214545aae2b90d5a1af580f83f536c0508e81bc63d04635cdf1ed3e32a51e8a05 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\www-embed-player[1].js
| MD5 | d2056f8d081fbfffcab81d61ea45b151 |
| SHA1 | 710243082f40626f64943ad3b656400f444d7130 |
| SHA256 | 49fa9b168cc8bbc037cf4498e31c355509e9b438b0d19fcf750b1c5fbd1efcaa |
| SHA512 | 530ca2c291c44d3d2b5869b0ae661ac047748a5cab50de280a2c8dbd26b52cdd71a906b3730e8a849debece542eb919462a8407ef2410acf28c57d2b6068cc14 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\base[1].js
| MD5 | 9178a954abcce420219864651c7787b2 |
| SHA1 | f874d3e998441ba6439cfd7e89514facde08cff4 |
| SHA256 | 40cc1692dd4d8e1c8ed29593ee222240494b872b734c0e31da4628014da7346d |
| SHA512 | 927bf88499cdd64ce32f3780a0cfa88b14fdfbeac6a237454dcc43ee5d56b04754a40dbcba402519637ba1a3b0f948a597260a74ddb0b316698a41559d8e1cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | c1ddea3ef6bbef3e7060a1a9ad89e4c5 |
| SHA1 | 35e3224fcbd3e1af306f2b6a2c6bbea9b0867966 |
| SHA256 | b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db |
| SHA512 | 6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\KFOmCnqEu92Fr1Mu4mxM[1].woff
| MD5 | bafb105baeb22d965c70fe52ba6b49d9 |
| SHA1 | 934014cc9bbe5883542be756b3146c05844b254f |
| SHA256 | 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed |
| SHA512 | 85a91773b0283e3b2400c773527542228478cc1b9e8ad8ea62435d705e98702a40bedf26cb5b0900dd8fecc79f802b8c1839184e787d9416886dbc73dff22a64 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff
| MD5 | de8b7431b74642e830af4d4f4b513ec9 |
| SHA1 | f549f1fe8a0b86ef3fbdcb8d508440aff84c385c |
| SHA256 | 3bfe46bb1ca35b205306c5ec664e99e4a816f48a417b6b42e77a1f43f0bc4e7a |
| SHA512 | 57d3d4de3816307ed954b796c13bfa34af22a46a2fea310df90e966301350ae8adac62bcd2abf7d7768e6bdcbb3dfc5069378a728436173d07abfa483c1025ac |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 1f94b28e757ae6a902ea332a4faf21be |
| SHA1 | e3f4bd7b8fa45afe7deffa839e37cc794f6d20a0 |
| SHA256 | d3547de639c19eb90717938ee66e4ecb7d5962a864f5e7c4281e124593420ce5 |
| SHA512 | 2540e96fe99cddd7db0451d3b6eb7905f3863583833439f282a4beeacf28fa5e8653c44b50eef65948c7c6209142e274d033e873e64b8e35b515d07cd803ea12 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 9cd0e2d19233a8deaff0580caddade67 |
| SHA1 | 39cd1c263b14e102ce158ce5f98194a1a2f66a43 |
| SHA256 | c8ed5a3838a8e8ea54d95dcbfa4299daadc9d6c9c65a7028f61d137befdcd0e2 |
| SHA512 | b704dceab69224411682416fff59fc0c54423ca309d53acceb08abf024190abacadb8bc33a962d23bb6266d5711b62f68d40d9ada100bb9fcd872de882e16889 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\ad_status[1].js
| MD5 | 1fa71744db23d0f8df9cce6719defcb7 |
| SHA1 | e4be9b7136697942a036f97cf26ebaf703ad2067 |
| SHA256 | eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 |
| SHA512 | 17fa262901b608368eb4b70910da67e1f11b9cfb2c9dc81844f55bee1db3ec11f704d81ab20f2dda973378f9c0df56eaad8111f34b92e4161a4d194ba902f82f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\FuC5FHNNqx6hIMPHBLFutNLSO6Lu9zn3BZWWVNvRnX0[1].js
| MD5 | 362511387771cc02e5d769462fbbd6cf |
| SHA1 | 70a77448643daa84347b0eb76ba64ab54a5648d8 |
| SHA256 | 16e0b914734dab1ea120c3c704b16eb4d2d23ba2eef739f705959654dbd19d7d |
| SHA512 | 94874f96004e9bbce4b9c32c8941764a60e138614c348923869dc294601ff6c5026999660a3877708242df7f286c744ff7c6ab37c3e9f759d6fa95e52e29fa55 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 0578cfe73825713814b4ea04ef88f0ac |
| SHA1 | c87cd6e2c859ecf919dcf4406aaae8fe507410f8 |
| SHA256 | de8cf9cfd523400e7f921f98c524b97286e0fafa7d0c567fdb3bc7ba6d501e85 |
| SHA512 | edb7f281e23f514ba6691fdc62857fd673122ceee1d04670490bae2ad0ca0eaa18541e52308df4c8ec04e4a9d26072b17c7809a8b5d4370755f7f8ab1498dcc7 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 648570b8fbfc9b0e65fca3611f6434d0 |
| SHA1 | 1bb7fb7dae100988ede477d199300cd3c4fc83e9 |
| SHA256 | 6ea471b668deedc16ff24ace04cfc8875cfab505529a3edc0402690f8ce7f96f |
| SHA512 | 9be3a5755843f6ec2ce599800abeadf9608f7eb76dcc5b7449afe012fa9d66da37df0196b57e14da00345761d632dcf013dba1a876bc50237a9a3e15997d4736 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\embed[2].js
| MD5 | 322e970509e24ab233b6c326a9339623 |
| SHA1 | 10e2ea809ae638d5f32385d05c569922ab19bc17 |
| SHA256 | 99cbd012a57f19a3fc1b412866ba13d6b9de2a5bb22449dcbf14ec0a88937000 |
| SHA512 | 8f8bdc9418feed04e6fc7415e9e57f0934a6b136b1a763e0e39f67efa47e004a8c3385105a1c1dd9fa48ada83ac5a2a93940f20a99d6d16722ae903c93d9817c |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | d20725618f30ed14b5deb85bdebc936f |
| SHA1 | 86daf0b29455a4d2bc25d63e68a2fa2be10e16a2 |
| SHA256 | 72b0b1efbe4352b28b13ef9a5ce8651faed7614bbe6fc841b9e17044bec9824d |
| SHA512 | fd5aaec1490de0522cb5a33650592ffb441a30dc9eb2d7e6476179a7e0f99ffb107c85eb50cb8f290c3ef46c38f8fc748940bf01571d9fbd20d7d1ec6f062d93 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\remote[1].js
| MD5 | e46650b71065525efda3aeef145bf91f |
| SHA1 | 6ab764d14bb10bea32f01013cdf8889613b462e1 |
| SHA256 | 656bb07cfe7c4e08d6c5fd28e56e67e8b3e464103e820361817ee71ba13fbb1b |
| SHA512 | 15a5b039150c59b694b863a053152c8db571b8d19bf93a60d59fc25cb7cb6f7f93e8cdb03d7a419556a6af675de0859e312bf1559b123fcab69ae3fd7c1ed01d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\embed[1].js
| MD5 | 023c86d8b93e90753ecf85396489f19e |
| SHA1 | 94b1dcf6a9ced123bf723d5ca76f3b62e536635b |
| SHA256 | c4d868b347d7b4971075218990fa3a2e516c6e0084d8fb0851f24094f2c70237 |
| SHA512 | 442ae5415fc06bdf52a281ee2c379d6cce0612aee26ec7b783f8779b355ae92bcf0d86bbdb5368cb70130b0a0c0a65bbbdcd5b25cc6969ec32db1fc59b5c04d0 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 6f92b4d526053db013c2daba294347d0 |
| SHA1 | bc491bfc1e3da97b950beb03e8c08574181ea5ed |
| SHA256 | 23ba051e9cd2d69fd33180803557ec0f8cf6ffb871082892922471c2127e0980 |
| SHA512 | af7ba3b5b43113e3ae9733d816d62cba34fa3bcd6e3c97812d95f72dd1b2247b26631d0f406d9b61ee99d700aaa1d3906db7c53ce60f707c31327d387976bdd4 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 26d05ecbe2055ac55d6c0a7363d353c5 |
| SHA1 | 5023f618f18b7cc64f2632eebaa88be5832a7c36 |
| SHA256 | bf9f5224614df738f3f9ef91a03cb33ec73e352c6f11ea4539a3138322ab2607 |
| SHA512 | f8c532865264b4e94ae080e8a5e2c4eb10830f536a938a17686c1912b5bb6bfd2458cbf408f705b6431d54e011d00a8510387641b10349122128c6eff6665159 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 0dc8d3d9979f016bc1033fc41742fbe0 |
| SHA1 | 3dd31741d340f25156534f67f6db08a921b0d9af |
| SHA256 | 3b29abf666942aeb4587161d636667c3249a5d54601bff9571d8afaeecc382fc |
| SHA512 | 3912e401c016c23d7a3cb092c46eb3e34520ae0eb8eb5a4f40d7599379102fa763f67ebaf65da94421297e61625e26d3d2962ee3724f6c4cd3a8637c6e211bfa |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 89e3892e521c7969392dabdc17cf4dd5 |
| SHA1 | 35a43faedac0bdcfe107e473fd4190f35fac3ed7 |
| SHA256 | 859721b6d37f82612d0cb6691d24a05ec248250a7c798744132c8f30a87eee3d |
| SHA512 | 9396bfca1942efff3e44ba1ba6fe39cd772955add72916c9ea8b7841fd2e5e6a986978122268097a059273d19285be0e60b00be6461750431d7fa9bb3b80ed95 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | c6e75feb873c74b0edbb8b8a2a29bfa6 |
| SHA1 | 70b256b467a61dab8028aabdead0bb46b59eec72 |
| SHA256 | c50764212a060bc5d2ab5bc0254a527428e096d68cc0467a6fc30be4cf0d2fa7 |
| SHA512 | c5b8cc382d5a1d4eb8b137afda47ff6620b771182b36ec9bc7962cc1e7e79b1340215e35928fe422f757cbb3ee00b3a99d25c9e83c39c646b9c3fcd3a1cdaf93 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 216c8eff9888f8e8a887743e2997f2b9 |
| SHA1 | 878557bd159cd2a1821fd28ded95ba3ae17dd6d7 |
| SHA256 | f3654ea1bfdde5094577e66988bc4a52b3f5208e878dd6282c601ae291a76f1b |
| SHA512 | 1b9a369a1089a190475b8db547ebdf17d0ff5970972a792ac4fa157cfaff32c4ea894c2ba0e72fad1e2b0e69526d0d7b225a155db9a6173602cbef20b5ea0b07 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 89eae222b61dc68b8a6dacf2563665ea |
| SHA1 | d153edb5ca410dda924fb625e76e9f2ba10042a4 |
| SHA256 | 37c7ff02a63f317f826790b922b0b2033b56c0a83f44f317f85de632b4ae13d5 |
| SHA512 | 5d84982b9193460ffa6f618d0f44b9028febd4f7c99fd121ccbade3f9384dcfb0b83c1e90ffc76e7f1a34300042444148fa2a58b9fcd6bd9559cd5c8bb7a44c6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | b08120342ffee25a9e7d2a6d5aa01e75 |
| SHA1 | 9c391417c67b8ebd0afcb8baeb8563873248e5da |
| SHA256 | f233ba3a7cb5c149a73562fdf520633649f51c0d84ef128540925ce5744f6026 |
| SHA512 | d401f38b9f866771d4d28eb1fd71b0786a2e6383efd7622bfebc7c7f49743d33f7f00d7b3714d57488726a59de2f0a122fc1de60fe187d75fc87258829eed475 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 5490f565cccd5dae4568663b3703ba2d |
| SHA1 | 522f41b7036a050ff654a7f16fe63746aa0cf97a |
| SHA256 | 7ad2dbae2d3dbd7d7fda14216d78c9fec9699408468afcfbed312c32f94e14fc |
| SHA512 | 324cad823f720265959a0d247b05a94caa9686eea4d56b344c9f70e09d13acc2fa91ea74d581dcc5df160126211c43e346f801a7d9c70051e605d13a07aca987 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | d481aca3aa5b29fcf5f64a512aa321aa |
| SHA1 | c4b29bc860499c5d79900932c8153a8e44f1d669 |
| SHA256 | a22bea566f9246ee8ba1a1b120352a882889156e4a0beb3d64298b3e31db4dd0 |
| SHA512 | a8e2fdb96e760f77a5597c6d30dfefa5923d68cf101576edec013fba8c5070b1923b5451776b97dfd25973e7c72ba33cfd09bfc1180435b422540c30a0073e5b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 841e184fcd7d83711abc0708dc47c50b |
| SHA1 | 7946ca5d512353323bda92e0c56020872b1c1f9e |
| SHA256 | b13eb153fc8d09fe90ceba6df4ea7f802cfd2058a908691efcedc58142046890 |
| SHA512 | 71c53c4675e830a45ccc4ff2c636a295a44411762a705a41ca32775dd2dabe5bceda1971a78d2e4179633ac7246ac7f1c2d3200855db95db2d0f8cecc1033ba6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | f764bf618d6bd1ab2dc28c57da3b49ce |
| SHA1 | 0354a5cf5a01997c304385318030b0700811d187 |
| SHA256 | c8aa82b6286ed202516843dc62085a1bb600c79b6e877687f71eab56e6c96abf |
| SHA512 | ce129e83de648a9410212d0011db46a81b4dd92489faae1a2d47dde82bfbee76da3c25ab7f056fad23c7e4842431b9be481e88cb4f6d007177ff8287993da54e |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 55aac204fff49cd034ec41cb85e54d62 |
| SHA1 | 345924b349ca94a60d89cc9b5d58e32025693301 |
| SHA256 | 5395e01ce7a46c7d59a11967338fbe98296c05a506221b748dd702f4ff0ac7b3 |
| SHA512 | 56c8f31fed266d78f8c02f1bf0f7b68aafc578a09e3eb7eb4136a9896471e67eb5f3919cd67313ba38f8347d5c2ca68fa1ec39b11b7e5999475abf685f6e9eb8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 27fe508fb7bcba961842a1620e743023 |
| SHA1 | 9b76b71ea23f4d402c3cae784e79afd0b8b6c4ad |
| SHA256 | 8f6e70749bc7b989c224314b2241d6de832d9272f48802cadf96225158ef0f09 |
| SHA512 | 2450b1e95c82ced1181e95177f0778653123348a9b4091f304993516eeed0143912b2e53c720388464a2c2a13ae066a3136a09e8370cd92ba5aab09fc49bdde8 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 3ffcb105af7207aa25515227f5d046ec |
| SHA1 | 9409c1dfab595fb3ddee3ccfdd8d8b275c36cfd6 |
| SHA256 | de1b1788d52e92b7f08dad3613be760b6bf2cce4fd6f04e9920eadae5cde2603 |
| SHA512 | b911028b2373702799735ea8a5fe2d985e272bf85b8f48207fa35f6e8f107df692c4b03399d2fbf6575f389fa27ab951cf8b8aada7acab4bb23ed4726e6c4818 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 57d31b29a7bfc54d8e375fb715dcac83 |
| SHA1 | 83e373cdb1e9d812ceda6c51ca8e5bf8137f560b |
| SHA256 | ab212eff1200a5c05b7ca824a00352933cb1d1d3574a5d8ee99cf718fbb08300 |
| SHA512 | 851cd768cfe966025e7cf3183f7d41393715c38107f3ca914414b16c2566bade95fb779964ffac89cc0d63107c91d2d5ff12d9a15457f58931508d59565a3c40 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 889ba728cb7b93d23482466e3bec42cd |
| SHA1 | d17db707e4fdee0eaa346cd8592967db57f29483 |
| SHA256 | 7bc412647f88d45e5c9c239a4de407fd4ee91952b45b308eb217d61e97207372 |
| SHA512 | 75e483ee0391aca1f6104e7681f206990554fe3e9415edf7423f6edecd36f7500e7f50de599b425c8da4a4dfbe29e70ab7c29af518c3eae54b1a92c38f07ba1f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 8a78de315c362c40e0f9f673a0b1c3a3 |
| SHA1 | d7787fdefd2f507bedbecb82352d829dc94fbbc9 |
| SHA256 | ec23dfb2c78ae15cd918afb5cfb53a072fbd0b217723622d04c70c5f026e6b31 |
| SHA512 | d1705aeaef47e5f063aa342fdd5ccfd9ea83422a3007c10ee949f491541ed3413545cd5ecc1cfbc0d8348f6414db1edaf39477d214c2be3dd140bffc1afc4c22 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 4acbb9cbc7e1810f4cc8a3f9eaed820d |
| SHA1 | 717ed3c0f41253043714160a85f0ab50f1e48fb2 |
| SHA256 | 4174ca33d5c776160f8a40932123723cbfb2948e86bb650ef8f75cd03a3fbe1c |
| SHA512 | cfb5edd5cfedb71a2845086d42ad4e90c4d56188466459e02f151d81fe64385bdd1f656643fac2ac18498aa5ec4743844f11f06a50f7bd3992e4ddbe6f3fcd46 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 5cf365eadd74d7f26e552148da86dd06 |
| SHA1 | 3199de5127bf0e5b20c0cff6e0f1280d2113d296 |
| SHA256 | 934b8ee1b1e24439ca45d13679014dd71a9abd6c5a4eee84360896b8db00d67f |
| SHA512 | 6d43779454313982ba36ec5b9e5676ada574f4f72625225a727055b808c09dc36ca3def2636f195dec71cd2ba290b35cd22735c2c1d3ea61238a2bce82aa92f6 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | e7372441d9f2a381d732ca4a754bd3de |
| SHA1 | 08e15dd6a1ed671fe8d7273785bdb6eda0361c95 |
| SHA256 | aafd27d3e1ad8271441e4ff57c1db41b280551033aa7658c9fa8d88edb71f491 |
| SHA512 | 31fd2147806a835f116691004bd863892864bd85174dada9133c93970bb53a127d96c725758cd0437b49fbfe4aa671e7050dfef6f2038a36277f985e1a47100b |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 73f686b6f71227c3de55c1e77a61479c |
| SHA1 | 921dfdc08910e5a7039cd2a8f462812404c1771d |
| SHA256 | 6e565f37908fbd3eb5bbe9e32e92a45588a1c9eef41ade20751d66d82f582d4c |
| SHA512 | ef15b54c730b6fa04d5f2bb284de5b35b874ab6a4ebb362f5bbd73d2d0abf1d38c9e5d9fec20b7eb381c2cfd9e89b423c8765e6c9868ff6deb918bd0b9f22a11 |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 47c08138abdede6b603efed838aefb4c |
| SHA1 | 58ae5abcf2cc2d13acf04d213b050b921e09e380 |
| SHA256 | 366ff4fc1bb3657abfe583696761927146d49ce703615437b8308b714f9a6c73 |
| SHA512 | 7a5089eaa07c8f8f04988e2e52c14bccab0741e3f20dbf57bede478f76943cbdc413abc904ce85099f94d38842453ceb5b46dedc477e5affea1fbbffedcec1dc |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 2a217528a1a511aac1184434819ec93a |
| SHA1 | 143a452da0b588cb6658a32d032260f66cb26246 |
| SHA256 | fa30c66a1f5cbbf2eae9248b3bcb6a4518165c00093705a63007b5341e7e5e37 |
| SHA512 | f92f7ccce6d27b85c639fee198d70502aff6cdd8c0a769c06349a69d903163711f25a250671fadfc898f289188c9f67ae6277cf9b3a25fe9a09147713d907750 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1529ebc3ff726517acf1bbd954dfd89d |
| SHA1 | 3fc17bcd7ee5024c6240faf07967ce84acc4dbf9 |
| SHA256 | 25cf1073e23d0952323df870f2218dac87b475f4cada712c1ad0dff478f1e331 |
| SHA512 | 84174e5638cc5c1d45db9c77ecda81c1ea2f8989e4afff7d7422a11bab713b8a5f3b0c2bd5945cfc89fa5f8c2c8c1a31e8aa48f3f71711fa1c4aa663368c1133 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 01aa74e2b2be67168c449eac2a911c41 |
| SHA1 | 564bd15f308229559016962e20ae98d6632f3ba7 |
| SHA256 | eb5f92078a070ad65f55c3436868356bbd57cd5be00f0334e5d86ce769602da8 |
| SHA512 | 36dce5af8ebb6309822d912dde1cf39325f2471175af6f6e521aa07506330cca98c25affdbaf9e3aa37cf94478b43227cd409fe37e5d434fd1489cff173a4650 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 478ae551b9621c6113561807dc189f7a |
| SHA1 | 63cb1997c9857d511c0969ae975e410fd5ff8270 |
| SHA256 | b6aa18dd34d2c365bead35bc0a7d0bfc9d8c6ace98b5c88a500156ba5b9bff8c |
| SHA512 | e9f7851299e5768b282d1765d8952715bf3bf2ccf0befa00f321b65b6552132770c552e3490c368be943424b114c52deae9e2b59bd72c4b4143d8e59256a2b52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 493ec2badb2ad054e1a925aac162aabb |
| SHA1 | 91d3756d9f69b26f53f4041732d7761df84e6d89 |
| SHA256 | ec5d986f7f9b5937bbfb8daf6908925941f328acddcef767ad8da341fca24a89 |
| SHA512 | e3e5e1ce987b017bb3d71e7c5a0c9335e3e4b6a7cc7f6454886f57fb66d89f860b88b9aa513b187299d2d6a86e404e3893564c9dee9a86464c7a3a42b3a0cbcd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a6a534bc73beebd577b005e00d7202c1 |
| SHA1 | 085dab02aa027250b6f68804d39880d5160e63a2 |
| SHA256 | 919fa1b5007fed17a4dc7bb69b29d2d6b212c1306320777cd3a7a99e7cb9379a |
| SHA512 | 4c2b2139740b3f112be39cdecbbaad15f3e30e96e084c2dd4976019edd896a26f43e76fbcb47b7d03bcac8e37821c4fbd5ba31fbe60de494c033d41e7367b9bc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2b673e047995d3622240c220e1075e09 |
| SHA1 | aca69e8f9d3f4e6562c6e7a7bf3621d194288731 |
| SHA256 | 7cda271df2bcf5ace78b686e98066ef42f8b2acae12c6d923ea0d338df6a87f0 |
| SHA512 | ed2c0d33fa2b40192cbf11d4cc6c12d1da94458d0da8521a80c3a0d2b4b048f1a688149ffeec694046751e9bdc1007c06a582bf0a2f2a86e32f9c3a599d2c54d |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | b3572c765ffdaa89c1931aa883961397 |
| SHA1 | 53ed2ac311aab328f957a637592a1836a1587748 |
| SHA256 | d8bd716f595411eae1371be7982937f4454dabcc243e32dfee3b69861f73a5b6 |
| SHA512 | d323ff75a7ed2304cda54e387c9966e358a9ef2d5f4b6ed057d7a2a622709de4868b40031b67071c11f25931f6b0902d0fb6dd943555ed36a7df6402e313029f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a37ee58fb7192b927e8e3e64d4c429e3 |
| SHA1 | 6f0a048d2c041471e9b11aaebc7c2e91e46b25ea |
| SHA256 | 499bf152fc8a3837fdbb148139d1eaafc4c869c0123356f581c5ae3b210f3054 |
| SHA512 | d2adadcf42728a913f306afd6a214445eff8481e45f57e49e704ab28e3dbe073976b635f840f0815ca44c5fb4349224e8758c1ab2ed5d4182b9cef945bc1b11a |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\3LYXU0JZ\www.youtube[1].xml
| MD5 | 0df6d3cdf694a0724c2565758b3b1f83 |
| SHA1 | cd0b16c3b168102aaffa7a97bc6f8ff2588bf10c |
| SHA256 | 9d8084812d71df8918916476da753626cb36dc75e6c230f39cdd36015116d48d |
| SHA512 | dec18f6a55fc33736bee43d4c795c13214f1927062fe9e6a616f9e0dbe0891eeb669a9f6d285475b94e2ede96a62a472d273d0c491a94b2269ee7122ed665517 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a79f501978f1018659a1877e67345dca |
| SHA1 | 3a2dd615730536556818cfd3dea74bf1e9ad8a10 |
| SHA256 | dc01bce77a97f7d0c91d2d14b1e3eda1239886c444361cf3a087d2197f94afe5 |
| SHA512 | 651da609bdec31158672ffe54977621ca5e969ad7e431b6645e7c06fa0738627b8d1b9d766739a3f53fcc1937d7f833303fe98b416761c0953f34eb9e3a21e1e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 02854c59af56fae0ea67460a1eabd333 |
| SHA1 | 7163776baa13491930e7f438242b8af429dd6fa0 |
| SHA256 | d3ae98951ccae4f994f7b38d3a8ddf56bd09220e74eee3a78ddcc2a32b01a8bb |
| SHA512 | 5fdbe1b33660f43192643f280851deaac7e3a705607804a7991ba7269455e8bfe6c5bf1fb01b6dbfa5b6b0d3d869d08e01466b5d587ba03d474ffcf1e3b17f8c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | cef6772b56d054e0045ca8be5b4a07d0 |
| SHA1 | a26cef460eddde07c91fda2278ac3e84222c4654 |
| SHA256 | 82900a598ae09373a25fa0a159054b20f2004fb35e14bcf1c677d89040afcd93 |
| SHA512 | 602f2f1b49a53df97aa5ad6c89cb5d499625f6c34d7ce13c1b9982b1a7ddad864f85b4371c0c76b70ea1e0130af28a5431cf59f9ac03b1f27c41c49f4d1e4b13 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d82c40809dbd94b06d3b6379b36b57d |
| SHA1 | d4356cdeff9ddf6bcb5b42c1e38d00d8df3ba0fd |
| SHA256 | 24508e94c2c05da25444243c9d5b3275c12799bd6f647a58b06b51ae3f88eecf |
| SHA512 | f9259fa8d1b0ba1ea750de305fc23cc146bc1735900e7ce9570392d83fc757b13f83da428aeee569dd8216497b54d96a9feb29ba123009852802f590765d3500 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 95c470c274273b92285b57340eeab85f |
| SHA1 | fc2beb4a268032d3bfccc64d21028ef2ce8479e0 |
| SHA256 | 495a98d3bf6dd097246cbd6adca7207e200344c34d5aef555122653da6871c18 |
| SHA512 | ca68be50c23258a47278e57a1fcd9d3374a914564cfab543348233983f3f8cc004ccbf3ba5ea167f0643a32716085a10a5130a4a727b01fa69e909a40ddc0a72 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | c81c94ff047e74ab6833e1fccaf97970 |
| SHA1 | b84bf96ff016a8dc65b2cb81be93e8c6d6680714 |
| SHA256 | eba8e15c658f05c34c199c49de281d91bf92693cb926439fc36132e411d8a172 |
| SHA512 | 71a8bc92978cddfe969fad5bd9b29ccc9c615f4e6f5bd2d8f0c62c4fefa443d546eacf7def23c72ffada55a654bb7648e03b3facc301c8f2db22f14824ea604c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
| MD5 | a266bb7dcc38a562631361bbf61dd11b |
| SHA1 | 3b1efd3a66ea28b16697394703a72ca340a05bd5 |
| SHA256 | df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e |
| SHA512 | 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 08551a52111460ae9f616e50a2cdca64 |
| SHA1 | 538766469b131102a50650e4ed211b9e75afba36 |
| SHA256 | c4cf9388fa241602d501ef1f7509c526ef2d42406d912e89051af122a324c0c2 |
| SHA512 | 10e98a7f3a94a2bb39458649e879d5f4a1ed6b768be2c4a783fb2b7d8b1a3787e2e9dbef1156b831d08c8c3163760c526f957bae26681fff85f6916c160a6b84 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4869b8f20bba2630af7b6d15608bbf41 |
| SHA1 | e9dab8ba1648122b51c17a9ba048cdf1d6dac697 |
| SHA256 | 0bed67fbcc1d4796c232669e70a28c58c20425df9bead4f814fcca70aeca0958 |
| SHA512 | c80c53b831d579b4b25faa35f2cd567bf0a74ec73e58208cbcd9b19c532a77ff7e233c1f89f4e5f41948910908992530ff6e073a9ac2851d91b9eced315154ab |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | efaf4b8db551755a145c8dd13680e1f8 |
| SHA1 | 9128aeb670b7ff575863f7212d9539ffdba0cecb |
| SHA256 | 6d99831093399a769ac5ad86e077baf6766eff2d272a0b91b2259a3c8ede0e49 |
| SHA512 | 8d8e904cf819de1a26fe935916671013760b301b4148873b4cf0254ad7e529075e937fe5274ad611af97914a9c379e1c46f95c39399ff84c166351dfc599508e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93f57c0a95eff72abb1e3fe2a94f28e3 |
| SHA1 | fbbee937967576905548d56e8008f4471c593e7f |
| SHA256 | 19ee80901937be1bd50f561b7b4a0594859432fad335c0a47d60967b904e625c |
| SHA512 | 422db35ba5666b6bb0c8f548c1a4fe0acc44eb16795d499faf22263bad89d5fdce697fbedb6a10f602a96af1087d44d578d8cba8e80572cc1bf1b7211bfe5f18 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7cb875533b0e0b76b1cf3accaef5a3e8 |
| SHA1 | e4ce8dbb5d2653128f1024d5ea6271f23e287117 |
| SHA256 | 689607fdf57cf171ac18e3a0281ecae9bc37adebfc409d4fca57082240d642bf |
| SHA512 | 04eb4e5ef67caf6afb24991bd161ee1b145a6d5baf8a7717a401ce8fcd5086d46f0e1df413aa0ff3d88baac2e475ea54cae65e2d34485f0920c0c6a2277851de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | 870fcdb3ea07678321a610250d0fbe85 |
| SHA1 | 3dd833731fb1870a6e65134f8b185777fd0c981f |
| SHA256 | 69adaa19ccf9cc6e82663e010fcd4772f2c89e6584e48e5ee41dbfddb05425d9 |
| SHA512 | a3cb6124e7ed9d7b2ba7e840e173142ccc53e687263c6178a1066fc7e3829772f809daa7d2fb4b3e3b9f1eef18f770832447026d128aaf5bfcf5dd3494cce1c9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
| MD5 | e4a68ac854ac5242460afd72481b2a44 |
| SHA1 | df3c24f9bfd666761b268073fe06d1cc8d4f82a4 |
| SHA256 | cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f |
| SHA512 | 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6a39ec4024921984056b065aebd62e51 |
| SHA1 | cdb585c4105ca275f8e3e54de9521280044622d7 |
| SHA256 | 158f169091dfa060f4d1fd98b4dac02535487579a6b822a7d43f5d546899218d |
| SHA512 | 9fcbfa6c3fa5ffe2b377f74e86b7938c03fd037af7d7eaf20ef9ec3517d46d682152b919923c0dbaaa44805ba2497e37cf79b538c37da57b7cf104eeb0abb02f |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 815ad6930bd6c3ade3a8d9fdaf6dacc9 |
| SHA1 | 9ce9f0a2d8b29bf88a810d8c972f10ad83c83f69 |
| SHA256 | 930238983c8e64c0f2ac2e5f7d1f46c29d80ed8bd828c499f644952bb732808f |
| SHA512 | 36e7582187173d9c0bcb857f2b1be7e003669c59b11c70483589e3e240ef763948caa4a732e7e329fd5dc596c4c9282835a6ff773f5c43aa8476818801b81c00 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3649e31e79bdaaf29e3b09ff4068230b |
| SHA1 | 7f3b64de70634a7c40148e3995bb1018a243f427 |
| SHA256 | 5ae18db741939399ef41c5d2d83f79e5ab231dd509959b64aee86ce6b7150ad1 |
| SHA512 | 17807c13c006208dcaac300c2856414728b738046e36a7d7f638c5f73f4009b4667771d7b5ef094bbbb44f3ab8cfbb486f56325f1cf5580e7db365e4f3a3bde2 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:42
Reported
2024-06-03 12:44
Platform
win10v2004-20240508-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\91d2c8b981815512724e5de12e33627e_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa37e46f8,0x7ffaa37e4708,0x7ffaa37e4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,12150012330603966127,5798796175617812169,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5044 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.konthaiusa.com | udp |
| GB | 142.250.187.202:80 | fonts.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 163.70.151.35:80 | www.facebook.com | tcp |
| GB | 142.250.180.14:443 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 142.250.180.14:80 | www.youtube.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| GB | 216.58.213.14:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | scontent.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_4296_OJCOWDZURCUWNPAL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fff4067192391771f4c073bbebc1736 |
| SHA1 | f5e5d4b96bc626b55d39d0e123273d10cbc229ab |
| SHA256 | 8cbd7a7d3d6c72f9070221f42dec70329ea6d3d444cf7c53438a4492a05f8589 |
| SHA512 | ba92794cc9f4ae28eecc85921e6833f4412945b9289eae2c8d9e5b191ac9b5dde4e225cb75380e15ece14bd5123439cb1a138949cee3428e44629e60377eddb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0ab4a17c0af45161ac7dff40c18ffedb |
| SHA1 | 7bafc760c9bd6e0e2429ed1f0a1c03683b1a20e6 |
| SHA256 | 245d519d9503a31246ece6d14cdaf7bb64e0d3f51863e688a075688c93a8b826 |
| SHA512 | a4ccb90a23e4abfbb155d4abee851d385bd001f45cab9a30a067bc1298f02b2daea40de6fc5c9af892263b28d98d5f81e9395b01673cbb9175d0b26d72aff9ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 600e22c7955e7b7a00dbbd4d4dc56213 |
| SHA1 | 13ff4d9c503931b2a0c7a4bef5a63c0d5aad7c59 |
| SHA256 | 00a630a810064b41f65e8ea6f4586fb4b35b90c88428a8485e83452381a51d46 |
| SHA512 | 7e9fea7c4323c57d3428cf015ae874aec2f58ed7ab9336db4289f1e043d0a7b2e5392bdfee0e1705de22dcd3443fcc631d8b87e05cb81849551004d1f8e72edb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | 3dd8e586486081fcebc7f4cee16d2285 |
| SHA1 | ff7031584cc05cee51aa3c90a3e30ec648b0374a |
| SHA256 | a936e757140b1d3b1ad59a19d62b0d7e5f66cce7430de309dd9ad8b05ed3518f |
| SHA512 | 2624d4c515a9906edb3452791254898802c87f7dd621bef4fef713471ac5540a7cbc0b51dcfcc58649f73da7cb3e46f31cec3679e5e11da360388e19f3c2a09d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 59745adbc25b3b5fe04f2f0a1eb84eb2 |
| SHA1 | 3bdd33b4231822e2c7dfcdf03f88188d69c30f65 |
| SHA256 | e669c2ad5c9eeb431ff3715f02306d755cb2b1fb2da2d8facddf829b3f209fc0 |
| SHA512 | 4011e11637716124186c32e9d0637fb05eca12d90b54118a30a1aa0bb35f16e0fbbf3dd9bc259404b06bf8a6376d0b587ab1c65353d8f0566e680a8d0ca2b102 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e614e8f4df11d7309607b32e531baa4a |
| SHA1 | 4c2bb441d61b3988fca162145450f217595def1d |
| SHA256 | 8de5823ea17187409139f49a3dc44ce9a72e5a078d1bcb2fff526394c3850a71 |
| SHA512 | 2865a2ab70b4b77a670a09222d4cee12907714093f31815b8c1c9a500bd7ff9932d42d0fd9039496ac579ea260305438d691fd45583dd4966d733b6192058ce9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f363384b-79c3-4f7d-a458-0e67548c98a8.tmp
| MD5 | 0531e2b7239e77da50ac60b54caa4120 |
| SHA1 | 13639c8259994a4d3036ab5170b408c264bc8dad |
| SHA256 | 48fda6c0fd02bea824b58fc68d2c92f6f620d9941c509d933dde2cd94a09aa66 |
| SHA512 | e6bad7e81c5c3244c2537637934f5155ec01ce972c8f6d260a6a1d8855ec8f1e89756986b6518202a0215e8c4b5f500ceb33ebab766344c05f99e3216f6a88e1 |