Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://free-leaks.com/s?vYer was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 13:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 13:37
Reported
2024-06-03 13:40
Platform
win10v2004-20240426-en
Max time kernel
145s
Max time network
152s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://free-leaks.com/s?vYer
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa445a46f8,0x7ffa445a4708,0x7ffa445a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,15990212095153231571,17047857735537644676,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4896 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | free-leaks.com | udp |
| US | 104.21.75.122:443 | free-leaks.com | tcp |
| US | 8.8.8.8:53 | realiukzemydre.com | udp |
| US | 172.67.180.70:443 | realiukzemydre.com | tcp |
| US | 8.8.8.8:53 | 122.75.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.180.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | dfdgfruitie.xyz | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.21.13.114:443 | dfdgfruitie.xyz | tcp |
| US | 8.8.8.8:53 | d2lg0swrp15nsj.cloudfront.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 3.162.19.92:443 | d2lg0swrp15nsj.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.19.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.13.21.104.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | pogothere.xyz | udp |
| US | 8.8.8.8:53 | opositeasysemblyjus.info | udp |
| US | 172.67.220.203:443 | pogothere.xyz | tcp |
| US | 172.67.220.203:443 | pogothere.xyz | tcp |
| US | 172.67.191.79:443 | opositeasysemblyjus.info | tcp |
| US | 8.8.8.8:53 | gforanopportu.info | udp |
| US | 172.67.134.236:443 | gforanopportu.info | tcp |
| US | 8.8.8.8:53 | 203.220.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.191.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.134.67.172.in-addr.arpa | udp |
| US | 172.67.134.236:443 | gforanopportu.info | tcp |
| US | 8.8.8.8:53 | 1.entlysearchin.info | udp |
| US | 8.8.8.8:53 | curyrentattrib.info | udp |
| US | 104.21.19.208:443 | 1.entlysearchin.info | tcp |
| US | 104.21.19.208:443 | 1.entlysearchin.info | tcp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| GB | 18.245.143.35:443 | curyrentattrib.info | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| SE | 92.123.135.83:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| GB | 18.165.160.126:443 | sb.scorecardresearch.com | tcp |
| NL | 23.62.61.113:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 2.17.251.12:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| IE | 68.219.88.97:443 | c.msn.com | tcp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| NL | 23.62.61.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 35.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.19.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.135.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.160.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 52.168.117.170:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | confiant.msn.com | udp |
| GB | 2.21.188.26:443 | confiant.msn.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| NL | 23.62.61.113:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 13.107.253.64:443 | mem.gfx.ms | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 13.107.253.64:443 | mem.gfx.ms | tcp |
| US | 8.8.8.8:53 | 26.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 13.107.253.64:443 | aadcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | cdn.adnxs.com | udp |
| GB | 2.21.188.221:443 | cdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | shftr.adnxs.net | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| DE | 37.252.173.215:443 | fra1-ib.adnxs.com | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| NL | 185.89.208.19:443 | shftr.adnxs.net | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | 221.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.60.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| GB | 3.162.20.125:443 | cdn.mediago.io | tcp |
| US | 8.8.8.8:53 | direct-links.net | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 172.67.149.138:443 | direct-links.net | tcp |
| US | 172.67.149.138:443 | direct-links.net | tcp |
| US | 20.189.173.23:443 | browser.events.data.microsoft.com | tcp |
| GB | 3.162.20.125:443 | cdn.mediago.io | tcp |
| US | 34.111.60.239:443 | images.mediago.io | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | kmendation.com | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.149.67.172.in-addr.arpa | udp |
| US | 172.67.207.153:443 | kmendation.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.152:80 | apps.identrust.com | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | 153.207.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.entlysearchin.info | udp |
| US | 104.21.19.208:443 | 2.entlysearchin.info | tcp |
| US | 8.8.8.8:53 | cdn.taboola.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| US | 8.8.8.8:53 | cm.mgid.com | udp |
| US | 151.101.1.44:443 | cdn.taboola.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | code.yengo.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 50.31.142.191:443 | sync.outbrain.com | tcp |
| SG | 172.241.51.69:443 | code.yengo.com | tcp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 104.19.133.76:443 | cm.mgid.com | tcp |
| GB | 2.21.188.27:443 | hbx.media.net | tcp |
| IE | 63.34.207.242:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| US | 8.8.8.8:53 | trace.popin.cc | udp |
| JP | 35.213.89.133:443 | trace.popin.cc | tcp |
| SG | 172.241.51.69:443 | code.yengo.com | tcp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| US | 20.253.0.30:443 | sync.inmobi.com | tcp |
| JP | 35.213.89.133:443 | trace.popin.cc | tcp |
| US | 8.8.8.8:53 | m.adnxs.com | udp |
| NL | 185.89.210.20:443 | m.adnxs.com | tcp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 8.8.8.8:53 | sync.im-apps.net | udp |
| NL | 23.62.61.163:443 | sync.im-apps.net | tcp |
| US | 8.8.8.8:53 | tsdtocl.com | udp |
| US | 151.101.1.44:443 | tsdtocl.com | tcp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.133.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.207.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.249.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.51.241.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.0.253.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.89.213.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | viviontop.github.io | udp |
| US | 185.199.108.153:443 | viviontop.github.io | tcp |
| US | 185.199.108.153:443 | viviontop.github.io | tcp |
| TR | 2.59.119.93:40 | 2.59.119.93 | tcp |
| TR | 2.59.119.93:40 | 2.59.119.93 | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | 153.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.119.59.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acdn.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | pixel.adsafeprotected.com | udp |
| US | 151.101.1.108:443 | acdn.adnxs-simple.com | tcp |
| US | 3.224.95.187:443 | pixel.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 8.8.8.8:53 | fw.adsafeprotected.com | udp |
| IE | 52.48.163.181:443 | fw.adsafeprotected.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | dt.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.95.224.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.163.48.52.in-addr.arpa | udp |
| GB | 18.172.89.103:443 | static.adsafeprotected.com | tcp |
| US | 3.93.206.215:443 | dt.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | bs.serving-sys.com | udp |
| DE | 52.57.91.20:443 | bs.serving-sys.com | tcp |
| US | 8.8.8.8:53 | secure-ds.serving-sys.com | udp |
| US | 8.8.8.8:53 | choices.trustarc.com | udp |
| GB | 18.172.89.46:443 | choices.trustarc.com | tcp |
| BE | 23.14.90.90:443 | secure-ds.serving-sys.com | tcp |
| US | 8.8.8.8:53 | lm.serving-sys.com | udp |
| DE | 18.196.77.193:443 | lm.serving-sys.com | tcp |
| US | 8.8.8.8:53 | tracker.yougov.com | udp |
| IE | 52.210.123.54:443 | tracker.yougov.com | tcp |
| US | 8.8.8.8:53 | 103.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.206.93.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.91.57.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.89.172.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.77.196.18.in-addr.arpa | udp |
| TR | 2.59.119.93:40 | 2.59.119.93 | tcp |
| TR | 2.59.119.93:40 | tcp | |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| GB | 216.58.204.70:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 54.123.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.204.58.216.in-addr.arpa | udp |
| US | 20.189.173.23:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| DE | 18.196.77.193:443 | lm.serving-sys.com | tcp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 85.171.252.37.in-addr.arpa | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | a4574df7de4dc090cecfa691d3f34287.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.65:443 | a4574df7de4dc090cecfa691d3f34287.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | fe4433c0e01d675fb051fe2d5132f0fb.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0df12048d15c88ffa64cafd7dc1e65d2.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 2.17.251.6:443 | deff.nelreports.net | tcp |
| US | 2.17.251.6:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | 225.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.251.17.2.in-addr.arpa | udp |
| DE | 37.252.173.215:443 | ib.adnxs.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.251.17.2.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8b167567021ccb1a9fdf073fa9112ef0 |
| SHA1 | 3baf293fbfaa7c1e7cdacb5f2975737f4ef69898 |
| SHA256 | 26764cedf35f118b55f30b3a36e0693f9f38290a5b2b6b8b83a00e990ae18513 |
| SHA512 | 726098001ef1acf1dd154a658752fa27dea32bca8fbb66395c142cb666102e71632adbad1b7e2f717071cd3e3af3867471932a71707f2ae97b989f4be468ab54 |
\??\pipe\LOCAL\crashpad_3576_VSHRVCFOTYUKJUJR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 537815e7cc5c694912ac0308147852e4 |
| SHA1 | 2ccdd9d9dc637db5462fe8119c0df261146c363c |
| SHA256 | b4b69d099507d88abdeff4835e06cc6711e1c47464c963d013cef0a278e52d4f |
| SHA512 | 63969a69af057235dbdecddc483ef5ce0058673179a3580c5aa12938c9501513cdb72dd703a06fa7d4fc08d074f17528283338c795334398497c771ecbd1350a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0e045a254f92603707bd61847367a27f |
| SHA1 | 8f638d605b33893fac525c971e09d347f004b0b2 |
| SHA256 | 64b5b580ea860960e9e7fbdda97eeb5cb2839778ac05224b8ec154521025d964 |
| SHA512 | d9d5adcbb8dc2cf9507382c0a9976589826d79c907badbeeb353c42ec6f9236ac45ccd76c3ee00efd6eb54f521f46d4c9240cf117958c251f2720908b5c386fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2f3976322206114e225b4487f02eb1b8 |
| SHA1 | 4f8e029e44c05babe52838e59ba3eaeff474c1e7 |
| SHA256 | ce2af2e1689645274edb8be2d8580c80edb9c3c6430f48c781ae4e0ef89070dd |
| SHA512 | da76180357e5d707f8928bd14dca8281189775a0eb4236d7840829c8ffeee2fc11ff155f528474bf92d9d1400e68e76f7f6767ab92375ab5f77632319deb922f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7186948278f23a0d8442be2facb1297a |
| SHA1 | 6a0d61fbe3879e1db722ba40361ea8c5767b5123 |
| SHA256 | 1e6f403b25ef21f9ac881131f7e6badefee165b351a56fa79aae23ed84fd57f7 |
| SHA512 | d6065db0f3c7a5afbe726acf3cb0f32d2fb8964da6a1e815a53c207ea349887d50b9919383b05f1ec09fd1e50e481a620a5f747a123e98ddf43469976f328292 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 2cfc011b6717079799e456b6fb67cc1c |
| SHA1 | 0d8baf5af08c6bbeb06e4fe84a68df0a1c1b2514 |
| SHA256 | 3cf3c93338a79d1f399cc2e5adb5fff0592cb4f93dd374fea9eb0423e1a5570a |
| SHA512 | 5ada32ac159045406e87dd2aa151ebf8c8eb49be7b4ac441111882aad8821cf342b034a7b6d8a81ddd8904fdf9110041074268e0f5070159bf290531b8ffea7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 7025680a4f63820bb40f6f421d1bd91a |
| SHA1 | ed0b36362ce5d4df0a4f521264c63fd036cdfd4d |
| SHA256 | 399ed8d4f19abf872296980ad5e68f33e1a60bde7ef942914ffd7a0019c8c940 |
| SHA512 | 086871b630709ce6c22a1007785096b5d47fbf4a8c5c66bf0691b5947f6f1106fa81e2a17531c7a21774116cd0d288f94c6a1c2767167a7c46518cf9f1de0d7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | c549010f60637ea4dd0c2aebbf3d76c5 |
| SHA1 | 752de3efb571a629e11bfee0ef0e6dc34fb0b983 |
| SHA256 | 0fadb862b4dec689e05fa5404ae7da72eec558e23abd86939d9c12699c6b97c3 |
| SHA512 | 5f9fa07fea313c83b7bace02f27b01fed1eaa709d55e916c9f2ac7b51f033f1a1fbace9e0d3f1a64499ac0ccdca8f4a6ec99524b3761b3cf047301ba20983adc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bdb78ade6c672a8202d0cc16b7acd7a3 |
| SHA1 | 49e8f24fc7a4d2d6f426f15498c96d29df57dcc7 |
| SHA256 | efb503370707014a9ae1cdc8e292e4bec4dd0f16b64dc222f0a6075eff5ed012 |
| SHA512 | f57d09f4f1c3c09ebbb0970bbc05e1f77b13197d8999740f75a9e486196b387141b7cf74bb0ebc3c1d48b435357653f1cf7632ce3d37f5c92f0167716c1cac9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 03efbc378df90afe4a2ecd59f328f386 |
| SHA1 | f3bc5e2a25fb4d8437f3f04c8f166602ac3fd021 |
| SHA256 | 49a3177bc999c3a88a144ecd1f3aecd17281f3746751ecf8aea3da579bb0690c |
| SHA512 | 8b3aed2727d52a43198bd88dbf4fc7f7c15bea0e1b24087e86bf2bcf1c7243f37d06b0d574357b05d4e33744516b322e6879db52b99f8cb89ac5b83ab1cc1863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c592.TMP
| MD5 | d5dcc2c90dcf5623215a1ee2ebc9c348 |
| SHA1 | ea798b56c10261fae4eba3584750f991634ba21d |
| SHA256 | 2ec38144f12a139e31cd92fd6dc841374f7ba1c8895eabc2d7a9008b2c9c3d44 |
| SHA512 | f582faf04a99abed16dd2058f20df38222845184bea17ef85b55892ee85f43c6bebe5b304e9df4dece0854a0fc12c43fad2afc6d2eb0424ef63129edd0ea7e6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 128c0ad1aed2dd38739a0d9672440c9e |
| SHA1 | 33047b174058bdd792b47d0d2b2da7cc6eb1d0f6 |
| SHA256 | 6c5703dd366384a00053589d998ded24a25dd4c342b5f1f844c967676fa1be00 |
| SHA512 | 5d1d51e8c03f21a3051d5dc4df4250a773822242aceebe5378d07ec92d1215ce54d350451fc491ffb26505eee6d5074b1280e42b921f7f4c503d31d59d1b3420 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 0dccd02039ae65099ed73888d33660e8 |
| SHA1 | 61f42540aa07a7ce2e7e8d9041cb71abc8112654 |
| SHA256 | b3de86284da0c55fb8f5f2de2873cb8ce74e46a935abad0306dbec5402dbf105 |
| SHA512 | 32acb31ae539d817efd19de3447d592d8e54520ff7aad57c691d362c30fe07fd9eae9ed1a8ea0d3bea4baa4873f68c204ab1bab385c5f21daac1674d86779cf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | bd2a8fa16598428ac9fa8e1caefa237b |
| SHA1 | f23bf26f19dc28fe33ab1a9b16f6cc67695bbc6b |
| SHA256 | 7097e1888e9af8cb82ab75c23a87b6e9830525151945ae662bf3b291bf04b831 |
| SHA512 | 90f65d3cec50cee788db2fc0006650b8d2a14eaed3f69602a3a99ac227eb7d1f47d9139bb4074e91e18ea781025c420de1b4f1946883b2afc312283ba8ea7c95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | d08d79e572490aa64e6e4e3bb29731f8 |
| SHA1 | dee7c973f6a4887077fa3e72eb39b9f056910ba7 |
| SHA256 | 0cb03c3227657c14c57d7d85057dcb528d9df37a9fb49840a2e62f8e078270d5 |
| SHA512 | 037531686d00240a50586de62136af3dc0c04d9c0c337071c63d8c84232b953d185949cca9aa0709abf227448fff897b1163a745709e938ced49e50266c5c682 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | 9c6b5ce6b3452e98573e6409c34dd73c |
| SHA1 | de607fadef62e36945a409a838eb8fc36d819b42 |
| SHA256 | cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc |
| SHA512 | 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
| MD5 | c984007d060766e41c7822ba1429658b |
| SHA1 | b016cc7dd0f8243422b7bd3636c6f45426edc234 |
| SHA256 | 1a5ce05e4a177d78ac9565c1104e1fd113c41aa5deb202442e48c102d22955d9 |
| SHA512 | 7720ac3ab724bafaaaadd5892fafe526fef0d4cf9618453a5df6dfcebc35173a980aaa52f7ccff7afea99cdc39fe81ab7fed4cd2baa5dca89d07b8befa3480ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 6ec86a122423ba260ba73447b4ad58de |
| SHA1 | d322873ba3b2057d2e2ad3d3f4f17282a73651f9 |
| SHA256 | 5419e5523fbdb5e220f2adf8cb937d45d3a4e9de1bc0f1055455f7440b7de5f4 |
| SHA512 | cb44aff5ddc0a3a06781e56995799f2b0a5e9e153d86daf15577228caeb38c53781fe54dad15a5599c25dbe64794da042b14ecf9958a729befa964e302d56194 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e8e9.TMP
| MD5 | 12d4e8bddca04b2aee11991ac1badc36 |
| SHA1 | 0247a2fbcfd0bdd2d6beff1af5e09966ad71d686 |
| SHA256 | 9fcb9360ac5efa4313473e17251aea98004f1f61e0cfb9a74426dbb14b56c2b4 |
| SHA512 | 17aa97712c919fd668adf5104789a916a884db8dbeebb6a32cd0bdbaef989fc799ea659758e286a9f4e71f2596e9cb51aa2294b5e1368494d0aaf9ee78bc5730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 941083210469fc5121c89b425fb657db |
| SHA1 | 0fff11d13c2633b3b5e3bb4bd315ce99375e4257 |
| SHA256 | f7fde7fab71cd11804e7618c32362f3dd312d4afb3b6eaf10145905f5d4173a4 |
| SHA512 | 5007ff0618f0e661a26834d0861df814e645735e18b07c3918ecd4c3255ac36a2c290662897c6aca48e9e35cae843cf9b97fe796fc6025b88d45f681a8ab4298 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f96c7c27b3d0aca741453a582814a730 |
| SHA1 | 82008dc665c6aea01c2faeef6d94934b052b2037 |
| SHA256 | b8c88e5f74d7234b00f72c97cb684523f50ae9cd3199f130d7575208b5e50505 |
| SHA512 | 938267f900ff3632d559980288545d02cff637b4520d484e5e86c5469c97ae644840b0bbcfd7d301a565ea422c06d80ccf3490b5b80f4b8f340e0287fb37f3c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | 05aa4ed3532dbe1043d2a073b24877d7 |
| SHA1 | c7f4138e0bd87c3b8683ed9191d8bcd76408c0bc |
| SHA256 | 11fe360ad80e52d7194aa009472be9bd75ae230b9f7c8206c60b4d53bd2c9766 |
| SHA512 | 1b69476bba1f1d51fe69ee1e2b4b2ccf08320d3777a0a4817c56bbf8c4d29726cac63ced1579ea3f9a7f1220ce7294f3de0e0baa470a367662432c25ebb8c601 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 67c1c079b67986dc8748673ed4708171 |
| SHA1 | ef0a0a3d00d41c8d6190b9bb8746d3134827e559 |
| SHA256 | 7a42a7aa63b2d6e077cd025ffae61aaa260e521948a489267dae3a82df961353 |
| SHA512 | fed0cf903e10dff64a58411c6f4152dcbb66bd8fcb389c6bef05a6889510b3098d7bfefa7d4d7c6362568989b2a22d7cccac84a7f7eb5e198ff32f0a5467f9a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\3acfea92-b9db-4e88-b3d6-0ed7330dab94\index-dir\the-real-index~RFe584fe0.TMP
| MD5 | 252fce762c1bd7c1048a8aa37e0a19ad |
| SHA1 | fa496a127e3a70d756e63344c83adfc499b028e7 |
| SHA256 | 38932419b1792e084b272ad99a1164adc47c41da31009ffae304b2c8b92fef20 |
| SHA512 | 0921b1a85c9e2a5d22255f6146d632b38190f2a277e45c264309f30403531d664868323873845bec1bcf7d3d5ec28cf72d55a3acae1106e017d541b1b638691c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\3acfea92-b9db-4e88-b3d6-0ed7330dab94\index-dir\the-real-index
| MD5 | 4535d9643b79923536a820e6f1e30729 |
| SHA1 | 45f23f4c7d3eed46812de44908ee5b532a468701 |
| SHA256 | 34d3cab7b2b8fdb2e2d2bd4f4294fbe02e3b29f968dc982c381ab277a6a13e8a |
| SHA512 | 8b6c6c2f5374097e5e4a484e005eb0d2aa5c8616de4e3026b80ec1422091065daca48d2611f4fa2b7ae35c2a1141a769760f9e364e7a49ad73fa30f655a3cda9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt
| MD5 | 0e252acdbe9d9da7517edd1c9eb3adf4 |
| SHA1 | 414fcf80a53d9629c4c6453ded77263d79ea1827 |
| SHA256 | 7de5460f1e7e1d9999667135a63cafbbebfa4019575a4a8a793132c24780b461 |
| SHA512 | 6e1c5ea1376274bb71f67ab83c63bd5398fcf91a8ac1c8f6f2163dbc9d4672147c9bf08fc9a02384c8cbf2b74e5d7e7818b0e701ab15bbaacf5b59807734e40c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt
| MD5 | 7274c4552139d8f68bd74f5fb6e94f2c |
| SHA1 | e3bdd0cf0aa068e52cfaac739f644116d219e305 |
| SHA256 | fbb3a5a23d3f34d5c494dae121e645a747b53ef378aac0d9021b468add0b1bbb |
| SHA512 | 528c72dcd6ce4c4ed21e1eca42f0d2a7aac5c53ef8e4e0cc3a61c3d86ffd7e6f7b78a857eb4e6fbbd560fb7089eb6c34e1f62f022d6ce49268d3c92e6a3d4192 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 508eff5721e231e42329d7c453fb9c69 |
| SHA1 | 258731650ab086142d3b469a3bcdf17b50087901 |
| SHA256 | f834b04e74f8c8380dfd2ecced409ca96d2de2f44ed153822b1b3fd698500ca7 |
| SHA512 | caa2f13f8bc2a8840ef2bbad6d538032f8d9425b13cd1ffe202b0e90e567ff2160f5a6eebe8e6baa6dc7b36d20f4093fc99287b9be6b71ec2e960aa593c755fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9fdff9c3c8109a557694bb6931e3b406 |
| SHA1 | 0b21281feff8da4719b954dbd51f61eb7a9f7692 |
| SHA256 | 4c54eb55cfb01dc896d4a12d5454768bfe229c50aa611f525b07462b39d81d55 |
| SHA512 | 93dd86deff50e5dc8ae3dd90951c259a4fb35df0705964002d27204653d1c4c7d39b137df15b1401751350fe65c29e67dd816c320bfbeae1016b57f52f4d3cd5 |