Analysis Overview
Threat Level: Likely benign
The file https://account.microsoft.com/activity was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-06 18:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-06 18:57
Reported
2024-06-06 19:00
Platform
win10v2004-20240508-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://account.microsoft.com/activity
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcca3d46f8,0x7ffcca3d4708,0x7ffcca3d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,12701586545651363993,14116541524577695208,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4772 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | account.microsoft.com | udp |
| SE | 23.34.233.29:443 | account.microsoft.com | tcp |
| US | 8.8.8.8:53 | account.live.com | udp |
| US | 13.107.42.22:443 | account.live.com | tcp |
| US | 8.8.8.8:53 | 29.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.56.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 13.107.246.64:443 | acctcdnmsftuswe2.azureedge.net | tcp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 152.199.21.175:443 | acctcdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| BE | 88.221.83.233:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| GB | 51.105.71.136:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 233.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.71.105.51.in-addr.arpa | udp |
| GB | 51.105.71.136:443 | browser.events.data.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | eaa3db555ab5bc0cb364826204aad3f0 |
| SHA1 | a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca |
| SHA256 | ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b |
| SHA512 | e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4 |
\??\pipe\LOCAL\crashpad_1772_BHIZPKFDJMYGNPAX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4b4f91fa1b362ba5341ecb2836438dea |
| SHA1 | 9561f5aabed742404d455da735259a2c6781fa07 |
| SHA256 | d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c |
| SHA512 | fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6ee2d98a1c60ef910259f9ff33966550 |
| SHA1 | 06a161b7b29ea9da0056805d44aec42b0bf20d6f |
| SHA256 | 9e8a501b77e1be6604e5706a2c9b3a35d45131a4b050da676ac14489c2db514f |
| SHA512 | 609e8c5d0039d1c3b019893f218fecd8671d8bf530d8d420d13b861d571aac64affbdd875554ab1f5a7e0c4415bd621c105c2ab87ba7720116e4a04f6062184d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 218a8f9b7fc260d9d786796fa8dea788 |
| SHA1 | 5d486886e01e3ecb8fbb50c7fea4f772971cc6d7 |
| SHA256 | 5c81b1f3de3aa68106a3d580de1f14734d58fa8d2b2b8c9b572ee8d62b23af70 |
| SHA512 | 5b65fd55833a96c9d0dfc4a9f9d1294a70ed3c5bb7f24f3c833b79fa4fa3bc7a3cde870b267bfdd07e4b0cc1d7ba7bf38acfa0feefa6904f5cfaf48051e94f66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eecc1dfdb0e8f0ff2c82b84d05d241c9 |
| SHA1 | 1fb23f9870c116077d61482f4921d4df3707dbbf |
| SHA256 | 3d2163438fda55027c26eef3fa738ad323f63016f94c3a439e780d795debfff7 |
| SHA512 | 4c500a692f4e75eb66b0baaabf455bcf95fef136b0504fde5711ac9080676a4393e1241b7eaa728d0a2e8604ab33a0a8098aef5b13b2df23a3a16209b7c5134a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 61c414fbe1918a087d5a386e00624f5d |
| SHA1 | 0df2fdec5d8cfa466100e8b5f0954d9e624eddcc |
| SHA256 | 1c8cb05a956ec35b90e35223895703aba011df9d8db433ac73ef8956c11bb4c4 |
| SHA512 | a2fa82b1c58e8d3c253522bf804528fd1b113b22bd39da827457300ccb73bc6acc1b240289b638aa0694c4948ca99680d222b88d356ba2b76694e8ac0ffec78b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d798758a6fe2bfe3f50cd91d1ee5bdfc |
| SHA1 | 921a5efa96ad5b7eb1f2be1d559769fdffc5dbc7 |
| SHA256 | a2b5519af239e52f804be386ea88d3bd061cba4b581aafdf2a1e3774be6e75eb |
| SHA512 | 517f88ef3cb09a85c889f5bc3f70d9ec255871d77b1551d60e4b947ef6517c25bf08d8146ead9a31d3ebfed45ee56d74e8ac313c82c3e4e31d08d05d77e88d6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c246.TMP
| MD5 | 70badb3e31af932c84ed031ef1268af3 |
| SHA1 | 094c654f675b25ce28ce7a6e43c9da10a8a3093b |
| SHA256 | 9245ca7ef784f1353226591c37f63680448d598b6be92ddaf2f6367a198a8b17 |
| SHA512 | 914baf0ce6bbb28b9ba4c361056916d6da98c4637042651d5f1e2b9dadc73c7744556f044091e31a1e6c53a864744e972ff47a523a6b0c8923c54e97688b2129 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9c289f2e300ef9e1327c90e9326277a0 |
| SHA1 | 1f9cc33de52b3c93b0e687208db80fff853e679c |
| SHA256 | 4bf105549fd11c58eb3ac0bbfbda92784b5b311fa3d917898a8d8344c000519c |
| SHA512 | f761fac8dc989b767ea0f83293caa87c4ea5477ca59ee7a5aa15fb6b396d22c9253d7f7de29fa5f9f8c9cbb382255e59d4b3faa598e3712818d2ab1a9088874d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f51286d8-7db7-478c-a92a-d823f704a4a9.tmp
| MD5 | f56234d6a71483ca37b3487f3f7be941 |
| SHA1 | c6175605abce6f42b5ced0ef231a72c6d26bd574 |
| SHA256 | 904e19036aaa25d60fd7201979d4991e021ac3c8b07aa6eaed90cda83e1fa99f |
| SHA512 | e249c1b95d92d1a6b13e3e6d1ec75b666a66ad152fe3cda75dabd7e05afc864e39d25f74fded4f7730c0d7b27977399c0cea1ae2076dd0e847e10c900a4277d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7db8d8ed718a1cbd07c5f3b93dc39a90 |
| SHA1 | 08ef03562b4dfbd8cd4a051d74af4929e28df72d |
| SHA256 | 4adf48aaa668fbac6cb585be66c4b75ffa423e0417889514050e11a1ed0a9869 |
| SHA512 | 17ed45efb92ceacbb27ff17023950b64e26c9485f2153c9f7d4739f8e7d8d07e329b156de18fc4f52cee5d0e544f0cef431761f6bb1ff8c584792c188d816d23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6d7761f508369575fe2be1228e053cb8 |
| SHA1 | c0036b526744333aa920c30efb7aee991121141f |
| SHA256 | f97250df660f9f21eb36737602dabbb6e637f63938061109669c8f6a1d9b8315 |
| SHA512 | 9b7662c081e80b5237c762bcc4eb2be58d1292b08c4a80538e30c3804fe5197658c45faef037b8b8578bd73e615c24b89e6826339de3c9ed6c4862fd27001c89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8812472075db0095fec7e4b9f9f3ed03 |
| SHA1 | f5e3e605a7c8079aa2190e4b22a33057306889dc |
| SHA256 | 59a4900b610ae064a85e7b67ec61ad4702e73647b00038c86263d18e11733e27 |
| SHA512 | 44e851853fbe30ed412d34cad1c4c5b1ddc5a3cfd93473d5a62882d56bd523f85ad2eda704a2fcdbc07ce4b53a1c2ce3ef89594db7355a72eef5ae24c9cf6ad1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d1a6348e0b2ab52c0976c6be671ec3b4 |
| SHA1 | 85dfda0d9e188c27c29b2ba451a4146ff8d4cb90 |
| SHA256 | 4aeeb1ea7a93dc4874cf4a1d2800c320a843a1ab5259bc1bdb83f918c34c8b46 |
| SHA512 | 7f9de5d102f778856e56c74295e537cbffe03c1fd210153b905a7261bbd71efd88cf40f5b43f2ba8b975a241f87172d1f82c4e732e43a39596c7815623188937 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 29e3645e51f0091ebb8481efd85d4efb |
| SHA1 | e6444d69c04eaf4bf0b3ed33ba801fc049dd5efa |
| SHA256 | 7723db85cf233e1ea953ee91c2c273d59f64be533c0e75379409d381d18262f9 |
| SHA512 | ab34d05fca49225fdd28af9e68cd4f7bcbfedd4f2b5ec72d5cf3a64c3a59237fc509efb11e381f9d8becc64a53fae01224f91fff732eed6e0bac5ab01df7bdcb |