Analysis Overview
Threat Level: Likely benign
The file https://wcw-roblox.com/controlPage/create was found to be: Likely benign.
Malicious Activity Summary
Drops file in Windows directory
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Modifies registry class
Suspicious behavior: MapViewOfSection
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-08 08:33
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-08 08:33
Reported
2024-06-08 09:01
Platform
win10-20240404-en
Max time kernel
1667s
Max time network
1645s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| File created | C:\Windows\rescache\_merged\3720402701\1568373884.pri | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\ | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "703" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$MediaWiki | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "2662" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "541" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "132" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 5c6e68a37eb9da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = 30f8e8b67eb9da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "132" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 20bbf26a82b9da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = de70ebb67eb9da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Extensible Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "3490" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "3612" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "650" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "2662" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1a069da37eb9da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "23" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.msn.com\ = "189" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.msn.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://wcw-roblox.com/controlPage/create"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | wcw-roblox.com | udp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 90.56.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 42.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.97.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| NL | 52.142.223.178:80 | tcp | |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| SE | 92.123.135.81:443 | assets.msn.com | tcp |
| SE | 92.123.135.81:443 | assets.msn.com | tcp |
| SE | 92.123.135.81:443 | assets.msn.com | tcp |
| SE | 92.123.135.81:443 | assets.msn.com | tcp |
| US | 104.208.16.91:443 | browser.events.data.msn.com | tcp |
| US | 104.208.16.91:443 | browser.events.data.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 204.79.197.203:443 | www.msn.com | tcp |
| US | 8.8.8.8:53 | 81.135.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.21.56.90:443 | wcw-roblox.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 91.65.42.20.in-addr.arpa | udp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
Files
memory/2376-0-0x00000239E0120000-0x00000239E0130000-memory.dmp
memory/2376-16-0x00000239E0220000-0x00000239E0230000-memory.dmp
memory/2376-35-0x00000239DD4F0000-0x00000239DD4F2000-memory.dmp
memory/1928-59-0x0000022DC3300000-0x0000022DC3400000-memory.dmp
memory/1928-62-0x0000022DC2BD0000-0x0000022DC2BD2000-memory.dmp
memory/1928-67-0x0000022DC31D0000-0x0000022DC31D2000-memory.dmp
memory/1928-65-0x0000022DC3110000-0x0000022DC3112000-memory.dmp
memory/1928-137-0x0000022DD4670000-0x0000022DD4672000-memory.dmp
memory/1928-135-0x0000022DD4650000-0x0000022DD4652000-memory.dmp
memory/1928-139-0x0000022DD4620000-0x0000022DD4622000-memory.dmp
memory/1928-145-0x0000022DD4A00000-0x0000022DD4A02000-memory.dmp
memory/1928-143-0x0000022DD49E0000-0x0000022DD49E2000-memory.dmp
memory/1928-141-0x0000022DD49C0000-0x0000022DD49C2000-memory.dmp
memory/1928-147-0x0000022DD4A20000-0x0000022DD4A22000-memory.dmp
memory/1928-217-0x0000022DD3D90000-0x0000022DD3D92000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157
| MD5 | 1bfe591a4fe3d91b03cdf26eaacd8f89 |
| SHA1 | 719c37c320f518ac168c86723724891950911cea |
| SHA256 | 9cf94355051bf0f4a45724ca20d1cc02f76371b963ab7d1e38bd8997737b13d8 |
| SHA512 | 02f88da4b610678c31664609bcfa9d61db8d0b0617649981af948f670f41a6207b4ec19fecce7385a24e0c609cbbf3f2b79a8acaf09a03c2c432cc4dce75e9db |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V28C7N3J\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
memory/1928-233-0x0000022DC31F0000-0x0000022DC31F2000-memory.dmp
memory/1928-235-0x0000022DD3DE0000-0x0000022DD3DE2000-memory.dmp
memory/1928-237-0x0000022DD3DF0000-0x0000022DD3DF2000-memory.dmp
memory/1928-239-0x0000022DD3F20000-0x0000022DD3F22000-memory.dmp
memory/2376-244-0x00000239E8890000-0x00000239E8891000-memory.dmp
memory/2376-245-0x00000239E88A0000-0x00000239E88A1000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\X5O1GKJY\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
memory/1928-269-0x00000225BF6E0000-0x00000225BF6E2000-memory.dmp
memory/1928-271-0x0000022DD3F40000-0x0000022DD3F42000-memory.dmp
memory/1928-278-0x0000022DC3120000-0x0000022DC3122000-memory.dmp
memory/1928-280-0x0000022DC3130000-0x0000022DC3132000-memory.dmp
memory/2400-303-0x000001F40C110000-0x000001F40C210000-memory.dmp
memory/2400-345-0x000001F41C660000-0x000001F41C680000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\VB58T6HL\www.bing[1].xml
| MD5 | 46a15b62b053e566b307517c8ec2ef30 |
| SHA1 | a0aca68d7208023250ce48fe9f9bf87658738877 |
| SHA256 | 770b0620d2c3ed9703d8f1f636aa4428ab4e4aebaae75dc5a350012e15b84dc5 |
| SHA512 | 06937b65c70d35bd66ec1792fe46f5cf7bce54e0c9392976f493457ac23f7ee037042a073053f8e894a955f13041811f1b699406cb995148531d769d2771821c |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\PI9XDH61\www.msn[1].xml
| MD5 | ac2b34e14d2036f2563934f13243282f |
| SHA1 | d04687e9abeed751a37e33060a548ddb321c3906 |
| SHA256 | 846e6cc79d4b3e52dad8dd0155b2541aa5375507963a4fce373706b0dd3b450e |
| SHA512 | 2845b0f4ed3b38f5eb0c76d83afd0f19c99863d85336141165d2e52b523775239e2b7affeab274c6539c8f7cc18a7ebcb82c5897dc7e091851bcc5b0af628f49 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3QPGLOFL\favicon[1].ico
| MD5 | 84cc977d0eb148166481b01d8418e375 |
| SHA1 | 00e2461bcd67d7ba511db230415000aefbd30d2d |
| SHA256 | bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c |
| SHA512 | f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\EAF8AA29A62AB29E614331747385D816_F9E4DC0B9D5C777357D7DB8DEF51118A
| MD5 | 508c8f04d3e126dd793e9af1a061db58 |
| SHA1 | b900248988bb9521dbc2aa23ef20aea8008e1483 |
| SHA256 | f4bc4a0968b3ea96145c0dbe04145d50047b1c849b77c5b60dae804a6b13f3a0 |
| SHA512 | 12dc1a8f3a0abe18e3de13bac7f66fff986d96a467f6c1f2e533eb1d0b1f412b6ff1f9ce3b84268f90e31fe35b6e420255e3ecf8c82d8f02f836fa11a919bc9b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\EAF8AA29A62AB29E614331747385D816_F9E4DC0B9D5C777357D7DB8DEF51118A
| MD5 | e540d65402f5ac85d19264ae4d943963 |
| SHA1 | 02eb7cc3b9d6d6f0a8eaddcdffba8e6cd1d75d96 |
| SHA256 | eb885b0c678c0a6748e473a10ac12df4bc44bbac86d68ab12f29ac955b41d69d |
| SHA512 | 319a45bf476c22f10d48b28f60c643d5859165c59980a92c7f90741d8812f2c592ca47d0523f26baaf13192fa955f56fe818b0730e5c6e76ec3f68df19e74cc9 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\warmup[2].gif
| MD5 | 325472601571f31e1bf00674c368d335 |
| SHA1 | 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a |
| SHA256 | b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b |
| SHA512 | 717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 8202a1cd02e7d69597995cabbe881a12 |
| SHA1 | 8858d9d934b7aa9330ee73de6c476acf19929ff6 |
| SHA256 | 58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5 |
| SHA512 | 97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464
| MD5 | 6dbfadaccb21e279dc7380d613d6ef1e |
| SHA1 | a6a3b7dbae02418a79ffc86515489871301f9fac |
| SHA256 | 0a6d46770f22927385fa80b44100b2c8256788902cee067d1074b2da41baed59 |
| SHA512 | f457e14a6135d619ef2e9b37a5b45c0fb6409ed6c82ff2ad89c43498e53dc1cd6fa23ae0fedc2e3f14f25ab0e6330059d108670df1120164674142bf45addab0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | ad5a2250098d6c8559dd9ef5db6c8610 |
| SHA1 | af8016816cb8442e0747b773c0f4f303de4272a1 |
| SHA256 | f22526ab1e29386dd1e576bfc0b4121ab028d50348756109aede5b53d32ca884 |
| SHA512 | 4d1f83ec78f494745b0fe4d2db5470d59ba300d4994037cd0beebaf77137337468ffc5d3d1ffe24f8acb55e8e67d0fe4d828c9fce4f87987a137a96feab26759 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
| MD5 | 69182232dd9c3b7269046f9ed331efda |
| SHA1 | 95020554f02e75db9b13c624dfdfde102455c1d1 |
| SHA256 | 006723c751735311ea9e9d754f97896f4c55026d24d674dc0f8f3c8e7304a264 |
| SHA512 | ad1ecf0a96588b66cf923b6a8f5d2ad9a41a4a31af6dc9b2794d5270e14ee3b5a215ca1fa01909b69778899f25259150267a5662f13802295506e6832006c96a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\80237EE4964FC9C409AAF55BF996A292_FB287BEB63DB9E8D59A799779773B97C
| MD5 | 97a9c1c1ccd390c9d02bcbad90168d90 |
| SHA1 | 2b2a036a9a2d18283f1c7050e7d675fef75c59de |
| SHA256 | 246bb20bf852920523122117af0a40712a74c4627e54a12ad0e0482d2d0b984c |
| SHA512 | a69c74602142ce4b3738b08197d5fe894cbb2c31b558614a7c3ae2563dad45d5942d64432152d6e1caa34e87b8d94b668f67d73a4a4fc3e0e0c4a8c0edf6c951 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\80237EE4964FC9C409AAF55BF996A292_FB287BEB63DB9E8D59A799779773B97C
| MD5 | e8dd7a9afe307a56823d640b06d7ecca |
| SHA1 | b853b2099a435f7998646e0d10d5e382728dba9c |
| SHA256 | f6582a43f235c178db6523ddf1702f6e20eaf5b0cb08c9ad00df9ee96a51cec1 |
| SHA512 | c185b075937cfd30e14bf895829dd39f73e1b67bbcececaf4077d0af9ddfdcdceb7c98702fc9355497f2b17ca3939314b183f50ad83c8ab2a9e0955df5999f9c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_5E390E1CA50E646B1021D6CAA485D322
| MD5 | 9b072f240c2decb2b8987fb49805a401 |
| SHA1 | 947b5bb8d970171e10a6b59216946c11860ee402 |
| SHA256 | 1535689c31ea983f7f9b231b8fc4bed3111b44f4cfd1d5fe7aa5f1af1a54124e |
| SHA512 | bd54e1b8e53e0e0c9ca444227f8c49cbf0e196b7ffbfd581548e632fad4d66535a959470923947cad10469e3ac9e4ede6918af0645e598bc8dd36efbee225a2c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_5E390E1CA50E646B1021D6CAA485D322
| MD5 | a49c2165ce680ac34d683bfd51f171e9 |
| SHA1 | 18d8b1005f032ae007adcc045afc9c27cf7a3df2 |
| SHA256 | 50791f132a645a25e84260d11cc703b630ce493e90a38472cf2a5508e7c0e1e9 |
| SHA512 | 48cd323d89326348e83bb9556adab7df5a49bf2365cb26b4a44d3d08ee16880f2ce23792d24b470fcc04fdc2b22a8e42812c6782f6c787cc71c90105919728fb |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | ac89a852c2aaa3d389b2d2dd312ad367 |
| SHA1 | 8f421dd6493c61dbda6b839e2debb7b50a20c930 |
| SHA256 | 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45 |
| SHA512 | c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
| MD5 | f01eefdfa155d90b84edf4edb863d747 |
| SHA1 | ed9f50f38ecb2c10e23ff787f5dc383e4bc65522 |
| SHA256 | d73594b28dbcee5bcef5d7bd65bda8a3aa9c9fa90527fa458a4b75fb2fcb61f0 |
| SHA512 | 26c3dab07a2cf8c3ca9f6010c3606abf46bc754c62a0bef29709a246cf439de3abdb27029771b195697dc2fb393fd61edd6a9b0f2a063825caaa24897618e25f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_0E84AD23AC2E74B30DEF739614C7EB94
| MD5 | dd281d2991cfe06df2d9fa6d9ef17c4b |
| SHA1 | 301f07e36352c0902bc8afc46b49503124d6dab3 |
| SHA256 | 580b014ec86a0f22fb8be653d5faa595b19a520f1a493a3a4ecbd1b260c18973 |
| SHA512 | 984b281e5247ae227f276b3a930e4a400936df376f6a6bd4a5c9a6fbf044210a883408e2a93debfbc7b1326d514a86f77b67ce43e585c1a73d59a19c03ea28a7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_0E84AD23AC2E74B30DEF739614C7EB94
| MD5 | 4cdfb9f86d8221210b2a374fe77b3cb5 |
| SHA1 | b14069dff8eea874c4733fd2754da58c78b7ba26 |
| SHA256 | f5e10fb246db676a0ca0247dfaf8387d17a5a4291a7b17275eeb21a32d0ddd7b |
| SHA512 | e3ddd6027bfe71a43879a57f8f7ed6db3447b7c5bdf2c152b0558985cfd0b0c9d128611bc23578048f41752f792fa59e9febba567490a9da9517c407c3a1cbcd |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\sweetalert2@11[1].js
| MD5 | fe178fc994c080fdfccfed9276c8bb0f |
| SHA1 | 52e7ce59af3ed350b76ad541ff0aa449583e7ffc |
| SHA256 | b314c7ef02eeb1517fcc59670d0126b26c18391b1676e7d67e3b3175560644d2 |
| SHA512 | 6b085f183a07b3accec366c69e5397d6d14ca67eb608bcf6b24364b36f8b8837492118bdae45eb7f90357d56fb560172ca6c45569e847c5a8e645afcb2a3eeea |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\bootstrap[1].js
| MD5 | 414a2b4b72b7b317530f51f6fdac4c34 |
| SHA1 | e2fa5d6ab23d390627f8687090ba8bcbc748f93d |
| SHA256 | eb1cffdbba9987456be7210c9ac7a451a31630e4fe71446dfb4b47d459282172 |
| SHA512 | 308028e3014cc44802db36044a3136396df7cec8b0d03c58e67e2df8b684a9187f1ea33746e9ed854b33c61fddd92a6f3b6de9b4d91ca18008ad77b554911d5f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\core[1].js
| MD5 | f3168d58d433acb53723bb8296525486 |
| SHA1 | 2c484233d660b1f3887b2bac95e8821f6660e7a9 |
| SHA256 | 9a3976044c3c905e82261c6d0e133e4b973b573c9aeb3d052a545a87ba2ccfd9 |
| SHA512 | f9fb055bcf1349623413e6162b3c7963a7f129568efc5e7c83c549368a25d7c83a598baaace054b9bd9fac92968edfc3b9014c8dfe179ea8b8aa7351bf89e081 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\44623006da[1].js
| MD5 | 460201eb773444d724c8a2186a7c182a |
| SHA1 | a671e027d427a2a6f24f4b73ba037ff3cc24f8a2 |
| SHA256 | d1faa898d5fa385ed0214253cf725b09f4fc95ba8fc52fc0a5962eb5781e851e |
| SHA512 | fda2aa9e17670b3dcede221ade64469adfb542e0493f8e81ba2d843b8e0cc027a18c4d150f0f60c6127cfbced82a960384d566cb107f411ef2ae55743ac26ee5 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\jquery-3.3.1.min[1].js
| MD5 | 4b57cf46dc8cb95c4cca54afc85e9540 |
| SHA1 | 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac |
| SHA256 | a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 |
| SHA512 | a6996f5029858c6de6de30eda54f8acc47d9713cb1adc576173ce8f75f79a2b944b9c04bfa55ad62829e705cede4fcb7c7c90785e8cd3e0252d79a186b1760a7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\scripts[1].js
| MD5 | 67f037e26f2dc27d93f191ece135e67f |
| SHA1 | d32665283381c69ffa0c118f9398c4e9b96192ed |
| SHA256 | 790bff9d66af01062ffac777b83a63b9601935eee567752576c9a6dfcd6dbbb3 |
| SHA512 | 3d5647bbe37ac3a6279d72d78da8f9dd49ace25e21ba8c1f467f5d5be0993667017d8c083294c2d8983facb749693810f2f83fabef9fbd592c47858f81cd885c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\snackbar[1].js
| MD5 | 41fc42592282c1239886c8298181a6c3 |
| SHA1 | 105f693ede14b089a50d632d79a9ef42458567fc |
| SHA256 | 7e2476bb742bf0beb3c18c5693232aaca66b3035d681c1a6afd18df816f7cea7 |
| SHA512 | 080dc72e24466bca6ac37dba2e0e31da3610d55d63d8339fd5f323ebe6098039b3d6c5dc95886a3959402da414b5e1bf434ce18142a7293556d3e8c04a929927 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\snackbar[1].css
| MD5 | e1cfd6a93044cf0a98064439523c4d45 |
| SHA1 | 546b8c03b4662d761dbdd764c0b8e03c7717d411 |
| SHA256 | 4c106ad7735da272fe342b0a983a6b62d4189578cae27127041b6398e4c68d61 |
| SHA512 | 7671643b9d1972eb69401151014df180fa81f4c598f11900d0a95c55be5f638f4e13563e2290afaa4f7788aa0dd16f6083931de6ac11997f91fc78578097fa87 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\css2[1].css
| MD5 | d866ccd8bd6b26bfa94c54e315e1c63f |
| SHA1 | 1dc19f963415c7d36bd5afef9dea9bc9f20e95f6 |
| SHA256 | 6324eb503524fa79f6c09f486dcea64dd398d9b24b6b376d979e6660d15b91d6 |
| SHA512 | 7ea1dc574d29ec1d4749f84da0d09e560a4fefac1ed8f707dd80f2176630c5d1833855963217959879bbb48f5ff278ba47d3ea402de620a555e6e2299e9cbeb3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\responsive[1].css
| MD5 | 60016ee14508a83305718fe5709d6505 |
| SHA1 | 5af2b4369bb439ba9c7e6a715402ff6bd086520a |
| SHA256 | 7a4c6a5e898ac7b731e562686ab669badba22ef88273335ca6e129a64a404b8a |
| SHA512 | df6260cec1e0b274425ca1c605527a7bf0e86231e44a1b6d98dec33277a803ed9adaaf34ce3502ce5732b4ac0a03f3fdf1e327433e9976aa4faca7cb60bce601 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\custom[1].css
| MD5 | b73702ca741e8cfe793456364acf2dc6 |
| SHA1 | fa3e2621d569995324286cede3e13d63a632c964 |
| SHA256 | f23ce02c43ea7b4097be08d21a8c19d4f0c9e83d8c35a4d6d1b8bbb67741c140 |
| SHA512 | 7a0fc2b2c88273be9b8887abee5899aed67ac4e0c2b5faaad8a6aaa3b9a754eb8162b777f131e48227327a8a8ebb232866a67132f14d65f3dc82b50d1bd67f9b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\global[1].css
| MD5 | d56a24fade415db50c2da3b327289d8e |
| SHA1 | 91985d7cf78b1f6c653a261e3b284f4743443dd0 |
| SHA256 | 4208498c473926d46fd764642468e4c16d5def28e1e6ef0646356092d785470e |
| SHA512 | 57d386c910d4f07e3590e558abe04fd557c93178d66a1a5da8c0a9276c339f28b6993e13f0bf56616ab58b8799e8e5538fdd9b42c0be0ef5c901dd7b6c1651f4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\config[1].css
| MD5 | 53258cdbb67c98ce9f057fad4c8bfbe1 |
| SHA1 | 5781276b608402442de2f6160d7746e5fcabb84b |
| SHA256 | 441f020038e7d7572311f12885a57ad84ef1513c02117b96a8dda69807bdddf8 |
| SHA512 | e119b362e4e597b48b79c40d827100e4d7ac317f58f40baafb8d5429e4d89fad673d00a99262c733ac636ca089d472403dd78404af393fcc2240b5aa68f5d114 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\bootstrap.min[1].css
| MD5 | adcfd5a187b3900fa37e80157f7e5789 |
| SHA1 | ce5868a571452147df61b78153258bd1ef88711b |
| SHA256 | e2f80bfc6fbab67b3e228984b531d3dc572d32f9aae31cef1dd9df2d78ef9d08 |
| SHA512 | 391184bc37ad25933ecfbbf4e1e2ce39f382cb769e5c10331b168c47c43a6406afa5555207cb7d8e449c62324a8aee8f9a6d7e55ff64c4d3140cd51ce8d45277 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\dark[1].css
| MD5 | 17ff432f3da96bf2925984367105dbf4 |
| SHA1 | 180ba45579783a2e384e98f8c3c54e11f8111c0b |
| SHA256 | df20b91814f65993000ef1b2faa0558bd8253754765ebdb5eb822667d44fb14d |
| SHA512 | 91e6d5fb3b8a5414f52cef63a671c3143ed0edda78f39b4dfaf94facc7575b6ab05d99324bca4f4bc8d98f9895ffba62b06a17963aea4db97569e9dc2d5b6418 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\imports[1].css
| MD5 | 5d1565216b310a6cebd31c5f660ca990 |
| SHA1 | 6b95a48ec757562661c052ded41a5db44c824330 |
| SHA256 | f3d9d5afc4e4064e26815c1ea3b1432f8cab3755ef2a127736d05c2cd70830fd |
| SHA512 | 53d43abec9a8609b9a50dbd0233c44888c746691c7b15b6f55e18afbf32561badad9f88bc8a59ddf14ef91039a28aa6b791cd9f3d2e8edda0d61cd9502cbdb20 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiDyp8kv8JHgFVrJJLmg1hlFQ[1].woff2
| MD5 | 0f2c986f870ddc910a2ee5c43d189106 |
| SHA1 | 09a6fbaa434030a3b82d3af210c464b1eca98c0d |
| SHA256 | 6a5db723124649c8666e5b2e718d91626c77650471f4095f646784d3a56958b5 |
| SHA512 | 6cfe88e3f2b0126b189d981b1f20b5f4deab5acf7163a066baa6ca4b72e7024d62fe16645871a1752f89fdad015d978724f5e0ba40114990522e72ebb2ff7911 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiGyp8kv8JHgFVrJJLecg[1].woff2
| MD5 | bb4b1f76c410ca1153a235f29f9e8888 |
| SHA1 | f51d81c00101c93b5939d776f1903e4243f40b48 |
| SHA256 | f7dec9b59e4f35774d6e844de9c02379b783e382f9d6c404f2da6b32250e6b21 |
| SHA512 | 84c93f526e11c41ba0fc0e523b1c4e8583ba984a99e50b462086f3e4ac16b50ffe11c59eb917f33e299612da2a34956b91370243d776d772f7abf7e402b65929 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\pxiDyp8kv8JHgFVrJJLm21llFQ[1].woff2
| MD5 | d2522c196f91add2f48880c77f9e470a |
| SHA1 | 23915b3b2467109154522cd666e0197aab74e82f |
| SHA256 | 13127c59228c485dc59e44c7715f4da7d540df4299b6573a5ffbdfadf2f911b4 |
| SHA512 | ad79d910f1d3bfabf6f435780b3cce7e782f461e5cb665075cbd440a6959c4030857e61f455337789b415656377cfb9fa72e7a3efcb63c0a34653c175c600edb |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiDyp8kv8JHgFVrJJLmv1plFQ[1].woff2
| MD5 | 469c44d5ac69ab80e22ebe0e91178971 |
| SHA1 | dd5dbda68c2819228caa07acd692973542f3845b |
| SHA256 | 7e3aefc19055edd826d497b0428e318b785c8679a030a96e63e39470efb52019 |
| SHA512 | ffbe5b0f21faa8f4475fb9ea6a63cd4a5005d13dab20fc47f2b0b60b2c4f93cd7352fc07465b006bd859462c93d74eebc3ba9412139c4d8a5a66cea2a24c27c4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\pxiAyp8kv8JHgFVrJJLmE3tA[1].woff2
| MD5 | 88c616809c1024a8dbbb5c6c3b46da64 |
| SHA1 | 900899c71e41a49dc5e11064a7f00d6d23a734a7 |
| SHA256 | 93597eaf6539d5b8637f6fc2a87b49eec040f542e2fb39811f13a40f04197181 |
| SHA512 | 6d7370a490a372fcc90f4a6b10c2f1c2eed215a65dbba0d4ca242483d27e440c074ca786deabba8ec1f8abf4a889dc9ebee8632cc3e80e3f6fbcee39972f2427 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiDyp8kv8JHgFVrJJLmy15lFQ[1].woff2
| MD5 | 4fa7d9a4ccc44ee9333ea91945269f7e |
| SHA1 | c507cb21bd1703a621352a167c5d207a982cc4cf |
| SHA256 | 8101f5e544cb5417820515eeef886ee909d21d94816830a65724d827922ec4ee |
| SHA512 | 65f2c961f088773ada40b4ad44e046dd840cc427e8d2353c7c0329aa26b8423061995d9383a1bf99ff08cf8901151ee04bda341c3a7df255810d298d734faec3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiEyp8kv8JHgFVrFJU[1].woff2
| MD5 | 46ff920efe7721f9087376e8131619e8 |
| SHA1 | 5f86acfc17011505072d796e70ed9ea7c428aadc |
| SHA256 | 078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2 |
| SHA512 | ca078bd216a4951d935e4b85e720d6d051e304b3e74175b6aabe95b352c2acb33a0a19e9768a5881379fcc03ae5e12906ad24c2f2c97c645360ec872c7a69ce2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiByp8kv8JHgFVrLDz8V14[1].woff2
| MD5 | 36b950c243dba3819957f254a5a22ffe |
| SHA1 | 8a54a9b0c043799ab530a6326df7491ffc1031b4 |
| SHA256 | 1fe1c3144a1b4dd66f8b6e2754b9c4059a6c3eed4c65b6367f25b8c11f6ed588 |
| SHA512 | 6a236c381f53b915513af03593fd165bd8ac4ea2f402a9223e455909f8c2c24cab50a8d7b753142ca79e2fa4c602dbcb947f861a0b6cf949e9cb1d775cf3361f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\pxiByp8kv8JHgFVrLFj_V14[1].woff2
| MD5 | 3aa32f71d6f09ec83b1c62b4fc3d57e8 |
| SHA1 | 023d68de7c74f9ff3f8e043460c054fa766f2e28 |
| SHA256 | a5cde061b0a666241df2a8ff94b6213a7102e084c510bcd5b50f434b5b1fe4b1 |
| SHA512 | 6d4dd22a7a35a5d8f9b8badddb4355122aaae658ed636209ad4068d33dcb0588a09ba789ca9032c6deba03ba262db868a9ef2ecce3cefb064ca024c365d23311 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\pxiByp8kv8JHgFVrLDD4V14[1].woff2
| MD5 | 258781867c43ccb57c628bbcb8f29eb2 |
| SHA1 | a49787cc19cd8073639ea527044e50af03669f1e |
| SHA256 | 21b437a5f21b169e3c8ee0e71b63a7aad6ad9b4715241baa274b5f37cc695863 |
| SHA512 | e888ab631e83ceeafcd1396a8298fc271d74368d7cbf33951c1d6a987975dfc2bd7c43afc402028278004168b8fd904ace0f4ee16690bd720de7a3433fc98bea |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\pxiByp8kv8JHgFVrLCz7V14[1].woff2
| MD5 | 0debef05807771edda9c8d32f7d42384 |
| SHA1 | c6234a3ada4a34cddac37cb5d8dabe1e57f1146c |
| SHA256 | 4f73127335c22d96e1ee451f7b8ab5d5d6b9ba742735bb647e406e1945659bb6 |
| SHA512 | f265cdd1c7defa6394a1ba3488fa8c3ce660f4721587490916a6da58bc5a987e4478251d07e259a3d463acc6976514bf3cff4d9e73107c535d143cd578daf528 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiByp8kv8JHgFVrLEj6V14[1].woff2
| MD5 | a8d9aa7ba6d196c3212919c05588eaf4 |
| SHA1 | 618fca50935cf03f4922c0c163fa4b48ccf16ad8 |
| SHA256 | 65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab |
| SHA512 | 74d86bc1d5793306c7fd091e5541afa58dc501813928ce59a50cc2e3a2bf7df4b309fa1cc1937d02442dc882f69040a4be82b66dd8d682819f916f50bee2dc77 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\pxiByp8kv8JHgFVrLGT9V14[1].woff2
| MD5 | 3a0a14dc7381ee5200cadbe0af4ee7de |
| SHA1 | e319fbaf1ec7364ed15abab70480a3f5a88b537f |
| SHA256 | 72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83 |
| SHA512 | 2c4e73218a7decee862f5882f9da515cb8e7685982e1cfb1e5f50df1600b23af88147100a2a089f014ba2ed8d52301af03b9c6aa3a07dadedd015d093c6b750a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiGyp8kv8JHgFVrLPTecg[1].woff2
| MD5 | d3dcbe27d829139165af186e7438cdc1 |
| SHA1 | f2add5dcf6de4067e249d9e0fb26ebe696708d8f |
| SHA256 | c01f472b789b5bb7a400f8e23f4bf3076bfc4dfba623a87edaf1bc748d2b0564 |
| SHA512 | 0d7036eaf4e3e29fae035b31369224dc540c06f0c322944a786f7cf57baa7ee52ef6af2e7c6578f39144d2542ca480485979e90c55593ba0fc6778fa51379928 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\JHMWB6GL\pxiDyp8kv8JHgFVrJJLmr19lFQ[1].woff2
| MD5 | 38cbe65d89a903a71e146fa79d9f8625 |
| SHA1 | 3d8149f25362c51ff32db3f2372cda7c2433047e |
| SHA256 | 243c9ac22a1f9eed020122c718e41786e6c2727c84f5f7fb94caea2375d83b5f |
| SHA512 | c3030ed14b2bc4a36021a69f86ae21a1114948657dc50551bb1959ffbd9fd5765896c54b2275408510c0cd62e878226b889aded41da3f33a102e94df7f9c2005 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFA9561A92D873223B.TMP
| MD5 | 6ce9ae3798bf662eb5c2cdf0786f4924 |
| SHA1 | 06b1191e0174c496921e9c8880a70fc73e99284c |
| SHA256 | cbab8b8a28ddfe35c870c8fb5418ed6e44fcf2cb584efde0c90adfd95a438f75 |
| SHA512 | b33bb60bc7eaf3cc6c93b4174aa7bf39fd04247cc68c3dce9ecbf2c8da95a1240586e3ac9dc163182fcc5c12d8a70e5e7b9c76355abc3ab23790976bde9e1baf |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_39B106F123768E115B76BB43FD900961
| MD5 | f719677dad1b69e8990a10a668d837c4 |
| SHA1 | 6b1a0b8dff06d6d2e17ca3e6463ee0ddfb3d14c8 |
| SHA256 | 523697f668f3018cf74912d9a5fa04709e3c02805487f155ed8eff9c754a468a |
| SHA512 | e8fea1718f91f85a923f32e9b5c477cc16931e2a2f4368c6b3bc2f5ded043cf09e9003133a6465b47581e4b9c0c57c5f2449776b2d843a91d128454fba53add3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_39B106F123768E115B76BB43FD900961
| MD5 | 13841413715b2ec83de46295fa2641fa |
| SHA1 | 4f1c2aef03a85a1d8f6d6e0ce9eb8129b3190a2a |
| SHA256 | 71fd03448ca1195f70bc41fd01fda6053be70bfd4e30f3e3144e673a832b262c |
| SHA512 | 3abf50a3a18afccea73ca6c3aab511091ccbe944e33aec81e4867f9175bdae3da566e7d873302a39e8b4ae46b69895726a2fb099277de351a19f4badf9477fc0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GO8XH180\free-v5-font-face.min[1].css
| MD5 | a3d53e21a02e37af6cbc00ac63b3cc1e |
| SHA1 | e4f2269bae4b37ccba5282a154724a3b91720aca |
| SHA256 | e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672 |
| SHA512 | 44743873e56599e5b8eb8b264e6cf8f95cba08861d4ead96d756a268a0a9fb9023a589b512e1fae82c3bdbd9b9563788000b45105b72fa9b0aa43f6c9a2b5f28 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\free-v4-font-face.min[1].css
| MD5 | 9c9f596493867f0e7ef5f9fe99103fce |
| SHA1 | 12746a89a4f6e62240231ca23c8087e6430188ac |
| SHA256 | 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878 |
| SHA512 | 06773349bd28ecd4268b40e207b2214272f549174639b90f0904736f57a5c59549ad0e2bf9bb2b542bfd8b77c91de8975bb3bd575b4d47f059c5ee21a2b211dc |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\free-v4-shims.min[1].css
| MD5 | 940b066040a876fa1dc7b2ee2d222a58 |
| SHA1 | 64b2aea0b4d60d879d4ff7540192a906ffc0fd92 |
| SHA256 | f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075 |
| SHA512 | 807a008df398c322188ae41ef8340775dad7851e6d5f09266e728d4a7294302aee5be51a772695b75204c747ccd7dcea5b7eb56db7ff129b62303f03cdbf93f1 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\free.min[1].css
| MD5 | 7f29cd8c97789aa298af8c61623ca28b |
| SHA1 | af8109e0e5c8bb2c1c3ab44ba7b5d25900ca454a |
| SHA256 | 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1 |
| SHA512 | 4255fdab45a4800f205b3f4ce6bc181be4717b380531884c7be1ddea071101976cef0146f66e06a25b63b8d27b0e6e61f48a20cf929b3e8cbec28ad52be7421f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\free-fa-regular-400[1].woff2
| MD5 | 01f322780d84882bcac002c65d92099e |
| SHA1 | 6019988248e7c47d5662543139d1a7ff2bc7a8a6 |
| SHA256 | b3808053242504d654e37fe066d1cabddd317715e96565d632cb9e35115d120b |
| SHA512 | 524967233303e6d2bcb9d656e6da6016feffcfea05e9fb7d4cb7061a492e3819048cc9d0a5bec8925c7ff09d6571833ec2ce8b4f53681202e5007ead8f16c783 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\YL63LG3K\free-fa-solid-900[1].woff2
| MD5 | ae015e3286ef56a0daf8e83838a32a88 |
| SHA1 | 7c18577fd6c4e7d9036b244215ace3945372eefe |
| SHA256 | 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825 |
| SHA512 | 99240579bf51b97004ebc504e306c3a41043425c3762a7a6d20e1e2c79e71c554d6c3c789a74e42b6cacc871beb0487b9f9ebf169a9a47370f337a98dd4e653b |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1RVUC0YY\create[2].htm
| MD5 | 70df71421f1a02321a914addc0191532 |
| SHA1 | e2760a13fa6b0821f70b79d1e258d124f885c8db |
| SHA256 | c1dc0412e780d4056de4546cb26bd969f632fc77bc2f9900e5d072f082eb3a39 |
| SHA512 | 1b9672971f2c0eac66c5ee9a440729f15ff06b1f882923eebca0024a329c44af996d5841ca300c5356b7f848f6b9202fba9193e08f381a0d3f1796bd19558aa5 |