Malware Analysis Report

2024-07-28 08:36

Sample ID 240611-2s9awavfkd
Target https://seastudio597-my.sharepoint.com/:f:/g/personal/erich_seagreenstudio_com/Ek-qfOjJcj1GldpMsUgN7rEB-ikjfv26y9cWP7jJTZShhw?e=cZ6kSn
Tags
microsoft phishing
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://seastudio597-my.sharepoint.com/:f:/g/personal/erich_seagreenstudio_com/Ek-qfOjJcj1GldpMsUgN7rEB-ikjfv26y9cWP7jJTZShhw?e=cZ6kSn was found to be: Likely benign.

Malicious Activity Summary

microsoft phishing

Detected potential entity reuse from brand microsoft.

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-11 22:51

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 22:51

Reported

2024-06-11 22:54

Platform

win10v2004-20240611-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://seastudio597-my.sharepoint.com/:f:/g/personal/erich_seagreenstudio_com/Ek-qfOjJcj1GldpMsUgN7rEB-ikjfv26y9cWP7jJTZShhw?e=cZ6kSn

Signatures

Detected potential entity reuse from brand microsoft.

phishing microsoft

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1312 wrote to memory of 3840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3840 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 3496 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1312 wrote to memory of 2960 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://seastudio597-my.sharepoint.com/:f:/g/personal/erich_seagreenstudio_com/Ek-qfOjJcj1GldpMsUgN7rEB-ikjfv26y9cWP7jJTZShhw?e=cZ6kSn

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff95d7346f8,0x7ff95d734708,0x7ff95d734718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2968 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5820 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,16290385192048183226,14417786933983310240,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 seastudio597-my.sharepoint.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 seastudio597-my.sharepoint.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 13.107.136.10:443 seastudio597-my.sharepoint.com tcp
US 13.107.136.10:443 seastudio597-my.sharepoint.com tcp
US 8.8.8.8:53 10.136.107.13.in-addr.arpa udp
US 8.8.8.8:53 shell.cdn.office.net udp
GB 2.22.247.141:443 shell.cdn.office.net tcp
US 8.8.8.8:53 141.247.22.2.in-addr.arpa udp
US 8.8.8.8:53 res-1.cdn.office.net udp
SE 2.21.96.34:443 res-1.cdn.office.net tcp
US 8.8.8.8:53 34.96.21.2.in-addr.arpa udp
SE 2.21.96.34:443 res-1.cdn.office.net tcp
US 8.8.8.8:53 r4.res.office365.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
SE 184.31.15.227:443 r4.res.office365.com tcp
US 8.8.8.8:53 seastudio597.sharepoint.com udp
US 8.8.8.8:53 227.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 config.fp.measure.office.com udp
US 20.189.173.24:443 mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 24.173.189.20.in-addr.arpa udp
US 13.107.6.163:443 config.fp.measure.office.com tcp
US 13.107.6.163:443 config.fp.measure.office.com tcp
US 20.42.73.28:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 163.6.107.13.in-addr.arpa udp
US 8.8.8.8:53 28.73.42.20.in-addr.arpa udp
US 20.42.73.28:443 browser.events.data.microsoft.com tcp
US 20.189.173.24:443 mobile.events.data.microsoft.com tcp
US 20.189.173.24:443 mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 ow1.res.office365.com udp
US 8.8.8.8:53 d1f0520dd4f05a330b58a7c39cce46d8.fp.measure.office.com udp
GB 52.97.133.162:443 d1f0520dd4f05a330b58a7c39cce46d8.fp.measure.office.com tcp
US 8.8.8.8:53 tr-ooc-atm.office.com udp
GB 52.97.133.210:443 tr-ooc-atm.office.com tcp
US 8.8.8.8:53 upload.fp.measure.office.com udp
US 8.8.8.8:53 162.133.97.52.in-addr.arpa udp
US 8.8.8.8:53 210.133.97.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 52.111.227.13:443 tcp
US 8.8.8.8:53 res.cdn.office.net udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 m365cdn.nel.measure.office.net udp
BE 2.17.107.176:443 m365cdn.nel.measure.office.net tcp
US 8.8.8.8:53 176.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 southcentralus1-mediap.svc.ms udp
US 13.107.136.10:443 southcentralus1-mediap.svc.ms tcp
US 8.8.8.8:53 protechscbid.com udp
US 143.198.104.27:443 protechscbid.com tcp
US 143.198.104.27:443 protechscbid.com tcp
US 8.8.8.8:53 r10.i.lencr.org udp
BE 88.221.83.226:80 r10.i.lencr.org tcp
US 8.8.8.8:53 27.104.198.143.in-addr.arpa udp
US 8.8.8.8:53 226.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.3.184:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 184.3.17.104.in-addr.arpa udp
US 8.8.8.8:53 titanworidwide.com udp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com udp
US 143.198.104.27:443 titanworidwide.com tcp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 13.107.246.64:443 aadcdn.msauth.net tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 outlook.office365.com udp
GB 40.99.213.50:443 outlook.office365.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 8.8.8.8:53 r4.res.office365.com udp
SE 184.31.15.242:443 r4.res.office365.com tcp
US 8.8.8.8:53 privacy.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 8.8.8.8:53 50.213.99.40.in-addr.arpa udp
US 8.8.8.8:53 242.15.31.184.in-addr.arpa udp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 143.198.104.27:443 titanworidwide.com tcp
US 8.8.8.8:53 udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 56067634f68231081c4bd5bdbfcc202f
SHA1 5582776da6ffc75bb0973840fc3d15598bc09eb1
SHA256 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4
SHA512 c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784

\??\pipe\LOCAL\crashpad_1312_XZNDOBNCMPACKCWF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 81e892ca5c5683efdf9135fe0f2adb15
SHA1 39159b30226d98a465ece1da28dc87088b20ecad
SHA256 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17
SHA512 c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d670b199a99ecbb73dfe944045efa48
SHA1 dcc5f901c0e9734f19edb20e743278c40e3376cc
SHA256 4340592a2b2480920737dba2d146567ba3224529b6a47757e109e92c2d277001
SHA512 910cb9a0cebc746023c4ef7f37cd3b7bd74d50e94e361f75375ab7fc087efc9b9f4f4c5f7e89b0500c8ff0df82f9f87b0d2b20b5eecbc78e7e566af98664be4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2073863c4a33fe7289030bd211e23b72
SHA1 694100853fd5e33ff4f82f0dcce52680b33ba7f4
SHA256 ebf92299ff97dc159b65bf081ce00a544fb857ecd3f0fa62ae816d71736ec256
SHA512 bcc918768ea8372e951c9aea8ce689982a633ae6355786890ba925bb1a1eb45271fa25b10a1da77513c4449dfde34d845b76b077d5df1fca94bccafc65243978

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a478c90c1657c0b0bd0b926a1ced6bf0
SHA1 dffed22ad7401c8f8becc021df52735950ee59e1
SHA256 173c3f591c01e4e8e0d24e23a91bbd60b14ac6ec02c7f1ef8172ba4fb46ad8b8
SHA512 e61512ac3abc5392b559fb68dc54b7d9c81412b3edaa76772b98f48eef727421e5660227d758675dbfa4bb91abfbe0e07447e6af966e1910d5ae19939442b487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57da33.TMP

MD5 a4ba2e3eaa728576ac6ddfad45c1802e
SHA1 cbdb67b32aac5d7e3fd2e3cc67952d66b1de4315
SHA256 36120bdc3c6d6da4ad20df48e9e3779b1a5c985b3ee022fb66f895af1255c785
SHA512 2499712da2b9a0904ff10415b692dc95c6ed2aac8a6102f39c2adbfb57d8eb14f85c2a361d7af6c27ef5b84912f92ed0e59f7256638955b001df581bab7cd94f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1e6d43ca5e1382d87a6fd19ab9a3df43
SHA1 6cf38b8bc18ceaf517d280d7f2a29cf840fd9190
SHA256 015deb02daf7cbbb659ea019d321a0ae2a9b9944043b9e7803a6e14f535984b5
SHA512 a37e48a6a249b66c3892aab4c8715623ec16dc51266a2547d5efae84e3c42c11a8c95c9b1ee11cb81f2086bb07c686420882e4e61c29288c734c8cf22d06790f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10d29362aea2fdce9bc01a5cb25cd854
SHA1 d52b8cfa5031cacd012280005e130d5593bcee3c
SHA256 74a532d779b2bb24f07bf9806f1155afbcc7be57cf5a8803a37fe0e1e3880122
SHA512 578d9a7c0004f81a049c5d4b4a7030c0c050648060b2f93dfa5ca459f28a46b894856cd8410248bcb9c1aad550a965581aac15e259bad8a00f00039ec264ef8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580da7.TMP

MD5 3032ab548322c679e9ae37270a9cfb31
SHA1 e1b5eedc9031c73d43d70d3d7161a1ff47518f97
SHA256 7ecfb2f416c03e2c8cf60580ff14516a22f062290558518f33b427d07c61fb65
SHA512 382d1087432470fa19c2a81c7308dc3ca24e2f7d48c146a2fe50b7ead1e8106c8e107cdecd8d18a7f65d877d36e12162dd763c013d9ebf1a5ee9c0ce99d99eba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 b7364777ca03b03b35c2939cd52e4133
SHA1 fb9f47567a6ef5d971e613b1fa62048a5bf6d805
SHA256 1607fcacb27d1cf639f9232167d91149e4da41e08cd9aaf537f1ea11b7a665aa
SHA512 c5ff95416e6a34f0448704296369a650cc07a919ce43235c196700c37795f15242a2cdb239aeacbc16e8c3c759e94e7491064ec61f18445f4bb17ce94fcfaa03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt~RFe580dd6.TMP

MD5 5c7a0adfbcba4729f90113a7deb7c9cc
SHA1 8cb627f54200a2182f869e7a43828b5f765f1465
SHA256 c56145f80ffdb6fce4671185188a50f28df473a5aea755c0bf3cfe0d1e000eac
SHA512 63331e5545b2767f2296317a6ae094cb7af7733afdc94c05c40ec141ade737ee8390d9b603520b2edd6443c2c33750e50900c2a636e8ecfd16106bca9f7247a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt

MD5 7eb5b3f1e390389c9ae4a2d86ba5f29f
SHA1 d4af73eba56cbac71e78b0bc7e784d865a645d9f
SHA256 b14fd9d1a5921d73f907b4068fd188b5bf1a59baec24ffb35277101d76d29196
SHA512 0eba38f33359b62014e37e58120aeff5d15069eca43928147fee44d4f27d12c1e8926b1993ec68d8e6c6102b8bac1c817afa4def7954e98f7e4d89dfdad29ad7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 30f4247e7381af525c96bc3f2e0f0c9b
SHA1 ab8549279ea128234ae8f73ac2add6067ad912f0
SHA256 86388c275158ab3be8b483cc0d4ae67345681e23b97201dd877172dd9834c0d8
SHA512 eec6f7c917aa707bd309853e02b10d4f49bb0c112e69ba7f352c322ab8236956513eef57aef9643705d2f974c96e9b801fa16f8471556b8c3b3395b071f1c601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 53fd85eefe86bebe9e11c8176c76a92f
SHA1 81335d1e089bacd2de2f46153f22014857470a36
SHA256 ab5e0eaf844af184742db5555be1e6f96d25f323e958cbcf908026688b950945
SHA512 87c99b9666be3eb023d91264e701f8b02a096ecd17a96337761cf83d996f2113657fc598b6973645f590e8bc891ab51546cea4d122950cff81e6c5e325b4d938

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7647d48d2cd3a936ac236eaaab1cb47e
SHA1 9c9e5e1ac3357dd02128e945337a943f1d0a3599
SHA256 97e3434103abfdc48214e792ccc6814021c4e738a2e39bba73abaf718bef226d
SHA512 29c5e48dfb5d424e24b9f639a0f57f40dba26da8095bb5253a9143ad2eb99749428fa756bd60441ce97e5bdd951efd8ba842feb19364473191592faeda8e71e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e13b0ab7f48e5ee1493559b4fd10734
SHA1 4c06932e81564d0bdc132bc07cc8c02b2639fcee
SHA256 88fcecba80a2170bbb4245fadb51428caa72bd6ea663846675d4d155efc18be6
SHA512 391fd4fb4efb312609865d0b98fc9ead748756f96867df454c814d946e8dea8562b8d36f6481e1da834fa19e64e5233489e071264ca5468c15da57461fdd4720

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt

MD5 a335e5f41bc2cdbc74d5d7d751d19cc1
SHA1 029cfa1d2a439b0910bdf4908c4536ac22d0d9a2
SHA256 3f5bccaa329eccf93a52af6c64c4f00f8a4ab4d4a925a75e1bdd5b1d6a5e8a46
SHA512 de62eb5a02afe3099f7ed9472df83d7b487c5b73375735091cf875dd0b566a8094d44db48a439f30a92b2a46a49c710fbbf8747c98d80798fbd624298e2279d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8016032fac12b954440402118c0abb35
SHA1 7dd2176f08bd5b0ecbf88018e0dac531b42d6648
SHA256 111b9fe3aca27487330e59fca3fb5b084106c8c0da32e558608dbf4653b83057
SHA512 a75eea27f61f1fabbb06795803b98ebae1411eaeddafc6ea11ebaae115cb386d10110ee74f95a48b4cdb49d6072c97226d24ed4541a434cab9d3ebc69b6a2af6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt

MD5 7447cad1a47e3bedcfb041546fb48eec
SHA1 ab91763ddf7551e4271ed704e179ce43b1215989
SHA256 e4078643384f42e184dfb4b50d994e35d6d736660b835f2f0aced576e4e4ed41
SHA512 59c71527cd49f339f38b2e2f337356c5ab84d6c5ecccfc9c07c30a617d0639553ff1913db7ce9404ed89907ad1056cfc57fe5e4b292921c34ff265ea1f1b1113

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 d554e9ee108a3fbc00d7755d42031d18
SHA1 b8de83f0d4e41ba63dccf7007e1c7938fd80fb9f
SHA256 a86441089ddbd0a0ef9f13327616f566c6fdf1810a6ba974f3e8307fc867d8c8
SHA512 df1ff2837bb6e195ba2feba42f709d42062c5490d24cf2ad74bb95cd5f5e7a6be4667d76cf74fd92dbf5c7b05441b8cde6b9bdfb8d1d872e0c2716c59a6fa9ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\e60a1791-7ca7-438f-ab2e-f8f84e24f526\todelete_7a48c130a6a40c0e_0_2

MD5 0593b4e1e03157a54c888ef17cb97e17
SHA1 049a8d777e08d2b22a6e7b50249d7c54f8ac9f19
SHA256 d869cb6975614fd54fa875dc79ab5d5e0c1fb5151a37de8869f2f6a6fd57af8c
SHA512 a022025250983b26a7739f8cfa27679cd4f87354c4e5e68ff36a085bfaac090fb3d43e822cca2236fba05f3ccc13d4c4d17a15cc9c9de4536cab2f0ca8fc3178

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4b6ade88f551424b9ae551c13ee241f4
SHA1 444cd283a98e8e714899986a296d65c46ccc9d2c
SHA256 d8e946e0fa5e31ce71ed5ebbe1a82993806a6a4b1aaebb7566300f739384778e
SHA512 9782fd544bb9c306a034b31804839efe109b070d95380de945825af1ee80552d81625904719f4a4e8cfcb091a036494ee46e2e2e5ce75ea6e4fd0ea0bddf783f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\85f7b23e-7cc5-4740-9ed2-02297bdb7198\todelete_7a48c130a6a40c0e_1_3

MD5 77622f9e4d7bd1422d5dd1a4f984eea1
SHA1 3e020659cd22d64e52c5b8a93b8a0ad6b69a8956
SHA256 81b3c8f5a883c70cb289561e2d2b8e0d32e4789a70e2a2f77f75a59a4efe8a13
SHA512 fe936283feba3bc78de860b808008475ebae7df775073817682fe48cc32b96d721f5611a190105c1efa18316cfa102fc5c0a300d29857c2425c69518aec4bbb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 543bd16a2a170faa2971e69c6cf34327
SHA1 b251652e1f51535010199437b68ba3853110c8a8
SHA256 d86b93414c1b8f885f6f6aed4949dc416716ca27c495acc643c266ab17d17c21
SHA512 cfe9c56666936b68e00f57543529e69aed761404346b818722e51d5d457f3e371ecf464e0d1f22398f6202798004a580d110f3d436bbc2a3fb930fe96019e8b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\e60a1791-7ca7-438f-ab2e-f8f84e24f526\index-dir\the-real-index~RFe58ceb5.TMP

MD5 6ce8512ac490c07994163522d0c5a660
SHA1 df497a6753c787130eaa598fd2ba88cd2cab0684
SHA256 611cebf3da2a5424be2a93ceb84ab8eb6722a9e4977b9269379ee72c5406f591
SHA512 1d4f08bcb4490026a0b68f0fa1d533982772410099c3a167c3278140df6a76c36ab6938db5bbb73561f03b39d4ea1ad8242005ca48c087284b3dcc6d61578f0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\e60a1791-7ca7-438f-ab2e-f8f84e24f526\index-dir\the-real-index

MD5 1af1e8b8f953ce41dbce4e27c5b13d24
SHA1 47b94c39da4f1ecdc3a4e6ec95b738b8690248c5
SHA256 b4899d0a95c3c479d5b22d83917ed289d4a0d92a0ff34aa2aec5790ce68cd3c1
SHA512 5ed8069b7273d4c2a92c31259b6db536b7eeed6b538edc2ec8f480d47a0fd2d2811bb3aebcf1dd599088940d0d5b27b91577612a0e33102f4f6d6bad1443c99f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\85f7b23e-7cc5-4740-9ed2-02297bdb7198\index-dir\the-real-index~RFe58cfbf.TMP

MD5 3efc091e91ecc3e4bd35e726e7a3a939
SHA1 29c5366da71047304c7ed64e301dda989d649eeb
SHA256 e22dad2f87bd1fdf4cbcc075a9529a2e90362e5930157b502a945611549b3dd9
SHA512 21089ce8ae92187bc710f7443d89cef3d2a598c71783cbfe9dcaa309adb509d2aadb9a8a78ec7e5f90c9f0f1d0cfda467c07eac51f6962af23e4e05562e2900f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\85f7b23e-7cc5-4740-9ed2-02297bdb7198\index-dir\the-real-index

MD5 3d90d3ccadd18b41b0f443489234ff7e
SHA1 1fe8dc30182b82d5980f47920d50ebb5fbe4ccf1
SHA256 da01df45abb6f027bbad6a9f5facce4ca20949a8f9f380d85436d8e9f690c1ea
SHA512 531bc34d2010556e39d7ff7de8438f99263bee4df96b79592d7a7981a53c50258e48b94b7823c5b4a5c8da546c7eb8b4683e3ec5455a7e6010cf40654d721032

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\d0f5453b-131a-4355-bc55-8021f19aa5b7\index-dir\the-real-index~RFe58dd6b.TMP

MD5 4c953a9ebd03cb4bc6ed4d3a543615b5
SHA1 7b7c18a70d0fcb0e638e3a5b864ac78c79106c69
SHA256 1737f3bcae10fc6ccb8b13b5eaa830ecc829e24132244b34c9a8c0875a238126
SHA512 34c9b8dc07bb2ce3513da0e321c8eed8a54767fd33849d92b8be606ca719e011649dd3f83d74e454e90d78a68eb25ac35b16ad5e2a04f92a2729c084833511f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\d0f5453b-131a-4355-bc55-8021f19aa5b7\index-dir\the-real-index

MD5 b8eb8e5a49f6a00cbddbbf7cd96149d3
SHA1 94dbd40841b2ed5938beb32cd3ad55c400674aca
SHA256 732ed317538539fe080a11ed5d4854a421055c43276f3b297bab70f3ae3492a2
SHA512 1c94687f41b99c66d7318b5e9aab1d5b469bd65d5ccf43552f5e9e815a5211411e0624884741ffde0abc6eb1899d2024cf65bf1591c6d5791ea6b7b99f0a5bcb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt

MD5 e88ed9212fb6447fe23b2177ac60acff
SHA1 db29bf967e30051dd78b7c77b57a2843bca010fa
SHA256 8549f9e0090c0b0ecb51012800bcd82ee53217650b8c770c88fe3ec0b3f1119b
SHA512 20185ec912d8bfbc4c347233967da8694c637a4c5f0a8189fb6a80e575c94a6061319090656d94bf9c4eb2fb7398bcea2ead8eb3ec137b1ebea0edf43ed5a206

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a482f1200ee79e74be212ccff4b54068
SHA1 1fd9b547ef0a73e4b10df009d9869173bc4fbed4
SHA256 4352b153e3b0202d5186dcb97cce5a5328495bd3f4e67a64171d550bd4bf976b
SHA512 58a0e26ac229c0492b29ff8129600df9e51cf54cac1383ba8a2da74a6e0c645f75224fd6df7fe89061245811962970552c5d74dc0e7cbf36ce0240b3b19f00a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5d2348b6bb96c1888d1d25eb3d60eea6
SHA1 ad879d2cf72e7948e7afa960dacd8a28f60d136f
SHA256 9e1be2f9745fd3afb2a0e7fa4d9811e9eaf63a94362dcb43f5d5846b82787a36
SHA512 64910a9f09611ddb36087f9c0fca40eb92dfa71a6bdedaacecb0a6423fcb862d027cf0692b61bd67f150428d3df0ecd9eb60bb9fb7b82d9d5544e7b7953b4133

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5a88054612ef510a28acd93e4c5bd20b
SHA1 fcdf1fd955c76a11dc2d7f22848673574110e1ac
SHA256 17352e289e333d16264b9cf4c7a28fa53a97103877ea2d1b1174f1273444593a
SHA512 11299ea1e38711d4b2410f98f146c8d92e8a499630232cf053a1c5cef6a99de649ee74a66e657c626fcef93fd81901e073c09df13d6fb98d08e21503e65435db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\d0f5453b-131a-4355-bc55-8021f19aa5b7\index-dir\the-real-index

MD5 b749be37ba3fe4408104bd16f916e6f7
SHA1 110f8dae9464e278f8846955fd67a85cc3952971
SHA256 69708a4be4e73d642174a0cd8a6db8e00d4c65804971891f7a648910e1fbc43b
SHA512 d09ae1af4426fce5be2beab69038ff61af1406ea01f65990750364b51a50711d279886c352eeba6fe492256c245aa70150fc49a136e0f449317eeaede431d719

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3250d3f392855f01d3d2cfdd96f9b1af914bf199\index.txt

MD5 234b9f724dadc3cbd2a466b5ba5e4119
SHA1 2c6455f6d584de2d10a0d66ee888ad4589a1c32f
SHA256 106a85292a5ec03c99e59ff60abe60232163e2c6956bbbef7f9cc94509c5011b
SHA512 196e286a45c57ee785e8afa1316bd4b26ef3ae12b1b8f6242cf1da6db76bcd3eb4aa6537255ac02503ee64071f58d3aa6613cc0bbe734d865ed15247b554eecf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d4412921fcbee75be1318ff26f227ffb
SHA1 32a1654814cdaacde80d9792c105a53f9e66d3d9
SHA256 45a49e68929f7191dacc7a7334f94803059922fe6d38e1437af4c704556be108
SHA512 1bfc3897c75f581e993eabc5890177a92075ca41cec250e386391a983b57c48330c77ac8cf74ed9537fcfeb294192a521244a150038dc8e3e0250ee1229cf1ae