Malware Analysis Report

2025-01-18 01:03

Sample ID 240613-haffas1gnr
Target https://youtu.be/VLsjc3bgb2U
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://youtu.be/VLsjc3bgb2U was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 06:31

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 06:31

Reported

2024-06-13 06:35

Platform

win10v2004-20240611-en

Max time kernel

203s

Max time network

205s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtu.be/VLsjc3bgb2U

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2280 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1620 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1616 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1008 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1008 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2280 wrote to memory of 1668 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://youtu.be/VLsjc3bgb2U

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ffcc8ad46f8,0x7ffcc8ad4708,0x7ffcc8ad4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1864 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5216 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x478 0x2f8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5712 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3830045697209268865,9106228669509576296,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5484 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 youtu.be udp
GB 142.250.200.46:443 youtu.be tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 rr4---sn-aigl6nzs.googlevideo.com udp
GB 172.217.169.54:443 i.ytimg.com tcp
GB 74.125.175.73:443 rr4---sn-aigl6nzs.googlevideo.com tcp
GB 74.125.175.73:443 rr4---sn-aigl6nzs.googlevideo.com tcp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.175.125.74.in-addr.arpa udp
US 8.8.8.8:53 54.169.217.172.in-addr.arpa udp
GB 172.217.169.54:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr1---sn-aigl6nz7.googlevideo.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 74.125.168.102:443 rr1---sn-aigl6nz7.googlevideo.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 102.168.125.74.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 rr4---sn-q4fzen7s.googlevideo.com udp
US 173.194.24.169:443 rr4---sn-q4fzen7s.googlevideo.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 169.24.194.173.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.200.46:443 youtube.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 rr4---sn-aigl6nze.googlevideo.com udp
GB 74.125.168.137:443 rr4---sn-aigl6nze.googlevideo.com udp
US 8.8.8.8:53 137.168.125.74.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
GB 142.250.200.46:443 youtube.com udp
US 8.8.8.8:53 203.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 6.173.189.20.in-addr.arpa udp
GB 142.250.200.46:443 youtube.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3a09f853479af373691d131247040276
SHA1 1b6f098e04da87e9cf2d3284943ec2144f36ac04
SHA256 a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f
SHA512 341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016

\??\pipe\LOCAL\crashpad_2280_DQVGWGNDKQHVHZOS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 db9081c34e133c32d02f593df88f047a
SHA1 a0da007c14fd0591091924edc44bee90456700c6
SHA256 c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e
SHA512 12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c48c8243c304430d7a530b78297dc286
SHA1 24f7770966740ba7854ab2f91bc93bb8c87a95ea
SHA256 69c73c02de3c29aad5758ea508d28ecc33bddf603543e885d5109aba4f6a0381
SHA512 5f38a79202a3f569f5a2e38dae3ad3f08d86ed8cfc5e15c0df92fda42be5520863fb777f22cadde9a65afa735b0bde107472212c3e01d670a92802d3b0921a15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a2233394e19da9e84d7d28192ad5b6d3
SHA1 a8d8427d807e3b2ba688ce3810e5880cc2abafc9
SHA256 a58ef0ac07dcd3c0564422c34bce0fd7a836dde278dadbdc76f01033636bb369
SHA512 b8281220d69145f4ddf86412bfd887e4d5aaf3a44e986a1812afcf44c6367066d35637a48a4be19b8d2a536dcfdc2ed2089cab4ebac62219a0c95c31a98f7c5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4ca4426b8550ad63e62f58a0e8e35aeb
SHA1 f61a8b5f41164e2d016b57e63b340220a0350578
SHA256 e2f60658feb2f02dbd9c77ff878d905171c8d57d14fb8f13ad6b988b215031dc
SHA512 9345c0e4989fd6866c55d451d675ab69672c748a83d424d02fc0d95b36107de45ee2b34dca22953c0664ad7427e8c22a58fd5bacd8ad596640da41792dc6eaa8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a215479b0f4608947870691b22b2ed07
SHA1 bf59502b4da2cf48ac886692a028ff8746469fd2
SHA256 be210ff960f772d94d92bc2d00bd72b4b614aaedb24ca983edbe02491680b340
SHA512 5b554299a8ec8ce1da0a93774054f803a00f2a1576b089b2d3fa2cf4c51193a845bacd903acaac0926ebec03504b2afc2cfe6891d23678b3dafd2a0cd72135e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 55db23ad05b809337e3783ab317f8f04
SHA1 04a6362c849fc0fa18226cc6a39f6323eeb79d3f
SHA256 8608a1c96e4339198e5b7e5abcd5dd89fef2498b820bccfab4882c5d79039c7a
SHA512 dfb5a89ae40b49b99d524af635c311eaa9244cd780e6987a8c6fca15ed4bc6bf2b0ba10874e702ba94482c5910f71b481e73e7ed98b732dec91c09dfa557a125

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6745d9db610d67ff7594698349769fbb
SHA1 6d24ea64a9e5f83958142aafc242fd95b1496aa4
SHA256 90d5e8f0a4ab7ed27fa9a5f077630ad6dc983d2b8fcc879576eec6392d483864
SHA512 b3403160c56fb2a458eb70f7a67ec0cadeffd09c303032515abb90ceaad52cd9ec944ae045b79e821bbe91878d99b36da145c47f3399a0bdb168faeb8eade149

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d961030cca5ef2d5f2fd93f63e3f21a8
SHA1 0cf011484da32c0e566390930c74c5ae89da8aad
SHA256 582ee820e74290df57c998b365398e6d177b405c88dfe6a0efe4fbe05d765a05
SHA512 70a82e1714b91186c8752bef7223f8fb8742228b8c9c4fee17d8fe6a67a0e89dc824d47328023308974b4bac7a6ebe2167ce9be756813388b93b0999740edb17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 42e2b455bd8fb30a2c249701faefa787
SHA1 f4de1c286ad69ed2f5645315bfc84a614674e459
SHA256 6d1a4f08fb73e39622819a4e36bfca31f09774957051ff6d878fa88bdeb84c16
SHA512 b549ea6dd59352d40e5623994fb6bd77e76531f9bba0756cc27d37b9368f11212bc39411601f393f44f9db8c29f968039e3d0855533a0e7d12dcac9836cd7b18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 932d3e82ad146a6adc4d7f21d5efbb17
SHA1 b51e1e6719f38357fac4c2b8720e62368fa0d70d
SHA256 1833a6c22b3e54d031d5550f8bae11e0ad8850b343d7692bd1312e1133474187
SHA512 ad1d9eafed514c3df1504235d8b67aeafb288ef67dbea51be80f3da021c70b19be39e133c12f2dfbe9debb5d200faf45c74107b1a550b63bc25ab5cc8d6d2fb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579ee0.TMP

MD5 026cf528cb3e761d1f268c666283c098
SHA1 2ce20c6d6ff49d9684c03bdfc28b408c901652fe
SHA256 19209481e62c77094d8375591d307e9ab040107824f4820703450d042a3436ea
SHA512 964d51c3bb530940000666c6f8a0a9cd683b28bcd99ae7e695d8718b7cf0d7322323194f2f771031ef1e7a74670a243601966fad0b5d3e5e9cec7c748024bb32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bd139e0804b8522245f504917f8ddd2d
SHA1 a55d0c469eb8fed5cec073d0422e7cd77e2fcd26
SHA256 b8eb8c1f54742cb9b2053cbbe186b6f3d3c27a2760bfe19c288cefaa3e0a48d9
SHA512 94ecc144c5a28339b2d7798a5ba6de07c8de1c076f6b8102e1ccd75980cf63a915c32d9c635eec42d86951918791d7238a700193c987040453ded2f0d8a9a1a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0b74805b-945a-47e4-871b-c7c852fcdcbc\index-dir\the-real-index~RFe57ae22.TMP

MD5 f1cd229378df88720d926c2de553d850
SHA1 03263a571f1e2a85887298d8202b9b38070200bb
SHA256 86711a02184cbe7822fabe62d8ba51e69315077cb9bd8c004e52a4f92decd4d6
SHA512 433f76fea56d7478ca4d7312ff9f8ced49e93793e1136ae8d88de3d0845b147ee2dce58e52787037ab2ef91a5c80e1a62e705fc4d9b9bf532e3833c5f4124d86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0b74805b-945a-47e4-871b-c7c852fcdcbc\index-dir\the-real-index

MD5 6da5ba9859b1169387a3863388da77cd
SHA1 9f9a816b6942ce0e1e9c5ab123f1bd1a62206753
SHA256 bdb098ef1d68f6cd6e5ea71aefa2d3484d8ed9768ea675b1cd248e3e726aff65
SHA512 ebcc3ce698d7aa030e0947088c27954d94d529993a773b4ca7604c6939eff8256678ef9a22ed24289697bf69391a5bbbf0236c5bb0690ab09dbc94307f8cc003

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d1319b28667cbc5b35fce97fe1f0294a
SHA1 b02c8789b389b40c92196b0c49845422684593b9
SHA256 361b2b05b94f5e8790e01b11455357e0e66be311ba89e72d6fd14943110ff167
SHA512 bcdb41e4fdea0655a476a6dee032cf4fac71b6863dda441e8478e2524bce7cb0e2c147f736cdef1ff982281c57772269c3b7ce7818227b8084e34d5cd96aca7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4a65055a-649c-4ce1-942f-839d599e5822\index-dir\the-real-index~RFe57c1e8.TMP

MD5 83b9d67e2bc348c8aae76becc336ab64
SHA1 f0552fd5f7c8f0d2279ba180dcea62ae239ee112
SHA256 c4c8ce65719c8bef74741ed0f665572f2079b4d0f1b4c862368d783dd5331454
SHA512 f25bce30e2db9d647c16499a149a2288ba4a8c9f76a5f461d70f1e2c0769e7f27843e3610e0e211fc466015556c493685bf372c15a838843e7aaea9b3838356b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4a65055a-649c-4ce1-942f-839d599e5822\index-dir\the-real-index

MD5 a5204ace14c7af2149524e6d9b586282
SHA1 4686e38985cf9c2ad5f60ee5c92ce8d363d1fa3a
SHA256 dc832da630d9250fa438814c77ac628f1b1ed7527bf6aba66161c82eddb33832
SHA512 baa7b764faf396574193fbbdf5fd0cdd7cbe590d56b541d23f8a38483776499ecd9e37f967c82069327a55f4295f9161a0623846ec12b7eb62f1e13aa5755158

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6c24d00a1fb8773d24e57cd903b51cbd
SHA1 a4b87899e6222afc490b08525463fc6b4b93cc30
SHA256 60cf7fe84dde618830f78e88da561fadcaad5991afe17ead779f8fd4804e8da0
SHA512 8a0eaac20c2c87944260644ef2c760f4a303b6ee33ed174c5e38082f2b48f55bbb274d8958db268707def56904700ba481b978b56c1e787b5c0935f8f52bc1b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4a65055a-649c-4ce1-942f-839d599e5822\index-dir\the-real-index

MD5 3946c43ebfb053c4f16feb361cb31a4a
SHA1 703054b9e8e09b3b1d273e65baaa80f210f505cf
SHA256 3d08856f1d94120f24ea7073a42187b4dbeaf8703917ac3afcd8270752afc5bd
SHA512 3cf616906257061d7c94628ec422c92030ac4e852f35a505c30becc6994916610b6ef183cd0fed038a435a07c54ab8b7d873c4cb0d8f74577b242f496230866a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 166d1e5ea8eed89f47d085ecd9dd28e2
SHA1 600b7205f5bb54794ba928a9784796ae9e93614d
SHA256 225890558543c061683d5c988025e1a178172e41108564ad08e11419b0d3ea27
SHA512 6ee54f60fa2c45e7620d52f28e8cbf421d3159f96867696889ddcbf3239435cda5c056e2fb86d070ca1c6350e1ebc88a7a4fc754b91962540fe1d4ba046977dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 97a466a1010731c0347807e8fc617d95
SHA1 125791f8d4cd9791995b078c241ab9a99a4a506b
SHA256 4787892d2bc5e5e4a2656ecf59b6f11e91549e4946204af4f0ca28a565b806af
SHA512 4c59087e888f82c35ee06154ace6ccbca59ac0534a9f89952986aca5f58b919c217b5dd097be029646a49e7047ce3cf6dc7bd7e13b4151287cad27df82b2c693

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a3b002fe757ceaf759e9586c9a476ea9
SHA1 891b17162c2b433dee6495de637bd4e47349cdf8
SHA256 885a25d699780f43244cb2cd69ea7deb3483f23520fdb3f8d1279961d43d847d
SHA512 c9173c3d27381dc252a37b20246ca5a75579b88d52aa4c2b2225d74e9071621051d174c5f92e1f99396df0eab8012fe80194f3588af4a9929d1342dfcfa3a0ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 bf1952854a6ff8cba4107f77e11de793
SHA1 e0aa087306bc4427b4bcacf216312d89833dc775
SHA256 08debae1b7264534b9fc8011366753f6f63f27a3d25cea3b1b89199cd6f8d994
SHA512 fd4976fa207c324d8787f90a0d4e8657116dc0265b9a72576acc002232ec47c53091175bbeab4da960cf51388c09f3f28876939252bdb5f243a3965d81d7055d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 4cf14963fc9c53bb342307a04ec41234
SHA1 2cc61032d0c55293b4802232dcb787a6b17f0a71
SHA256 21d629fdb01375d21b4ed50d4fb989d3310e94571728bc6d539f8eeed419bc74
SHA512 7a41f9161590b8074eb10c7daf76a1748e016494729924d216b5d508254a494899009f7b868664083870d435c39411e3e988eaef0bd3238a8a04f69cf1723199