Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://producetraceability.org/participating-companies/ was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 08:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 08:01
Reported
2024-06-13 08:08
Platform
win10v2004-20240611-en
Max time kernel
360s
Max time network
385s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://producetraceability.org/participating-companies/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa7e3f46f8,0x7ffa7e3f4708,0x7ffa7e3f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1952,9108907936227414701,888355188899052721,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4036 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | producetraceability.org | udp |
| US | 104.21.54.126:443 | producetraceability.org | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| BE | 23.14.90.74:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.54.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.142.67.172.in-addr.arpa | udp |
| US | 131.253.33.237:443 | g.bing.com | tcp |
| GB | 142.250.187.238:443 | translate.google.com | tcp |
| BE | 88.221.83.226:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| GB | 142.250.178.10:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | udp |
| GB | 142.250.187.238:443 | translate.google.com | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 2.17.178.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56067634f68231081c4bd5bdbfcc202f |
| SHA1 | 5582776da6ffc75bb0973840fc3d15598bc09eb1 |
| SHA256 | 8c08b0cbceb301c8f960aa674c6e7f6dbf40b4a1c2684e6fb0456ec5ff0e56b4 |
| SHA512 | c4657393e0b9ec682570d7e251644a858d33e056ccd0f3eebffd0fde25244b3a699b8d9244bcdac00d6f74b49833629b270e099c2b557f729a9066922583f784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 81e892ca5c5683efdf9135fe0f2adb15 |
| SHA1 | 39159b30226d98a465ece1da28dc87088b20ecad |
| SHA256 | 830f394548cff6eed3608476190a7ee7d65fe651adc638c5b27ce58639a91e17 |
| SHA512 | c943f4cfe8615ac159cfac13c10b67e6c0c9093851dd3ac6dda3b82e195d3554e3c37962010a2d0ae5074828d376402624f0dda5499c9997e962e4cfd26444c0 |
\??\pipe\LOCAL\crashpad_2928_SFZPAOYXAQSIYGIH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b1dbad4cba0a935817278c14bfb2181 |
| SHA1 | 41beea56c8f07db487efd0dab43719b26e3f5540 |
| SHA256 | 10fd34d77b1280d65ddd217f9ce5ee23ed1a8e1d9d2298b48e381eb02a368206 |
| SHA512 | 1bb1fb61b053f56a32b7c6fad58dd44382c2dbd66d703d65a820d795ec12c46bb4ff1aca2f24503a90d6eda5a4972d364e4ed2a919c1a9bc1848b9c7e6f47de3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ace81e20baf7b72daecbf4ab60b774dc |
| SHA1 | 20ddbb30d2c9b0954777d4c2938394c41ab95dc2 |
| SHA256 | b24eac1c74b172e50abd2e956c122f0159765f110b3e9ad12d373bd25cb6b4fe |
| SHA512 | b7aeafe20692d46dca6c2c9a7224797898f6f105997ee5d8b5273d5cf142da8ae58eed408d99108e5e98c2bc746c39dc105fefb7bba522afbd87fea787b326ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3038a7248d7b8f3262afbf5e102cba0a |
| SHA1 | 8da2a8cad8f17bea11b97b0bf157e67d7d1308bf |
| SHA256 | 893ef13671fbe9cad7a5f52216b8705a3258341fb25b3dedd42a0fc9a30ecb0c |
| SHA512 | e2e2a4b7132d288910aa89d1205aaa66073a9e8907431d3141247d38c3230731078b4a51ffdc4d54e3a72514744fa5fb926268c578754c2362b875d289920438 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69562a62c183ae15b113cf6eddcd66a9 |
| SHA1 | 15993a1c3b97790f037565c9b34b9bc5e0212c81 |
| SHA256 | 2c303456d5d944f7c690bec977cf42cd5be3e8d816bc6185e2f4245707c04cf1 |
| SHA512 | e28ce09f467ff477b248cd321460d3f9c87c895f055bfa28ad52d2179c0b6f23b010e2e01dc53204c6c0106c4a874ca1c4973119dae1488d45e4fb08c44fc8a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 686bc2122c2755346d7297a48ce83d83 |
| SHA1 | 2ad753e0682e61aaa337a8f0d3557d2029394ec5 |
| SHA256 | 2e0c62bd3742bc2fefa94c48977b2b5ac617803a3e2a367e0a26936ff1ca97f0 |
| SHA512 | 89f939e5dd608b3b129e609e009d89c0a739a294192da7ef248d6d6140cf0113b1eca21d2583a42d82c758e5a382be7d7c2c26af7e95a217e01c890d0158f9ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 8873820f1342e701cb4fafd8a9eded7d |
| SHA1 | 17e0fdee7329059bacea7f5ce9e36b2c6d9a222d |
| SHA256 | 2d89e7f63e52bec8887444046465c98938b6872a87ebffdd4e79780b83bb14d7 |
| SHA512 | f48eb963346a0227d589b2fc7f7b9691096951ca8c42e6c53a468292e9eb039782b8fc09a48fce052e0f7347befacb580c55ec2ce26472d50ce4e586f52950d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d9d6502271f49edd900974b2a624f278 |
| SHA1 | 1a0b0c11876252e427315d790f98639fc1630820 |
| SHA256 | 4ef48931d3e5784b14c3a9c2a742ae2cfa1cef987e95b8aed7ff1b0d020ffeb6 |
| SHA512 | cd8661149b14bc506c2d84b9bef7c36b3e414d4f5252d208af92d122a868e36b5dada99f6c0b8f92b30e1dd7f0ab00f99582e4e497941f5cffbf8b32b0499b4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 7d9af5666f62fd93f759e5d5a220de19 |
| SHA1 | 0f42356e6b4eac9cf1d23d0969d365cf0ac7c770 |
| SHA256 | 06fb74d9e1b89d4fa76d6de13d0bfdf6a67c6bba7958f8dce8e89e1c1a627dce |
| SHA512 | c30567b4cc721f48f0ec989a7cac01a4e2d8beff31eab6db2b3bf3394942cd11542d9b61b67fe2180cc2f8a3e67b5592ae6a20047c4cb43a2c65f62d16252ca4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1fe9a300401b1af0de4ccf93dae77e3c |
| SHA1 | 8bc5065f913e23e934f4e1911d4479adcf57fc97 |
| SHA256 | 4a6747111dcfba7292d2f4868c393a6625868223d0f168aa5750f35bb2412a3a |
| SHA512 | 8d6b5ecbe784147c2b30eda546fb2d4405b5ec6d206d2cc51d2a164a15bd28fecb7c4fac05143b122ebc57b41ace0d5a5c95dad640db29f457bd3a5c823d5851 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cf94.TMP
| MD5 | ab4dbd07c3b7d61de3513cbe1c80001b |
| SHA1 | 7ec2d85b15cb5a57f1f1d399554687f51c22a2ad |
| SHA256 | aa92cc7d2c3e3a8ecfc1f7486a867cdc922ba15cd08b6eb0467c0570c91d3c8a |
| SHA512 | 2c985480ef961cd6a2aaa2fb510a24e3fca5cbe8a39dd5a96f078d976cd57a09675ce4731af0243477180edda6a11e5f22512cd1956e887ee41c29a54eec286b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8209c0c40de68648d56924953fa43938 |
| SHA1 | 40a734c870045c1e7cfab8ad528ee71fff2b18f3 |
| SHA256 | 1b6ceae72d91fa4d6048c495922222a56f5e453bcb68c297e3f3c39d4e9373a1 |
| SHA512 | c103d309374442441467eb661c1dd0490502cbc6583fcf56feb3a890be2bbe5885119b9ef7239e7d25d1b1d5190e72f6b29b7054886491715221b0b4ce5cebbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\86742f3e55e6f450_0
| MD5 | df004a4d2514de3f82f9380a5dfa7279 |
| SHA1 | 127306fcff1024bd6837aa5b0bc7002d73db5d29 |
| SHA256 | ef169827fe481d7b7eeb4b7628643467a6d0e8254a0318d32a815853f07e6e24 |
| SHA512 | 355392d0c661262292695f7e8ae6526d68f352d4e214e8e472fe632fbef788437255b8efc1b041f83ddf828a9cac7412e962d59a2ce544a01d225c92486c5b79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b62b8959ac1766b2_0
| MD5 | a1678fc6a1515f626458f51308caa0c4 |
| SHA1 | 806caff02c8b69998a684735ee93cfe4ec659d96 |
| SHA256 | 4e5323e24129d3d13013b995228241459a17392a637b90d3d20e7fac6cbd6a00 |
| SHA512 | e7707c3eeae39166099173bb437aa427d4228beee74da113d3f7c96d71d079d0c5fb82519aafd41b2175dae59fa40100eec545377a9fba3b08de24226a7ce3f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3db18e8ccf7877fd_0
| MD5 | cbf460a846359766a47c5c0ec9daec03 |
| SHA1 | d34fe6b533cd10641cda994952ab5c95d39ee3a2 |
| SHA256 | df8477b003b4b17489f8269c1f1ff5e298052b18464ddfe5c542e44f8f53f262 |
| SHA512 | c6799607be78b0e8127745691a1c8b0ecb94906ba58ae75463a40852cb0c9d6e658445c0b978eb70711f290f8bb974aadfc261b3951e20639f27a4e98aff0c3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6975a8c0232c41dde1bbfe15fda6ab4f |
| SHA1 | eaa1e2373c8b1cb98408d87c9624d1dda35b8376 |
| SHA256 | 2d58d5e1d15e7d8d85a58a39d7dd46758bba56b7b65e926431fff80bab8e0323 |
| SHA512 | f249b971dfa955e291397cf5bf78732b3d878c6fe8e18219aa909d73d980f72a142c42ae9ea07d0e3df71bc7bd619ab6880bdf7712c1f7a39cc5e4f37b245d9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 7777437efaef75067545376327e0bf11 |
| SHA1 | d9e1b6d91c98f608f6dbeaf2953ad0ec3bbc669e |
| SHA256 | 7fe4618fe2d8cf7c8aefdef9ea0aaa99b05b6644bdb2576308964ab7c7504bad |
| SHA512 | c823c0217c37669b5ccf086dd5b945a98cb7df0aba1fa67449c9e2bd87bc0075b339d5a34add70879bb76dee78c79fc24b34e2dd2e2204b5cad41b01b4eb74b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b4dc43f0b38f69cd104ed0fad1d1830a |
| SHA1 | c043c8c1f6d8b84b4999f749f1e00c2e41764336 |
| SHA256 | ce95be0c03489989620b866a6f0d851e8db1ad2e607a7f95ee8e176df4e951db |
| SHA512 | 8e5641b16c7b849a13cb0fe2fcce44d30db7175aa06b4b777855599920421855e2a1bf4173dbecb31af8c220771576e47aea33cf0488ab805afff77f42bf138d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ec1ca0384dd38cd863fcb8d0416e2cf5 |
| SHA1 | 33c2ea85c5efb3ebad04ef0a9dc3b8a011928948 |
| SHA256 | 782030e6eae4996feff718c7a5cdc109f4597588f21982d4b6e33e25286c0619 |
| SHA512 | 0af983e1ffd50849df782584ce109b87cae6cec2742f81736a151803a98c636ee190ec96d9541b28e6c52d152b2f9db7fb489c506ee365085dc74a9998723d4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ea873af06dbdfc02f12a09df328edc07 |
| SHA1 | 334bcead4b46554c5625be3e6f8e0b3b2d9faeab |
| SHA256 | ccf28797f77b43a30a7b607d0d90153f413da3af3f94602fc6203db9d1ee34bd |
| SHA512 | cb8ad910d23d86df606cd5ed4b757b830e0cb7a2a3d24ad2cc7f7206d590e624aecba9d9ae6d45acd6138d5b22713ae38b349df88fa34e8ec087950f2315fda0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8de78a09da2fdd28ce5d40adfe63db22 |
| SHA1 | 95fdb4cd87ff95f1945866e337ad5e6d2dad279d |
| SHA256 | 14e7d39e2ab7e35e5c25241f057900e28cbda29926ce675c14e9d08bed101c50 |
| SHA512 | 71356688ed22ec0f6476213f6b3aedb7a5cda7b278e97143bacdbf084a6a2b3fd9ae69faeb03c3557f6c35543d5bc7e55979e30692c47546a448c748ed36b680 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ccc246e584dc633b5f32317ddcb1e833 |
| SHA1 | 736bf93eec5698eddc410517f34b7a3f3782405e |
| SHA256 | 83ba22e1e265830c388e4c5b2e7df36009982d8b17fc48043c4fd66fb66fb6ba |
| SHA512 | a5908e42dfcfb210045f2455996bd060a557b66414ba74855dd96f72ef68d593c2f45daa169ae577d28961657bbd60cbb4663b26435104a0470a4a7936699c09 |