Malware Analysis Report

2024-10-19 08:22

Sample ID 240613-v9pt8sxdmd
Target http://www.ultimate-guitar.com/u/smbfupkuhrgc1
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file http://www.ultimate-guitar.com/u/smbfupkuhrgc1 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 17:41

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 17:41

Reported

2024-06-13 17:44

Platform

win10v2004-20240611-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.ultimate-guitar.com/u/smbfupkuhrgc1

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1696 wrote to memory of 3124 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 3124 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1696 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.ultimate-guitar.com/u/smbfupkuhrgc1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcac9d46f8,0x7ffcac9d4708,0x7ffcac9d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,13505552864233608538,13838394225662696536,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5104 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.ultimate-guitar.com udp
US 104.18.28.17:80 www.ultimate-guitar.com tcp
US 104.18.28.17:80 www.ultimate-guitar.com tcp
US 104.18.28.17:443 www.ultimate-guitar.com tcp
US 8.8.8.8:53 stats.ultimate-guitar.com udp
US 104.18.29.17:443 stats.ultimate-guitar.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 17.28.18.104.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 17.29.18.104.in-addr.arpa udp
US 8.8.8.8:53 mc.yandex.com udp
RU 87.250.250.119:443 mc.yandex.com tcp
US 8.8.8.8:53 cdn.ustatik.com udp
RU 87.250.250.119:443 mc.yandex.com tcp
US 104.18.30.78:443 cdn.ustatik.com tcp
US 104.18.30.78:443 cdn.ustatik.com tcp
US 104.18.30.78:443 cdn.ustatik.com tcp
US 8.8.8.8:53 mc.yandex.ru udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 119.250.250.87.in-addr.arpa udp
US 8.8.8.8:53 78.30.18.104.in-addr.arpa udp
US 8.8.8.8:53 storage.googleapis.com udp
GB 172.217.169.91:443 storage.googleapis.com tcp
GB 172.217.169.91:443 storage.googleapis.com udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.99:443 www.bing.com tcp
US 8.8.8.8:53 91.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 99.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.15.177.108.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 31.251.17.2.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 211.197.17.2.in-addr.arpa udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
US 8.8.8.8:53 216.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b704c9ca0493bd4548ac9c69dc4a4f27
SHA1 a3e5e54e630dabe55ca18a798d9f5681e0620ba7
SHA256 2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411
SHA512 69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32

\??\pipe\LOCAL\crashpad_1696_EXMOTNXGVYGFJLUL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 477462b6ad8eaaf8d38f5e3a4daf17b0
SHA1 86174e670c44767c08a39cc2a53c09c318326201
SHA256 e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d
SHA512 a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 82d1bcbf0cfa5fb4a731ca5a495d5ea4
SHA1 79cfc0fa3b0dfaba4f1979b856db85e9a9cd3c8a
SHA256 3287f2b668a367ea5752a6663748da450634a0e67bdbba663b18c6f269f9d52e
SHA512 b8620a2f3fbd323f6ff2c64c20bae0257a9ac4e67b5884b7b8056e9ddda79f138583f44f0f27ea29caa1af14058b12e8266732beacea33401e002f0345c034af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 92ae8bc4fb8e86e519487d24115ffe9e
SHA1 905c0dc8ecc952d3970b183f2fe679842bbf677b
SHA256 f0e1448ef5428272be2c9a5b5ada91cba436dab8b7844a935714af01a4d57f61
SHA512 a7641a5e2ff9746658efb20677b2c79c066845e7787cdeed372e2873370822b52cd8a43941c14a7907c9fd99a0d53e84db69637e47b5f4ee848aaf5b550c97ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 40fe9b6d3615686618dd45c730754c58
SHA1 38e774f3300b38adf516ee8e587ae50f72267a63
SHA256 7c03e3c57046e5822b7dd0b95193b3f7abe2e4366b497712e3790f0aac4f3e59
SHA512 a83bda4c79ea68f7d3a9068505ffd8bcc3d02cb707e87521c8f3b7de4d01a1319f447ec78d3a3b2a438147b6e0c152923f83b1f6d7ebe07fb0ef8b4642c104cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\index.txt

MD5 da9bb737ff25f03b21ffdc44a742bedf
SHA1 7e001095e350e037035beabc0d87fb14dd03481f
SHA256 3dabdeda7d169fb859228524cd0bfb2da5c9c4ff3bb67caccd809b226472d8b2
SHA512 b9de3129626365f674c62343f305f6586f1db4f81a478ba08219424ec85efb67aede8382b96ef2cf10b9792f9f133c6b974da8cb30fc7131b311179574961cb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\index.txt~RFe57784d.TMP

MD5 7108295b8a538b18c501774e0cb5fdb2
SHA1 29aa1442ed865060d8dc78d84a241ee665d5aa84
SHA256 22cb853b8d4a430300ba85c1d57ff55d99a41409a0ba1f8754258eb69f18e679
SHA512 34805724b0dc2aaa88d6cabca88f945641f792911f6729d624288adca63e28dbd550a635375c701f54d0d83f26f47dade644d261b4d0677f2958399b5f64d9e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b87a89f41abde06b4cc31b11eef22d9b
SHA1 7c4bfd36d85e011fcae7de9baf7ebb20cafacc6d
SHA256 7e008a4716af64cd45f77b78b0b8db758af96c2da4bad2e5476563221889cb1c
SHA512 19388eb7da25bdea713e9ae0c313cb2df37132ceac5611ab5f78fb8ed313a9b2ec042c6ac8d39ed0eff2dfcafeac44abdb51d186993340032bfbfd19e0f75a02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c3cb74a3b4849abe3e71c37443493105
SHA1 29d700c903d0c0feae8ded40889c0ed2a4df1024
SHA256 a914540f3622d56814000b9bb0dba1d34ada463391fbcc5281bd657b87f5501d
SHA512 2402b143a2e4d6d572b61a17c10018b16e2fb598145f711976988a395064fc6dc76e404a0f731f612a612682113d1a6ae2ae9299154fa36fc8a06d93f7d4f71f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579d88.TMP

MD5 d437c0ecb40facbcf26f1a80a5a899d8
SHA1 e014933c0425f18f94ae1cd0c4bdbdb1feb931ad
SHA256 2c978b088be24bcb8c09a6b9aba81fdb74ffdffab193e87732ff6f67118d622c
SHA512 60a8bcac925bdc0b7edad07a8f83fcf1e337953f370c9208b82c15ce38a10e73c3249c8730bfdb749bdb0d066a57aaf5f06bb124867226ca70d36ecf054a4750

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0f0c7126d3ca687170fc2368e8a52876
SHA1 3df56e211eaf00682be1319131c1b99cee9e9b81
SHA256 2d57307ea29737707bde36a975ad74071928e6eed0b5d1f0cc79e0ce012a83ee
SHA512 0b40a166aba5b726eb450711f2e9f30eb875e19dce87615adf092c8c640c6b83a5027f959e2ff08b5f8d155d8985970bd868ce2891334553849ad7fd1aaec729

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579f3d.TMP

MD5 cd9cb95202c62ae95c3395b6458f7aea
SHA1 209762af17c2bfe61929900dbb6fd85509075b62
SHA256 f605d92ef97bc1058dbedafba7c849bbeb3ec9abdaab593fa4831697573cdde1
SHA512 93a8c6dcff7d4572131c89cdefe3635fa7d193feb8da0966d3845d67239d6366e9c9f587ae07a20c52b080838d308914a5f1d7d4bcde135cab6289c3c6103794

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\42c791b0-1705-465d-8f56-d5c8f10df627\index-dir\the-real-index

MD5 56c137536db8f497855bafc53ed7d519
SHA1 b5b17993df4b6d3bbf759624693d93ec8f318ffb
SHA256 0e545f61b571c20846efdaf527c82dac293047d86cbe200d2ca416b08c6669a0
SHA512 6d944d3b20dbae7b9ff1b5ce5c706000bbe79a6f6aa945a9d5253f0adf5a44ea88c0c052bcc636eb631991dd155031c18d3a7e6fb0419692a669387ce71f6e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\42c791b0-1705-465d-8f56-d5c8f10df627\index-dir\the-real-index~RFe57c67c.TMP

MD5 98222031230e4b2159dbc6c44c179b14
SHA1 8ea47e6ca11f60e226bd5bcce9db2abaa71a9419
SHA256 f03d02cf9490eae04e503c39f46c620e137a73810bfa8e5ade94f3fcc377c7c8
SHA512 97b147899e9e6d236668ba57655acfd6dad7c64ff058acea1d64f7d76f97f186909b575fb8692340366c43adaf0a2ac72e44619c57b70b29e71b5833f66a6b0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 21e0bfd250d7275950b5d024f34aab58
SHA1 8fe76ee42ce82c3fbfe87ab7a6ae40089729df04
SHA256 6e12ff2a9b96392a04d17cc2c31c46af442164f209582ebc44ad06c8725ac239
SHA512 854f0de4aa44155b8aad22a9fde06d5e5b836e37f9f3a9bfd5e5972d9a728ef6993fa569370e6cc7b3e1c8801cfa3256e7150c74ec3631aa6a0a1626f0f15f66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\ee67ba68-4fd1-41c5-8e20-61abe53222bb\index-dir\the-real-index

MD5 65b5a002e4eb8c9fb6714a22b0dde184
SHA1 0a3bbb8e781b13450f6c070b853f5ccb7d378215
SHA256 354383515255b0bd025c9d0a4df1c99794d76f940ff36a594876dd51b0ee8d95
SHA512 f41d89e048c1897028d298d0c06431efc9a3e141847a9802c62b2d6227ba348a37a22372f97cba517b897df58d9b84a82ed48d50a6fbe09a0cdc268d9ded619b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\ee67ba68-4fd1-41c5-8e20-61abe53222bb\index-dir\the-real-index~RFe57dadf.TMP

MD5 d69e9768dd889eb60a965dfe1234502c
SHA1 bbc2b5d8f98bb70ffb2a9b62ec4e2129141f9e75
SHA256 c4f823ef889e6fdcc38a8a706905c5e9ebcbd635137c6e11b69902d7f61be41b
SHA512 4d74015aabb5ac1ea04669e9dab533c01f66d60a70ff80af472b0ea6be639e4b8bc86c873756c900b4637e63ee38bcb8fea6548b93dfda07a031dfe73bdd53e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\index.txt

MD5 0e3defd25c0dcdb1cb5e9a7d08eebb64
SHA1 fc61c12391f7e14d285ee0dc0e750f8fe31cbe87
SHA256 8dc0074b2495268baf2bd80618018c160e8e2f11bbce8fbec12e0f6daa3a4ab4
SHA512 9fc971cb205f848de832135112218a4f6942edd9131d46613fc8d11ec986c14106aadbccef85acce009bd87d609fd4ac598bd889f5d808255867e639f0378dd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7b52c14e1c213cff00881ef96db44730
SHA1 4d0decb41c4a0016002b6352dea690acf218ba47
SHA256 d961220a93fb99f3a2589fc9ee77398857c62655dac8fc31069347772dbbe709
SHA512 d24e2e5bd2ab1c47b3739eccd342a8a51d39d624cf387627f956d6c020d61b84ce8db13ca314b31bb351589a688bf3aab457f8bfc79c4a34ee82d39123d056f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 d049ee3fa207239763ffcde254ba8533
SHA1 598cf42c7c43fb3266667d1f01f6aa4f8f2dec85
SHA256 36c9db8cda5ea5ce9bdeba1febc246d9b2bd1a358b77da55192c14dc2b2e4d3a
SHA512 9a24d04f8eee0027ad7ec5328125e71edee7ceb892dc41f053375c93b6876bbfc22226c55fd94022fcbeb35ca893aad57f87a3d6b674a5326a000b4d2ad33d86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e2a54b4d7fb0ef641dad7d0afdede03d
SHA1 d044b2ede4279b4e2165b222c9b320a6c84ab668
SHA256 eefa5acf0e02c0c8fb22017334292f6114c11dbb7f3ecb199ee0b8ef32651cb3
SHA512 2bac4f893d02247402b39265c394d4f1a0464d35725d1d1ce23a1e169573e5c9cd80ddd1f88e4521fbe452aca536c0f1d0fd921a69c0b2987515dd58ef1fc33d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 ed5f95107e5b1999701db3d8bc770675
SHA1 27fc20a2e0e98fd63f9df705761dfb5007d4c5f4
SHA256 908ebecd74309ef6e56146bc2364308d8473ef90b8599b7c21266e87ad55c478
SHA512 b567353b2eb133f286d421e719b00508eeb97e68bc071d0d1b9639027ec8a1c445806a6d815520c44f83e025a0e9aa55022a66926c8f148f87a8b5b47505d45c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b1bcb2b6b6cb02d5974424944380a3a8
SHA1 dd9ad12c84767c62da67ea4d5d08da2fc9d55662
SHA256 e993733b1cde65d7119a89668f1a5ae1534823fe50cc784a53b734e7c3fd44bd
SHA512 4f44a154cc8eb5988a05b067848db732a457055149d86c2b4ba64eafcb580c5d3092f160b0426e66d3175c42ed57c6a761374532822572b5d2557698e1be2a20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f323718067956b42055554d0d06c1086
SHA1 38ebce70bdb1e130cbffe4b60c542948f33496c5
SHA256 353314b608658509d77e4524dcb2b750a99fe9087cff5a0894ba06ec34872e4c
SHA512 b18bf34f4e5ce1126a127dd46ffd32a8302d1383ff16d2c508eb0e9f30d97d7a4bcf72b39882a896027b3de50b3a12c047efc934e41b86048e3cd944af835b36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\42c791b0-1705-465d-8f56-d5c8f10df627\index-dir\temp-index

MD5 e145e4002576120af7863cc0fabf83fb
SHA1 455ff65f581b629416b479a303115d4186ae948a
SHA256 4401d639b40f048fd712f27980da6556970a037305867fa55ba449b93374abee
SHA512 3f86727326e44acd05878d69e8958ac8503bf0965626fad4ac86b5c89edb1f160d9f35295bf776277af08439fc275feb55ab6820a6944bddd4e5e8cfb6e167ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\35742893-91ff-4b2c-af26-40530e9f7c0d.tmp

MD5 d7223b14eadb74b1894399684b8d0fab
SHA1 e01dc1f5e210831b66655d84ccbc2d05a18d860f
SHA256 9a08f7e8936070e11067d9f258d4708565efc6f205c9e419447539a56012b9f6
SHA512 f440fb476699d7ae2c4295f64c560501cbb0c90c942395bb6e38e3be4d7a171468bbe0088c98b464c77ec7e3bc2d893c7f72001083b6282cf15f5325baf6f5bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c9aa5dcb4160d39dce800e71b3a96261
SHA1 66f95d685a1f55d83a2ed9a16100b421261f41e8
SHA256 3010b02833b8293f681e020600090ab569bd65dd6a2f178e3d831541fbfd2cae
SHA512 5a97a328b1d053750c298fdf765b5e8cdd21bb8bd1aae94bdabcc17e6213bb4663b4ffda328e63dea261a4f6b65b463c6db6057aa550799c866627efb4721449

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\ee67ba68-4fd1-41c5-8e20-61abe53222bb\index-dir\the-real-index

MD5 c646380dcd0f4f75594ec9f9c697a8e0
SHA1 5ab4bdfd4b8dda8e4c08351e551489a887f00018
SHA256 73f499e743389d30820bf447eac28873825c6af386296c5a19994c99a1ec19c6
SHA512 7cd1175f25838c4534f7108e33bdc6dbbb0adb3d2f3a4a842e461d639023cd1a3238101d367de40ed6e50c7c4864fe618396a23b73e1263468f52de57ea5ab4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\d59c3a467c318dc414c0c69d3361d62c8a8797bc\index.txt

MD5 eeaac16a138a169edcfcb3b8d6cd4045
SHA1 a47d1be175d8d45cb38f8bf4c1bb4c81f94ce99d
SHA256 52d9723884f438848c31c73b2db9634e3f72c8b96260ff21f7dc1ae870d23e5a
SHA512 c826c4bbdce4124d534acdddeae49620b882a1e0dc070d0ca0460d7ceea92547a19989ba347af97da9bf1fd08df336112191ecf93696eef441f9bd28d190fa5b