Malware Analysis Report

2024-10-19 08:22

Sample ID 240613-we4kks1fkr
Target https://media.licdn.com/dms/document/media/D4E1FAQHZ8XUJK8wVIw/feedshare-document-pdf-analyzed/0/1718205488022?e=1718841600&v=beta&t=tXisq_mGCdeXNR_F2QYnyJTp3EU2B7tu0sobk_bH8l4
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://media.licdn.com/dms/document/media/D4E1FAQHZ8XUJK8wVIw/feedshare-document-pdf-analyzed/0/1718205488022?e=1718841600&v=beta&t=tXisq_mGCdeXNR_F2QYnyJTp3EU2B7tu0sobk_bH8l4 was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 17:50

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 17:50

Reported

2024-06-13 17:53

Platform

win10v2004-20240611-en

Max time kernel

150s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://media.licdn.com/dms/document/media/D4E1FAQHZ8XUJK8wVIw/feedshare-document-pdf-analyzed/0/1718205488022?e=1718841600&v=beta&t=tXisq_mGCdeXNR_F2QYnyJTp3EU2B7tu0sobk_bH8l4

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A yandex.com N/A N/A
N/A yandex.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1216 wrote to memory of 1188 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 1188 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 3752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 4756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 4756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1216 wrote to memory of 956 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://media.licdn.com/dms/document/media/D4E1FAQHZ8XUJK8wVIw/feedshare-document-pdf-analyzed/0/1718205488022?e=1718841600&v=beta&t=tXisq_mGCdeXNR_F2QYnyJTp3EU2B7tu0sobk_bH8l4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb408246f8,0x7ffb40824708,0x7ffb40824718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=4792 /prefetch:6

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12241060614568940094,6446574389679245173,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6432 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 media.licdn.com udp
FR 152.199.21.118:443 media.licdn.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 new-adobe-document-pending.us-lax-1.linodeobjects.com udp
US 172.233.128.227:443 new-adobe-document-pending.us-lax-1.linodeobjects.com tcp
US 172.233.128.227:443 new-adobe-document-pending.us-lax-1.linodeobjects.com tcp
BE 2.17.107.130:443 www.bing.com tcp
US 8.8.8.8:53 4454275f.rwnbqwuligbumyzvpodsthfkaftacy.pages.dev udp
US 172.66.47.107:443 4454275f.rwnbqwuligbumyzvpodsthfkaftacy.pages.dev tcp
US 8.8.8.8:53 apps.identrust.com udp
BE 2.17.107.226:80 apps.identrust.com tcp
US 8.8.8.8:53 227.128.233.172.in-addr.arpa udp
US 8.8.8.8:53 130.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 107.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 226.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 21.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 needajob.com udp
US 103.224.182.246:443 needajob.com tcp
US 103.224.182.246:443 needajob.com tcp
US 8.8.8.8:53 246.182.224.103.in-addr.arpa udp
US 103.224.182.246:443 needajob.com tcp
US 8.8.8.8:53 lcln.strycli.com udp
US 104.21.9.238:443 lcln.strycli.com tcp
US 104.21.9.238:443 lcln.strycli.com tcp
US 8.8.8.8:53 ytnnn.49gs9.com udp
US 104.21.85.110:443 ytnnn.49gs9.com tcp
US 8.8.8.8:53 238.9.21.104.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 www.google.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 110.85.21.104.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 new-adobe-document-pending.us-lax-1.linodeobjects.com udp
US 172.233.128.226:443 new-adobe-document-pending.us-lax-1.linodeobjects.com tcp
US 103.224.182.246:443 needajob.com tcp
US 8.8.8.8:53 226.128.233.172.in-addr.arpa udp
US 103.224.182.246:443 needajob.com tcp
US 103.224.182.246:443 needajob.com tcp
US 8.8.8.8:53 tnhav.lmonagly.com udp
US 172.67.160.58:443 tnhav.lmonagly.com tcp
US 8.8.8.8:53 58.160.67.172.in-addr.arpa udp
US 8.8.8.8:53 www.alibaba.com udp
BE 104.68.85.25:443 www.alibaba.com tcp
BE 104.68.85.25:443 www.alibaba.com tcp
US 8.8.8.8:53 assets.alicdn.com udp
US 8.8.8.8:53 g.alicdn.com udp
US 8.8.8.8:53 s.alicdn.com udp
US 163.181.154.230:443 g.alicdn.com tcp
BE 104.68.85.25:443 s.alicdn.com tcp
US 8.8.8.8:53 insights.alibaba.com udp
BE 104.68.85.25:443 insights.alibaba.com tcp
US 8.8.8.8:53 25.85.68.104.in-addr.arpa udp
BE 104.68.85.7:443 assets.alicdn.com tcp
US 8.8.8.8:53 sale.alibaba.com udp
BE 104.68.85.25:443 sale.alibaba.com tcp
BE 104.68.85.25:443 sale.alibaba.com tcp
US 8.8.8.8:53 marketing.alibaba.com udp
US 8.8.8.8:53 i.alicdn.com udp
US 8.8.8.8:53 open-s.alibaba.com udp
US 8.8.8.8:53 onetalk.alibaba.com udp
US 8.8.8.8:53 ug.alibaba.com udp
US 8.8.8.8:53 tradeassurance.alibaba.com udp
US 8.8.8.8:53 passport.alibaba.com udp
US 8.8.8.8:53 aeis.alicdn.com udp
US 8.8.8.8:53 buyercentral.alibaba.com udp
US 8.8.8.8:53 gj.mmstat.com udp
BE 104.68.85.7:443 aeis.alicdn.com tcp
US 47.246.136.160:443 gj.mmstat.com tcp
US 47.246.136.160:443 gj.mmstat.com tcp
US 47.246.136.160:443 gj.mmstat.com tcp
US 163.181.154.237:443 buyercentral.alibaba.com tcp
US 47.246.131.135:443 open-s.alibaba.com tcp
US 47.246.131.135:443 open-s.alibaba.com tcp
US 47.246.131.135:443 open-s.alibaba.com tcp
US 47.246.131.135:443 open-s.alibaba.com tcp
US 47.246.136.160:443 gj.mmstat.com tcp
US 8.8.8.8:53 230.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 7.85.68.104.in-addr.arpa udp
US 8.8.8.8:53 rule.alibaba.com udp
US 8.8.8.8:53 fourier.taobao.com udp
US 8.8.8.8:53 us.ynuf.aliapp.org udp
US 47.246.131.144:443 ug.alibaba.com tcp
US 47.246.131.144:443 ug.alibaba.com tcp
US 8.8.8.8:53 app.alibaba.com udp
US 8.8.8.8:53 activity.alibaba.com udp
US 47.246.131.241:443 marketing.alibaba.com tcp
US 8.8.8.8:53 buyer.alibaba.com udp
US 47.246.131.144:443 buyer.alibaba.com udp
US 8.8.8.8:53 inspection.alibaba.com udp
DE 47.246.146.52:443 us.ynuf.aliapp.org tcp
US 8.8.8.8:53 237.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 135.131.246.47.in-addr.arpa udp
US 8.8.8.8:53 160.136.246.47.in-addr.arpa udp
US 8.8.8.8:53 144.131.246.47.in-addr.arpa udp
US 8.8.8.8:53 241.131.246.47.in-addr.arpa udp
US 8.8.8.8:53 ipp.aidcgroup.net udp
CN 123.183.232.34:443 fourier.taobao.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
US 163.181.154.237:443 buyercentral.alibaba.com udp
US 8.8.8.8:53 itunes.apple.com udp
US 8.8.8.8:53 logistics.alibaba.com udp
US 8.8.8.8:53 my-health.alibaba.com udp
US 8.8.8.8:53 partner.alibaba.com udp
US 8.8.8.8:53 img.alicdn.com udp
US 8.8.8.8:53 www.lazada.com udp
US 8.8.8.8:53 52.146.246.47.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 www.linkedin.com udp
US 8.8.8.8:53 www.tiktok.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 activities.alibaba.com udp
US 8.8.8.8:53 ai.alimebot.alibaba.com udp
US 8.8.8.8:53 apps.apple.com udp
US 163.181.154.229:443 img.alicdn.com tcp
US 163.181.154.229:443 img.alicdn.com tcp
US 8.8.8.8:53 baba-blog.com udp
US 8.8.8.8:53 biz.alibaba.com udp
US 8.8.8.8:53 g-sellercenter.taobao.com udp
US 8.8.8.8:53 229.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 global.alipay.com udp
US 8.8.8.8:53 i.alibaba.com udp
US 8.8.8.8:53 rfq.alibaba.com udp
US 8.8.8.8:53 rulechannel.alibaba.com udp
US 8.8.8.8:53 seller.alibaba.com udp
US 8.8.8.8:53 service.alibaba.com udp
US 8.8.8.8:53 survey.alibaba.com udp
US 8.8.8.8:53 talent.alibaba.com udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 world.taobao.com udp
US 8.8.8.8:53 www.1688.com udp
US 8.8.8.8:53 www.alibabagroup.com udp
US 8.8.8.8:53 www.aliexpress.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.instagram.com udp
US 8.8.8.8:53 reads.alibaba.com udp
US 8.8.8.8:53 supplier.alibaba.com udp
US 8.8.8.8:53 air.alibaba.com udp
CN 123.183.232.34:443 fourier.taobao.com tcp
US 8.8.8.8:53 px-intl.ucweb.com udp
US 157.185.188.1:443 px-intl.ucweb.com tcp
US 157.185.188.1:443 px-intl.ucweb.com tcp
US 8.8.8.8:53 baize.alibaba.com udp
US 8.8.8.8:53 offer.alibaba.com udp
US 163.181.154.233:443 offer.alibaba.com tcp
US 8.8.8.8:53 tags.creativecdn.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 87.250.251.119:443 mc.yandex.ru tcp
GB 195.181.164.14:443 tags.creativecdn.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 asia.creativecdn.com udp
SG 103.132.192.30:443 asia.creativecdn.com tcp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 1.188.185.157.in-addr.arpa udp
US 8.8.8.8:53 233.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 14.164.181.195.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 119.251.250.87.in-addr.arpa udp
SG 103.132.192.30:443 asia.creativecdn.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 mc.yandex.com udp
NL 185.235.87.196:443 ag.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 185.235.87.191:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 sslwidget.criteo.com udp
NL 178.250.1.9:443 sslwidget.criteo.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 sync-t1.taboola.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 r.casalemedia.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ad.360yield.com udp
DE 37.252.173.215:443 ib.adnxs.com tcp
GB 172.217.16.226:443 cm.g.doubleclick.net tcp
US 172.64.151.101:443 r.casalemedia.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
NL 141.226.228.48:443 sync-t1.taboola.com tcp
FR 217.182.178.233:443 rtb-csync.smartadserver.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
IE 52.209.124.52:443 ad.360yield.com tcp
US 8.8.8.8:53 dpm.demdex.net udp
IE 52.17.32.208:443 dpm.demdex.net tcp
GB 172.217.16.226:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 matching.ivitrack.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 exchange.mediavine.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 sync.outbrain.com udp
US 34.117.157.22:443 matching.ivitrack.com tcp
GB 2.21.188.27:443 contextual.media.net tcp
DE 52.28.199.32:443 exchange.mediavine.com tcp
IE 54.171.168.223:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 dis.criteo.com udp
US 50.31.142.255:443 sync.outbrain.com tcp
US 8.8.8.8:53 simage2.pubmatic.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cashier.alibaba.com udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 30.192.132.103.in-addr.arpa udp
US 8.8.8.8:53 196.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 191.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 48.228.226.141.in-addr.arpa udp
US 8.8.8.8:53 233.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 208.32.17.52.in-addr.arpa udp
US 8.8.8.8:53 52.124.209.52.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
GB 185.64.191.210:443 simage2.pubmatic.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 criteo-sync.teads.tv udp
US 8.8.8.8:53 criteo-partners.tremorhub.com udp
DE 3.122.213.30:443 match.sharethrough.com tcp
US 8.8.8.8:53 lang.alicdn.com udp
DE 52.28.199.32:443 exchange.mediavine.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 107.23.54.218:443 criteo-partners.tremorhub.com tcp
GB 2.21.189.110:443 criteo-sync.teads.tv tcp
US 8.8.8.8:53 ad.yieldlab.net udp
US 8.8.8.8:53 sync-criteo.ads.yieldmo.com udp
US 8.8.8.8:53 e1.emxdgt.com udp
US 8.8.8.8:53 c1.adform.net udp
US 76.223.111.18:443 eb2.3lift.com tcp
IE 52.209.229.240:443 sync-criteo.ads.yieldmo.com tcp
DE 35.156.11.56:443 e1.emxdgt.com tcp
GB 2.21.188.116:443 ad.yieldlab.net tcp
DK 37.157.6.254:443 c1.adform.net tcp
US 163.181.154.230:443 g.alicdn.com tcp
US 163.181.154.230:443 g.alicdn.com tcp
US 163.181.154.234:443 cashier.alibaba.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
BE 104.68.85.25:443 lang.alicdn.com tcp
CN 123.183.232.34:443 fourier.taobao.com tcp
US 8.8.8.8:53 22.157.117.34.in-addr.arpa udp
US 8.8.8.8:53 77.255.239.18.in-addr.arpa udp
US 8.8.8.8:53 27.188.21.2.in-addr.arpa udp
US 8.8.8.8:53 223.168.171.54.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 255.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 30.213.122.3.in-addr.arpa udp
US 8.8.8.8:53 32.199.28.52.in-addr.arpa udp
US 8.8.8.8:53 110.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 240.229.209.52.in-addr.arpa udp
US 8.8.8.8:53 218.54.23.107.in-addr.arpa udp
US 8.8.8.8:53 56.11.156.35.in-addr.arpa udp
US 8.8.8.8:53 254.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 116.188.21.2.in-addr.arpa udp
US 8.8.8.8:53 234.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 yandex.com udp
RU 5.255.255.50:443 yandex.com tcp
US 8.8.8.8:53 core.yads.tech udp
US 8.8.8.8:53 an.yandex.ru udp
US 8.8.8.8:53 sync.sharethis.com udp
US 8.8.8.8:53 gw-iad-bid.ymmobi.com udp
US 3.91.122.239:443 core.yads.tech tcp
RU 213.180.193.90:443 an.yandex.ru tcp
RU 213.180.193.90:443 an.yandex.ru tcp
IE 34.242.254.5:443 sync.sharethis.com tcp
US 8.8.8.8:53 50.255.255.5.in-addr.arpa udp
US 47.253.61.56:443 gw-iad-bid.ymmobi.com tcp
US 8.8.8.8:53 yandex.ru udp
RU 77.88.44.55:443 yandex.ru tcp
RU 77.88.44.55:443 yandex.ru tcp
RU 77.88.44.55:443 yandex.ru tcp
US 8.8.8.8:53 5.254.242.34.in-addr.arpa udp
US 8.8.8.8:53 90.193.180.213.in-addr.arpa udp
US 8.8.8.8:53 56.61.253.47.in-addr.arpa udp
US 8.8.8.8:53 55.44.88.77.in-addr.arpa udp
US 8.8.8.8:53 239.122.91.3.in-addr.arpa udp
US 8.8.8.8:53 dr.yandex.net udp
RU 93.158.134.242:443 dr.yandex.net tcp
US 8.8.8.8:53 242.134.158.93.in-addr.arpa udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b704c9ca0493bd4548ac9c69dc4a4f27
SHA1 a3e5e54e630dabe55ca18a798d9f5681e0620ba7
SHA256 2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411
SHA512 69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 477462b6ad8eaaf8d38f5e3a4daf17b0
SHA1 86174e670c44767c08a39cc2a53c09c318326201
SHA256 e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d
SHA512 a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e

\??\pipe\LOCAL\crashpad_1216_SIEJDHTLYZCNNIXH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8f87b2ca9118b18c78145d16f524df8b
SHA1 892eabd2aec95992c8c6bd1e5eaddd2f4796946c
SHA256 15c1abbc8170ac5a3a2b12514bfbc1ed9926c8d0c7ad31f9fcc6593ff75611e6
SHA512 1080d150ec12fecd8bc1332fffe8b0f2db2d0495870030739ed4e566f63a9943a1456d3372c77eb41c3580c7f2e1569a0630787d95fa49476e543d2b06f79fc4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8d60c4b28c88529e431b71e586de9f18
SHA1 c115980f604d68590f6c2b054354ff27b2c9e09b
SHA256 4d53f29e41e024943809294fda0ccd6e8c856e441dc2770ec16eb21f8dde2c6a
SHA512 e3ec481834e214a5711f47457f98778f8872e2832ff27ef033d56eceabc6013c28fe5f14c1b2fe8dc29dfec62877c44aedffce15caab3c467bc4c67d406e1ea4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 31903db943ae27e9cde4d29e08d3983a
SHA1 56fab1a51d8a9989638aa266fe9291a03d6bf5bb
SHA256 f50684c3a30fea08afb446153f09ff7816adc8251dac1faa66dbcb771e3a1344
SHA512 7dfbc19c0bfa1680c80fe395f1ee652b11d9a37e5960c6865b3ec28b312dc614388a4c49a5d28f9010eb23e244f4a1efcf3329de3441a232f6334792f2fdcd4e

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13033cab919abd1be24215463a33b0af
SHA1 a4a3052d325a1a1dd05ca373cae35ca4dcaa6c96
SHA256 337534ebcd267265fdb4604278c62cd009ebc337aea5bad5fbe42e36cfa77c63
SHA512 53f329828fb816e0621514038165912c6b2c4b1548b4ec3fb823dce0390555f01284217b585499ec2c642e4674e9ba1f9b71d4168712a3fcde58aa04e2f81805

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\392f42f9-9d82-4b33-b9a5-fb21cf7a8d2a.tmp

MD5 8f7d3627dee46efb3c94dd7ccf247f29
SHA1 83340dd9b596b67550e95c5348aca7e08c03d053
SHA256 43c7580ba4afdd6e4687c446125682f68fc4da0961144d3e8d8ec7defb7c6a17
SHA512 61d921803f588cde38b443a06193f6f8f2036206b65c65179eccbd3a34f20cbd49a6a49fbe8c5feb9f88d901989bca433fc338a0ebd8b6f585b62035fdcf4c65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 000580d7d565c89c728ce7bff4357f0f
SHA1 e23f18b97c6a4af787e55a4337cf907af37c9508
SHA256 e97793dbf27cdf77d0b3131ec1b01515dece27e3fba52357b912555c5b70d130
SHA512 024e16ffac9c3a6994c9a3e1133dc6b5bfdacb81c8118724e30beafded19c8318336314c4f3d26235142056a228efd8d8d8cd0d2d04c2be776802f1c50e8c110

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8750d0d9450c75c2e1f437b7c15e2de5
SHA1 d160e6375d89fc21832192c850ea98804e60867d
SHA256 33d2c635de750663ac4972d5199f8690631469e6173ac725e87cc36390925aa4
SHA512 4a6b26f4bf43fbb5007e24a0f31e5bff93ba042634f837f5f92c32b3fa8dfad49c2274e6369a6bad8f322c922e49af1a5ed75236867e9b5c4ab7eef6a0ce0d99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58bf73.TMP

MD5 29873076cad376999fcea507bf3e3f53
SHA1 bba3aeeafca49cd7074420ce47c7d1b30513a9b3
SHA256 188706e2a5f888d1729d800ede629b55a6a7e8040c8f3109ab9a25be4952ee6c
SHA512 d23adcb0458d4d49d97b2741db534bc2ead15a05b6c5a06681c0bf47a9af5540e6bfadb43cfb041d108ad2eaaecbaacc5a6510affb3e2348511aeed3af4f304a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 62831e89a4decaf9cd09c0992ffd56ce
SHA1 2ecfab2136dfe9da7ab89688ba7c10f708935cd4
SHA256 6d2db63bcc89d54fba43590d88035684e0b59f929609cb241fa61beeaaddadeb
SHA512 196ade2c1aa09d1276f2d37bd554dbe84eb82166a8e759e5c204cec9bc8cefcf73a48beecd3fe68d48150df9fab54877a82b40247dcb4512e16db2a31e2cb235

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d28990e012d248920ac7b16a7510a588
SHA1 d87ceafeb2398bb5c9248116759ec35414fbbd55
SHA256 121ef42dc508162826998d554fd1eaabfb9acde50c112857b4e7668413d09fe2
SHA512 6ffb5efff2e4785c5429f1a45adf62253b1958b11271d7f05d5b26eff5baeba3b2d11fb2e955f7ce85410c76872cb8cbdad031654aaddadb6308eaa2cc83023b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 c456292ed9ca472fab6844e7b32f1b9c
SHA1 83be6dc73cae7814a206ad60f82df127d45ce570
SHA256 e8033df26e47ab9825b6d1478654fb78f0780d65ba72321d9296246cf5fb2b59
SHA512 4a0391be5f330ff42cb876bd51234441f0ebffcccf05690c8868de62c0598cc727c3266b9cb2959af89f2b44b4559a17e1d223b9a08f587019262477260d776f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

MD5 008d0ae10f41631bb124d78799baf5bb
SHA1 cd5956db2574b3e718d8e87f3e4af79e2a3b5e0b
SHA256 a0aee1664677fce87357ff299c236f12803be313c1838a312d779ccf1ce0e590
SHA512 e4c1c5a8d88b6e0caa60b3c6ce02c05b0b2653c478a788d9d6c330d34439a5f91acecd67dc6baa4f40cf8f4cf21a684a13162562df8e2406cd06ac3145c6216e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt

MD5 6b75e15802d86364d28499baeb3cd576
SHA1 66bc3d242a3ec230cd52ec36c41a2a41908da9aa
SHA256 52ca3db920d277fb429971523281348c6e55ed53336fd561cb65e14beb4a85e5
SHA512 821b96aafffc9364816138f9317021d33060ce334b1d2b71b7bbed153daf129c4916146477ac89f2369e7ebde424313b000593b028685e4d15dea901a001781b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt

MD5 5fffaf0e29c5cfe5f10a0ff695998d77
SHA1 89061c0ec6cbff027d21ebd2a421445cdcbe55df
SHA256 7682812afb395b3d3a18b79a0b2fb885cc02c37b6375f397062bfaa9f5af83d4
SHA512 8d2503bf5323ed6fd4a21dc5b36c35b0271388f1f05cfa31badcf1c73f317dcdfb27b38e713c64283f98798eb2ad9cf5ca2fc5524fc11edb6aaa4afa65626b7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\Origins\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8719050143b03183e920c7e8ae66fea2
SHA1 9d68f00ce805b54006edb5c2475c9d1ca860c036
SHA256 1c1206da5c8b3d68f6c66fe83fce09978fbacf57368ca2674219d3c955bfc71c
SHA512 a7be9a9e6c72c5513429488477ff90bad8133b8ca8f6a83a0c048f0908984b6b1582d2005df9fd258caf4e4fe5d2ca3662d0e5617f33e3455981a0de24dcdc55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 180551d1a08140e2f145f224115e8b4d
SHA1 9f70c8c5cefa5dc9094f6f3e9c98e6fbe8731618
SHA256 28798bb5a15093982ed159d7a095801344ca35f6bd5f036a33c154b1275f48b6
SHA512 0897f550df45837c6d62f60a855f7be6f3c809a7f7b1e0f0dd3ce9db92212b45ed9fd34e7ca79d0768cd3d710a1a85e621e8ceaad322004c43ecb4b7d2d8906d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 22e455ecf07078d891bfbb0dca80fdfd
SHA1 ed6d3828083c6a29794bc4764df80eedc6e00e52
SHA256 25bf463205d72c2c5d76f38a86703158747ee41a0e9a88817e966528d08bbcac
SHA512 e6f72abfd26eb8819dee3ff02ad63e65d6640cee16c040e2355f525650a575fc383fc7b0b49a47e746c7c281b1abdb5cb33bb5af041f3ab74faf4c8c9dd56d7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe594cfd.TMP

MD5 d43cf279231877d573794d1a48a15c94
SHA1 1ec66bdc7310b277c7405ad68ec10767b6eef1b5
SHA256 1c39b72c294d55c1f9b58ccb80088f238eb28cd4f77e3638398b8f3030d59361
SHA512 b130d0a6e1d623ab536755bdf31d3a82e049f8508ac6a7a9c57767b18d88e327a9e050776448b083c7f7cb0cd3e26a14c1fb293a9a3347a0ede96beec2e2012b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ef5940e397a514f930823d18699ae252
SHA1 b58373a1ca5f64494e67e9e962b39fc38ca56bc5
SHA256 4c72238d1a5a4f947089abaf8ef49064d6ca4b1ff5e2a030a4c2a13a5e83e55a
SHA512 7c8c49bc4a2f8a39e5bd4c0932b0b8f82c497dafde44f70f007d1fabd2416dd63b19840c5b43aa6c7ebdf53e8e119a722934a355901bcff3cdfb3194f2c53a18

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a07c171bf44676a47c09160264962d60
SHA1 bf4d20a8a224aa1258e1c4601caf549c1f32f66e
SHA256 87438d99e4d744fab4159ef534b6888de5759b76dbf7405d829bdb6ad566efb6
SHA512 b365f2d3586c5a00831354323c664332f453520898eb1ecbef1a1461dd56401fa8f6ac89222c79cb4cc13497d18982c7707949d4300b1bd520860f91939521a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\48077511-fa3f-482f-b643-45eefd31a077\index-dir\the-real-index~RFe594e55.TMP

MD5 33f4a9b8d316c9f0b2a4995a91b52091
SHA1 17c776615fde2f84e34ec1e7d8663ea21a646e05
SHA256 caab1d0ba8d35cba739a82d52e38cac3e51e72e58e2f72d173551569241ea54f
SHA512 6ece05294d806959a410b22dfefb1389498603136bc02a959d82ebef00178aa56fc21e269caa35d181d5e289d71f5f759947b2011bda2d8a235a551aef68ad4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\48077511-fa3f-482f-b643-45eefd31a077\index-dir\the-real-index

MD5 9e44335e81791843b7f868142b3a6fb7
SHA1 8e3b7a04adf3c81f656ddd2b232a0e753788e20b
SHA256 7c4245b048134d783453095d2f2aa9606faf7864bf6ab3fc70b2a66c4ce2b590
SHA512 c740c39cab99a42a46f84e0a99c0685a09983c875047efa219ab1999044816304559554bd015dc55c7de47c5c10cfac08509cea33a538240e9d0805e2337e81c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt

MD5 b5079cf6118ad9ddd7da986d5168fdc9
SHA1 eadf980bdc8734aff7282a3d86e05b047f0d2a9b
SHA256 7bb14ff5d81b4715bbbf288aebbceecc789e397ee8d5ba3fca88eb4e11c40dd7
SHA512 8fb604292ac75b3af235b8bc31c18f40011da25f402cdb2a6c5c1f784feedf249473345278125cbd0535e236eca733f36251fd2045b2d8f4743fa5f6542ef81d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\c1f23a7f-e6f3-4429-ae12-26474cf1758e\index-dir\the-real-index

MD5 c2f2ddece5b2be52df3b62dc4fd22a86
SHA1 ccf5040db41a206f4c525d9b994e7de348d10eab
SHA256 6402c300716e6e1c4aba2feffb0da69a9e6a271d6db4fb18c71bb0dca9cc613b
SHA512 7f59ef4d96a0a9ed587d728784f41847137ec33592ed370f2608a79124138601a16117284e32b56b205981eb7e559881191dea1b5ff8605b094695f1719f1188

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\c1f23a7f-e6f3-4429-ae12-26474cf1758e\index-dir\the-real-index~RFe594ffb.TMP

MD5 dfd2ea0bcf02196e9f2bdeaab65a23cd
SHA1 4a206afd19d315d8c16f9fe65754854ddd7248d3
SHA256 413c5ee4a1597ae3e8fe5ee000d1bdb2ed90d14269ef726e780bed925fb564fb
SHA512 e0b3babe1a06570832003ce3a5f82fab8c7eeb1d067dd169d63b85fca7be4eda4224f88a2e42de908f7646a8fc4d9c5274df767da72647795180361003700bd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt

MD5 4e1c8d58624452d36096061a6605d4e1
SHA1 710fbf1b9eb8bdae51a6e06e47a8017e96efa041
SHA256 9f2cc4d03b98abe1178c40e9be089736a066bb9cdb19933dd33268f938b0fa21
SHA512 d97e911fe7a1763d8efd5d8b217a9af689c4abe060350ab63ccb9f6f6e4ec37a63e4d66d423db8445cfa206788f2c2da925adb5fbeed57f38aa806dc7edc722b