Analysis Overview
Threat Level: Known bad
The file https://shrturl.nl/e/DCWE55-v was found to be: Known bad.
Malicious Activity Summary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-16 15:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 15:37
Reported
2024-06-16 15:40
Platform
win10v2004-20240611-en
Max time kernel
145s
Max time network
142s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://shrturl.nl/e/DCWE55-v
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb186d46f8,0x7ffb186d4708,0x7ffb186d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,12489095077798176937,14864009966780701882,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1924 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | shrturl.nl | udp |
| US | 104.21.71.128:443 | shrturl.nl | tcp |
| US | 8.8.8.8:53 | roblox.com.py | udp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| US | 8.8.8.8:53 | 128.71.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| US | 3.162.140.95:443 | roblox-api.arkoselabs.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| BE | 2.17.107.67:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.232.128.45.in-addr.arpa | udp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| NL | 45.128.232.160:443 | roblox.com.py | tcp |
| BE | 2.17.107.217:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| IE | 18.66.171.105:443 | images.rbxcdn.com | tcp |
| IE | 18.66.171.105:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| US | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| IE | 18.66.171.105:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 217.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.181.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 20.189.173.13:443 | tcp | |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4819fbc4513c82d92618f50a379ee232 |
| SHA1 | ab618827ff269655283bf771fc957c8798ab51ee |
| SHA256 | 05e479e8ec96b7505e01e5ec757ccfe35cb73cd46b27ff4746dce90d43d9237c |
| SHA512 | bc24fb972d04b55505101300e268f91b11e5833f1a18e925b5ded7e758b5e3e08bee1aa8f3a0b65514d6df981d0cbfa8798344db7f2a3675307df8de12ae475b |
\??\pipe\LOCAL\crashpad_1716_DSUONQYEPBBHHYFC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 257c0005d0c4d0bb282cb470925e4376 |
| SHA1 | f9b8efb511ed64292568977c9f2ec255509e8f7d |
| SHA256 | 8185c36aaacfc71e42f94fad8e198fe7fb2d868398ceabb89261cae94341cb22 |
| SHA512 | 2f3e8f352ed3ef88e8c28650390f93f98c92174d268330b886f3ebd1ba0163999051298ee12a054606b4986005452a241c6864cd292e69492d79c37d500556f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 78f89329748348bc9412a8eccce2f8b7 |
| SHA1 | b4ef1beea238f6f153fd02f060eb6bab44de9596 |
| SHA256 | d1618d620213e948e88919175d38795f89030a92ce7bdd32339e770f21bb1629 |
| SHA512 | f3ec13ce701135dbfafe850ad0f54b3cc4f1e401086b4cb919fc1dc05d4bcdf782178152009eaf0db6c2756aa689dec5e76f8cd10b864178999b6c7a6b50e39b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 542fb14e08eb6283a605e308abf0c11c |
| SHA1 | ccb6a95d9f37618d735d068469c8a89b1c5829cb |
| SHA256 | c76e8d63d833bb828cd801452acb8d2dc0891150b9254cae2f34388fe3363805 |
| SHA512 | 423fc6e3c1780a45d3fa394aba1ee777014bcd2b7d096550e73806f5c9411018eba1cdb1ec5a07330119f62db78988024adc1ba4f24340a02c2c93310119c767 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 517318b8b1c9c2ca69721a4d92c3f88d |
| SHA1 | a5b54247d462b0c84e2b767a25d3e52bcd24dfc9 |
| SHA256 | 62f25ab2e64c69c21f3865112c8b85055ea18b538614fded872544142d76d613 |
| SHA512 | f1cfb35b3c77767fcb168235cdffffc019ebde31dc40de597a590c71fc826a56509a1072e5bd3465ad274c3a46eaedf361685411ec9b230d19ade5e7d5b0a20c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 95cd1581c30a5c26f698a8210bcab430 |
| SHA1 | 5e8e551a47dd682ec51a7d6808fe8e0f2af39e86 |
| SHA256 | d58162c5ae5e18fc06604c285e024c01686093d70994dc93b4ae9d85b4c3f7b9 |
| SHA512 | e49403df10177053634c431203a91d26df5dfb23cbbb88847459ecdf4b6107040d0944a3e84ee6bb26cb4e8017a35c8c31b658387cd1b6938ba4cb9f59606ece |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58555e.TMP
| MD5 | 96618f23cb76ec34065860dd324da89f |
| SHA1 | 41d813f7d206607b844731b96e499e874647c237 |
| SHA256 | 5ff7fb87b96b422adbaa4849d0d1369040c0479200c890609b56a1f9a945f469 |
| SHA512 | b5570bdde74dce7644b1b30eb777d1e56cc615033ada58e63d7ddfefe54563d22fe0561dd0d523f6466f32d07d8ebded9c680c8759b7e28ef2dd5d447b8085c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5695008d1b3f9c3f01fef4f347212edf |
| SHA1 | 61a911575ae1c1284e8851c43796bbb8eaf702d4 |
| SHA256 | dce0707ecc610878a33d58f67826f647e7baf38020d89e33b69e36fc14a83c24 |
| SHA512 | 6c6ba9f31cbbe6bb71ae0325725d4ce5ea316332e0ca18d61cefe67487832a91bb59ca951fc58324d0aa4428fa7f91284cc7c8e6f2c8441489cb2a22d9723cc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 52768380885067f5796a170b315b2fc2 |
| SHA1 | f4f9bcef41934fcb53eb3b46b6482a55d3ea1cc6 |
| SHA256 | de54c6002af27a5fc3de2cb3d38c6c8ab1a4681d2b00c770129e90a929f0b15a |
| SHA512 | 81860aa1df968da264f342d20b7eec90979014a9c419e56495cde1dc64b0889e92bdc1f65824819acbf2271c11ccdf93785c69bf25002263e5b893af7d3ce25b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6c2cc5d44f4db245ba749de489a6ae5f |
| SHA1 | 44b93bb641bbfffced3d810d57a79df16d3783dd |
| SHA256 | 3b70cd903e4f26460f259ff924718b5c131e9b6909f5e640e15c79272913d17d |
| SHA512 | 4456104d9ce87f9729c864172c979b7a466a468c60dabd87b298a4f2f3127b3394eb7683aa9ac29441b8588081fd2e98bd5af20d8b33e4e17da28005a1f9c109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1d470863dd5e6b66ebdab6628917d880 |
| SHA1 | 5ac4ebd06e749534d68f4e2a994d14d6bbad7785 |
| SHA256 | 559d8337eff558edcff2eafdc95c084ed472bead1ff68459ac6073fc5ea5b314 |
| SHA512 | 10c3a93e4c5422f2bb71129f9718b0121295544b2cda0b1f5f3413864260c0ce79adc4331e95c90cdab4e50e2367bd7333f31df953dd918252971f1e5f65d726 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a1402bf39c498fb9987cbe8457da1ce9 |
| SHA1 | 9f8e3cf39652f2cffb4b268a2667277ee7d58ab2 |
| SHA256 | 85febbb4f35e3cc29ada36a9216c81c3905fb8c8526472847fac550c671640d9 |
| SHA512 | 0de8ffb2bc134b3e6e111baf7729a903061dcf5d1fbf910107af9f381b600ecf01fabe94857daf0875e088bbda013724383798acc8769f6c97b3e7d370fae915 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0cac43e46872e1b4454bf9459ad6cd38 |
| SHA1 | bbe9595930c05f2fed685a96378511752d7b41fc |
| SHA256 | b57622e5724cfa3a392e6fa765d58e8de0fb07acb127e67bc85bb65493c13fb7 |
| SHA512 | 13dcedb49fb4b01a5f247696b9d61e2e2bea3a881f080fd972b9692af404d661f63778bcdace9b8a35288ae33b4c48748d18b20370a575bdd74271237c3b7495 |