Analysis Overview
Threat Level: Likely benign
The file https://azure.microsoft.com/en-us was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-20 10:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-20 10:12
Reported
2024-06-20 10:15
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2447855248-390457009-3660902674-1000\{A87C6980-8081-441F-B412-036DD439D817} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://azure.microsoft.com/en-us
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd90b646f8,0x7ffd90b64708,0x7ffd90b64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2536 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6188 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,6127693220712254180,2984048586831303885,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6264 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | azure.microsoft.com | udp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| GB | 2.21.190.37:443 | azure.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 2.21.189.233:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 37.190.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.189.21.2.in-addr.arpa | udp |
| GB | 2.21.189.233:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | cdn-dynmedia-1.microsoft.com | udp |
| NL | 23.62.61.56:443 | cdn-dynmedia-1.microsoft.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | play.vidyard.com | udp |
| NL | 23.62.61.56:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.56:443 | cdn-dynmedia-1.microsoft.com | tcp |
| BE | 23.55.96.141:443 | s.go-mpulse.net | tcp |
| US | 151.101.65.181:443 | play.vidyard.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | cdn.botframework.com | udp |
| US | 152.199.19.160:443 | cdn.botframework.com | tcp |
| US | 8.8.8.8:53 | mdec.nelreports.net | udp |
| US | 8.8.8.8:53 | 56.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.96.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 2.20.12.73:443 | mdec.nelreports.net | tcp |
| US | 8.8.8.8:53 | publisher.liveperson.net | udp |
| US | 151.101.1.192:443 | publisher.liveperson.net | tcp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| SE | 23.32.84.159:443 | c.go-mpulse.net | tcp |
| US | 8.8.8.8:53 | lpcdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 34.120.154.120:443 | lpcdn.lpsnmedia.net | tcp |
| US | 13.107.253.64:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.84.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.154.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| GB | 2.21.189.25:443 | assets.adobedtm.com | tcp |
| US | 20.189.173.10:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | s7d2.scene7.com | udp |
| GB | 2.21.188.75:443 | s7d2.scene7.com | tcp |
| US | 20.189.173.10:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.10:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.10:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 25.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.188.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.173.189.20.in-addr.arpa | udp |
| NL | 23.62.61.56:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.56:443 | cdn-dynmedia-1.microsoft.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | signup.azure.com | udp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 8.8.8.8:53 | ajax.aspnetcdn.com | udp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 8.8.8.8:53 | 237.140.171.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.189.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lptag.liveperson.net | udp |
| GB | 178.249.97.23:443 | lptag.liveperson.net | tcp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.signup.microsoft.com | udp |
| US | 13.107.246.64:443 | cdn.signup.microsoft.com | tcp |
| US | 8.8.8.8:53 | login.windows.net | udp |
| NL | 20.190.160.22:443 | login.windows.net | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 23.97.249.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | signup.live.com | udp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | acctcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 13.107.246.64:443 | acctcdnmsftuswe2.azureedge.net | tcp |
| US | 8.8.8.8:53 | aka.ms | udp |
| US | 8.8.8.8:53 | fpt.live.com | udp |
| US | 52.167.30.171:443 | fpt.live.com | tcp |
| US | 8.8.8.8:53 | 22.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | iframe.arkoselabs.com | udp |
| US | 172.64.154.86:443 | iframe.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | client-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | signup.azure.com | udp |
| US | 8.8.8.8:53 | cdn.signup.microsoft.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | fpt.windowsazure.com | udp |
| US | 52.171.140.237:443 | signup.azure.com | tcp |
| US | 13.107.253.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | publisher.liveperson.net | udp |
| US | 8.8.8.8:53 | query.prod.cms.rt.microsoft.com | udp |
| US | 23.219.231.250:443 | query.prod.cms.rt.microsoft.com | tcp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | lpcdn.lpsnmedia.net | udp |
| US | 13.107.246.64:443 | js.monitor.azure.com | tcp |
| US | 8.8.8.8:53 | x.clarity.ms | udp |
| US | 34.120.154.120:443 | lpcdn.lpsnmedia.net | udp |
| US | 20.114.190.119:443 | x.clarity.ms | tcp |
| US | 8.8.8.8:53 | 250.231.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | paymentinstruments.mp.microsoft.com | udp |
| US | 13.107.246.64:443 | paymentinstruments.mp.microsoft.com | tcp |
| US | 13.107.246.64:443 | paymentinstruments.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | 119.190.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 137.71.105.51.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3a09f853479af373691d131247040276 |
| SHA1 | 1b6f098e04da87e9cf2d3284943ec2144f36ac04 |
| SHA256 | a358de2c0eba30c70a56022c44a3775aa99ffa819cd7f42f7c45ac358b5e739f |
| SHA512 | 341cf0f363621ee02525cd398ae0d462319c6a80e05fd25d9aca44234c42a3071b51991d4cf102ac9d89561a1567cbe76dfeaad786a304bec33821ca77080016 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | db9081c34e133c32d02f593df88f047a |
| SHA1 | a0da007c14fd0591091924edc44bee90456700c6 |
| SHA256 | c9cd202ebb55fe8dd3e5563948bab458e947d7ba33bc0f38c6b37ce5d0bd7c3e |
| SHA512 | 12f9809958b024571891fae646208a76f3823ae333716a5cec303e15c38281db042b7acf95bc6523b6328ac9c8644794d39a0e03d9db196f156a6ee1fb4f2744 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f12c94fb9c63285a5b3b9c1a2e944d99 |
| SHA1 | 65fb6affe24b6e6959d09086172796e00c4bc0c5 |
| SHA256 | b70705baaf61ff272062cd03b200268622287859635a6a9b6d05eff6b8cc2b91 |
| SHA512 | c59e0c83a8ca09112122465daa06442f0b3bb842a1453155b138f4837cd49c526372014004bdb33ed4b955b042eed8ef553fb5bd832fa6d67b55a345c1b49062 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 926074ebb3b3ea58010e8f4842289d73 |
| SHA1 | ea36273bb7821a72bd2c0d3634e711021b050d4d |
| SHA256 | 5cdb287d04493c3acdaf88469418355a848355cb56341bb67813f994b147e5d8 |
| SHA512 | 56933396c9b2649fda84c7dc2804ae7c86c6af91e80fa57f00f38cd3fc17288ff7af0f25125dcc2db40e9580dbbc000bdc43d12943af8bf60ae7585ea5c23ec5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 584a4281c976a59bf42260e647bea4a9 |
| SHA1 | 00795f3235fb089fc2261d88df71789174ca49c7 |
| SHA256 | 48279c57c02edcdcbc427edddc3f0ba9e31c9ce3e85a8d5e427d0cb1a4836de1 |
| SHA512 | dededdb9c324c9a146af019a111ebdb6e3d94de277391108a2d31ce4c3613445f96aed0168397edb0ea8d3faec55433db85e3bbf342d4d0193378a03c3a89b41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 20b6097f86944debbda5001bf334e108 |
| SHA1 | fcf29a1f572f55b2056b5bc840a39693797cf647 |
| SHA256 | be87e8f6c473bcb2d5e25c812a9d39c390cb31af63b5e9f78d42103e302c989f |
| SHA512 | 0571b21525e257617bd88acd41e9404c9a759f8b36328ff4752e83bea79759a507b9d36fa87be2a937f54b13fcaa56c3ac49b6477b8775d4c37d60c94d1b3963 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043
| MD5 | 12e3dac858061d088023b2bd48e2fa96 |
| SHA1 | e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 |
| SHA256 | 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 |
| SHA512 | c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e6f136747d78d8c68236ede39c47e0ce |
| SHA1 | 180e10931d9d7348156a89183fad001775258f50 |
| SHA256 | 62b518a68c06b7f2864d5af5931ff435665d983932e89ec479da9369f6fc6062 |
| SHA512 | ad72bba7c8cb1332d68a47e40e378188d16b2efa21004fc50b6fdb6b4bf333f5c91df34838dafcc565ecbc088e88e517769f59a7ee02900efdca226a8435da67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579c11.TMP
| MD5 | 3c26058f51097b93b2ba0b08736c85bf |
| SHA1 | e4fd82e580611740d758482bddeccc78a4495dcd |
| SHA256 | d57233ebfb87db5be73fcd62b93cc90fee38f4c86a52e50c87210b716ead6b22 |
| SHA512 | 4c01474484d4e5f8595c93c74227f33b281f1f447ee852252d0160e1cd2905eafd471cbaf75a6352a0496a5706168ef83194c4ad20384b7e32ff338fb4ab84e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | 112f8f03c4affe4b3ac72fccffde1c7e |
| SHA1 | 131dc9c9b212806e559cf451e52a8ee4b518e208 |
| SHA256 | a0de4bbc84b76cbd1e9aab00e96f55c21c805aeac2b43ee399c29f279e997a1a |
| SHA512 | 5db5f04336613f697cf1064865eb90406efa6d9650658d7aa465ec8f9aafb8885d15e5bee8c4053d44d837a2d0c96951f734146d4387483a8a444180364d24ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 97684099af37d736608e5ad4b7000029 |
| SHA1 | 765d1a60da5a149300d123b31322db386321880d |
| SHA256 | 88e13b730b5e83b60b3eca9af2d029a5ee1c4ca8791bd968c882d6623e3ed61f |
| SHA512 | 15a4f72271d652a9cf960eec57f7883176f0afcef466e0c94bdf76ba767b11398e71d703d4b1d83496fc6fdcd6688ed2dcc5b35a727a86bc40bcfbf54031bb3b |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 184f378ab1fa58e87a5f78d48fe58b0f |
| SHA1 | 9fa8c1e110f1de0ba4cd92d3a4313cd0e9e5a110 |
| SHA256 | bdce83a5dfcf16402180d7b50dfd4bfa5890e72d5cdf052ff4588d807eba2b7d |
| SHA512 | 48c3848e5d3be8028ec589eb78ae78a2d367c7e2cc74f65cdc92648f36ca02c2122d0bf5120412b83f382d4017d7fda84c9afabc7bc575f2a3dbc15d267856b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9f3f89a23a1f089482e1a0d99f354944 |
| SHA1 | 6d88273b16dbc3c9fa4d0c3b03f807138a7ee8bf |
| SHA256 | ea36e6945e1b2cdc4b2fe69b4a22c318e4ed2286e7a6a95c078027eae442860c |
| SHA512 | dfff710bb62ee080190b0efe7f6b18d9ae99d012e004df991ed5e99da04a6735615c664d6d5015cd455e97e41b16ba65ce3bcd6679100c65b2b8ee8d86e75d62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 819df9cce0feef88d402dabd3d9ec696 |
| SHA1 | 59d4c575cf5e10d5883c41fe3e192cc000ed35a7 |
| SHA256 | 9be3640bafa9a5387ddfbbc4b34a64686cd3d04f2258cff7303f646fabf37264 |
| SHA512 | c37a6b198a19d3d179939efa08b09cfacc80fce44fe2ca9d05525c1fc80073dfc4f26dfe1c5a84804e080ad88f5a38ed3e55f92d2b60a46299551e4cc6fa885a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2d8b1008d9dff7e5d91a5aa6f0a66ccc |
| SHA1 | c176220413adee1357848715e1bd464c929d8824 |
| SHA256 | 1ef261c69827fede0611031aa906937dacbae35e9e3e9d57be1b5bbecec17de6 |
| SHA512 | b7027fef1dabb752af3038d759f0403e00c739ffc7c0c720709f3fca464f12a26fe92f9352df9cdb98c885e4a0169e7b2005c575ee7bfb20c44115a8ae8e6d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4d8233b1c43f530e75d7988dc9028fe6 |
| SHA1 | 65ed4575a25bd46109d169604b34526f90a1a8a9 |
| SHA256 | b1f7745f223847038ded87aa032033d102df50ef5c3fee994ce8bd49429ce39f |
| SHA512 | b60111451e795df9441275abf520f3e7b6b670a5e3b20bdc69d65d19af365979ed266761c27c81b8bb1f4973f870e3c077050346b7914885b05f264b0cc8e5fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fcb9a4b0571bf9edb28e846d3e554a7e |
| SHA1 | e286f06d36cea8214ed0d2cba9e8d4b7aaf91724 |
| SHA256 | 5f6fb023ca718a36ada288bc236b2204e9194ed29cb85bea4a093343d5e711c2 |
| SHA512 | 26ac4f266636dd2bee6abe5c02969d018e5884db4e4059c7d225576bf34ef0b4b96ad3e2a6b52f63801cacfe4062ede101a23b99c226dc2e91c60fbee98e6751 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9b24499b6c247da683fcbaed7a72bbe6 |
| SHA1 | bb1e31119c270877a2d6e90aafcb72e0be5c98cb |
| SHA256 | 7f0554bcdb2dc898b8542067e2e8c9c3ccbf2f2fb47994b7e694566ea43d0a95 |
| SHA512 | 47cbaefbe6cfce44e6c281bb704588ddab1876e21710d5f501f1fe0cacc045c8e177d22fd2dcb322ccdeb2f506a37137a256880f2e68ee39dbd78ad029d54c51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 159bbe98fb64ffc9025c5df03ac82297 |
| SHA1 | 737ac7548b7e3427231ea050ca012d8b1deee0eb |
| SHA256 | edb230f5613b212f78165a380faed32d7605b1584da3289b3f951564406474a3 |
| SHA512 | 3348e1fbc43f27f688950a3d965b575b5b22cb7d98a97b8320a1c670268c8d6348ea33befddcea333c73eeff1359a489e27047fed65a24b471d65c0867e44d88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 89404a999324c173b1bc8d3fd67e57c9 |
| SHA1 | 0bf2f345ec69bc7e6f697e6772958909ff371d93 |
| SHA256 | 8042b9ee33218b8619e96df5086161edbac747cf0022f7d7b85339c007a990a7 |
| SHA512 | c775e7d4179c32d9e53804778eb468afe5f364ab1099507e8bb2340bca7a6b861c5ae019bb0af56dbf58a0d781790449c8bc952d933be3849d030bea1b69c9ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 855aa19c7a3fc3bb38e5e1798b8d1069 |
| SHA1 | 81f46701293b81eb839184ec7517cadbe7183fb2 |
| SHA256 | 266ad0aa503f4b7f7c63eab05e20244b1d9bca3853d00952ba90909543d1fdaf |
| SHA512 | 0e5a521b22199f480595c81534c1dd3c3569bbb0b4ae292f7fccf41cc458218ca491f867feb0bd29a64b8d3e4eed3756ccd11f6afa51fd36148b5ba55beea2dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | 02826c1939a448a3adf4618059f1c9b0 |
| SHA1 | 5b826e6c56338e152d2361de65059528ab01a7f7 |
| SHA256 | aa6e360de2cfcffa71eca5cef40b8c2259370d0926e6ef9baabd3c22224bab53 |
| SHA512 | dfa8f6c54ff9b62a26d577470c9228c82d5c1b73b962008111a62b81c7823ca444f784a997777ecd9acfe1f3d7b023a733cfc181ba7d6b8b2068de6959c21977 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | 136449cd8d019215ad3902c3d0afd955 |
| SHA1 | 01a3fb11c20ec1b5bf3cbe3020aa3319bf5f2300 |
| SHA256 | a1498544b1c84ca6025c0f6f8ae95add55df8b9d2cb45e39ea6169a540ea6bbc |
| SHA512 | c8f78aab144c0863b53de2278e719297105843edb58f31db973c65c51aba994d676882c5d24598004747689b69752289480a055321cc8059b6d432f784f5f858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d3cbbc5c6cf130c6a51683a98d5f6e28 |
| SHA1 | 97f10dd1e5c5e501244249d6cc421adb5315b592 |
| SHA256 | 32426b26b1de0fd4dd3ae40521a02377eef3a150b2740e5fa4dffc83331235b6 |
| SHA512 | d41e58c2d0c9ccfeb3ad82cb09d320b46ba2c5ca65d1c70ab45577aaf9f846e3dfe25470d1247f99dff94dfc386b2722f311d7279ce2c321e68d4ff5d11d8184 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6af4349ab711c96f6016c64deaa7cae8 |
| SHA1 | 63ed8a954e83ba14b3457aeb43785fb49bbb60cd |
| SHA256 | 4bad42eb161a3b78b3146f875bd4cbb059337f96dfe1159f43bfa122ffe50748 |
| SHA512 | 4348f4e68fa30062a6c5b240ecca9162c74215e85e3bb63c06bf0bf9cdd5c6a1127e4dbd09f214a7874c9f1d49eb197190531f5871b36f444fadd24e9e49f746 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 05a3a895db9d3afc68c91b7e6e631792 |
| SHA1 | eee2ac8ec5c3c5df5120154e8c9678a776985832 |
| SHA256 | bf055e8176f378c8b712a32f7198c629001ca49d4bbde35bfaf26a305ff0c115 |
| SHA512 | 3d1bc816312f5b8666186b118cb7c804c24d8bde057d7a2732798edcb017daecd0a6ab0d3faef3e63dc5b1e1249a76ffb2175002fffd7f90663f782fa319d80b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3c7b64bb44c66d1dfefd55aa8705869f |
| SHA1 | d05dc665c26d43122ca6b6d9f4dd4b30356e8f10 |
| SHA256 | 5ebd9e30a565efe9f805919227d3c275292b0e2945c535de9e2694c37fae5b55 |
| SHA512 | b4239e048075a2a7439af49156b7315cf6aeb34b3f6dfe162010db26eac0528451a1dc32b440dbcb0db83b29a1b1fc909662f9565db5bfa1740c788a2bd5af5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5de3eda99edd5637d1f0f646a49e1fbb |
| SHA1 | bcbc1b60642c7c4cf2f76a378fe9797ce1efdd0a |
| SHA256 | aea3205a918e3e9ff22b28f4399a4344fcb8d550110e65e505dfa1ba5ae06791 |
| SHA512 | 25550231bf54fd7c60a73774a99b185003ec3e00ddd262b7ff4dbe87a693a1db6ef7699dc0a7c8daca88b4aa51bce29db535bd19e8687b51c62961ea12b1409b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | beb76e00b394416878ebd3f32cab78ba |
| SHA1 | 8b7ba9e9372ae999e1c6bbbc78f6ff25e0a46163 |
| SHA256 | 77ea1b8700f39cff3a7f7c566ca23450977424086131c42da94449882c4cbcba |
| SHA512 | d16ba90104e1af32d9874ef849997c06a3bde15b71ab8883f422b05095bd3e421bef700c9d4288921dafb5122de3ddb55ebb18c145a9d81d8189f9f875d9d6ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2c04b4f03661a34d0457efd97bd99d7a |
| SHA1 | 936c3a0afa879c27f1fb7659a5dd4e72bf11681c |
| SHA256 | a4a1dfd611750ab97f8342122b1a17373df4ca16d80362e781a474710cb072cc |
| SHA512 | 95886db79dde7bcd9433cfbc8505e2ee8326cfd8c55f28469ce401f9c4fc2e330652f122eb5d73f00957bcf0371ac86b8b65bdd1e3d5092f8d2d15d23448ad9e |