Analysis Overview
Threat Level: Known bad
The file https://sc.link/Qlyrs was found to be: Known bad.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-25 20:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-25 20:20
Reported
2024-06-25 20:21
Platform
win10v2004-20240508-en
Max time kernel
84s
Max time network
86s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sc.link/Qlyrs
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbaf3846f8,0x7ffbaf384708,0x7ffbaf384718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4752 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,5278528299448126311,4338611695736695668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | sc.link | udp |
| RU | 178.248.232.231:443 | sc.link | tcp |
| US | 8.8.8.8:53 | bitly.cx | udp |
| US | 104.21.91.178:443 | bitly.cx | tcp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.232.248.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.91.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steaemcoonmmunnltly.com | udp |
| US | 104.21.46.50:443 | steaemcoonmmunnltly.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| BE | 104.68.92.92:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 50.46.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.63.101.171:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| GB | 142.250.187.227:443 | recaptcha.net | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| US | 23.200.189.125:443 | store.steampowered.com | tcp |
| IE | 2.18.24.8:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 92.92.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.189.200.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | community.cloudflare.steamstatic.com | udp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | community.cloudflare.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.17:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 105.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.24.18.2.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| IE | 52.111.236.23:443 | tcp | |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | eaa3db555ab5bc0cb364826204aad3f0 |
| SHA1 | a4cdfaac8de49e6e6e88b335cfeaa7c9e3c563ca |
| SHA256 | ef7baeb1b2ab05ff3c5fbb76c2759db49294654548706c7c8e87f0cde855b86b |
| SHA512 | e13981da51b52c15261ecabb98af32f9b920651b46b10ce0cc823c5878b22eb1420258c80deef204070d1e0bdd3a64d875ac2522e3713a3cf11657aa55aeccd4 |
\??\pipe\LOCAL\crashpad_2328_GUNPHYHEZNVVUPJY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4b4f91fa1b362ba5341ecb2836438dea |
| SHA1 | 9561f5aabed742404d455da735259a2c6781fa07 |
| SHA256 | d824b742eace197ddc8b6ed5d918f390fde4b0fbf0e371b8e1f2ed40a3b6455c |
| SHA512 | fef22217dcdd8000bc193e25129699d4b8f7a103ca4fe1613baf73ccf67090d9fbae27eb93e4bb8747455853a0a4326f2d0c38df41c8d42351cdcd4132418dac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 86d09aa51e94c43c48b02c59cf0bfe6a |
| SHA1 | cfd794d949d589b2f3e8a688aeb531d3e97e1567 |
| SHA256 | a23fcc9d4fc44181172f7daf9abe28a08cd526749829aea0064026434967f158 |
| SHA512 | be7b8419f32a3bab2023fa04b480d3f3e2afc47a3531f8e3fb13197563201388a2113defd00256cced819a234ab90fe8ebf24599fb3f5574e8d580ee6c5aff17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6715754ae76107db623405480c04e2d7 |
| SHA1 | 8701cbb84aeb66e3b2b966a02b38be2045d5a00c |
| SHA256 | ead40f050d968e5118d77da0bdeb40d6c695cfde9cba4a2f0dccca38b45a9c49 |
| SHA512 | 46c50179c62a0527cffac688c452717cd6e19d2772f924934108e2cd3501e35655e61e5f8bf79bd188521c89adbf9e0fe117a1389502f6a1d7be1f62b53dfab4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cfc55ab3e8a65c347a973c6d9b226d79 |
| SHA1 | af561420cb1516b57b37a43ebca05d1e0a26b9cc |
| SHA256 | 932bb93fcb944f5fb4cc651d47dcca57416fd46bd63ec17e85447b101bf2a51e |
| SHA512 | 77bf44999c6d5915bc123c46fde2598221f8a3e7fd166344952dc6054a8f7979bc0d49888b231968f0b204003239b9bccaa5d6aec421c9cd52c252cc951264b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 337c76b034992bee3a554a83cd71463c |
| SHA1 | 1c7581178ebe2043a986dddd5bb423f982457b72 |
| SHA256 | e2b4faff479742041c8811c988c8458c4f23dc1588b0289b2c1e130f14ede86a |
| SHA512 | 0e846408211a19f68cab8c1b516190212be60cc9caa75533ff8b002bb47eac95d86cb90c087e256329935619504e9488beee937b49ae3bf63e7f45d9fbbf00b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e5242682c6beccdfd9cad8c56e50295d |
| SHA1 | b503eba77bbcc5048afc706e098e5f9895e58097 |
| SHA256 | ba1e6ba963e1641b4324f56f80e8277ed032a3390910754e536e0fbe3d2ce831 |
| SHA512 | 6399a4bccd334fae97b09115b090a7b2d237ff7fe58e4d3cb0678b0060c767cf8fd82ddd4bc7c05fdc7d96e3b171b5147cb285cf8c972925936c62b430c010da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e8a1adae354344e1174ce96b31ba9c90 |
| SHA1 | 46cee0bf8e9fffad89a9eb031c8d25951e2b2611 |
| SHA256 | fe4fdd5c0e0edadf4195259eec560803e8cb33791cbb17e352b4ed158dd6c93b |
| SHA512 | be31b2a7e2327dcbf68e6cbc95ea072bbf93dc37e228b717979309cae67ae11481d2ee9a5a9c12de1a242f1d98197ccda029678d130a49d17a5985c2eb962f9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e6f9ad9d5300b04014c126766a61f7e1 |
| SHA1 | 53d8db0d6aca95f179da623578cfaa0ed8531840 |
| SHA256 | 76e05d76b57694e7d49efd473e8c957d5e03f8f52c16b816b65dfa612a9e81f2 |
| SHA512 | b8b6092238ed6b29dfb5b12c915b4a4b71ba2247ea3e38e416593a1360985dad290ffd18814c250d759275d1ea56769b5d416e1ad54b432e938b4ef9ea7e009e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c4e25ca51e039fc24864486adb0eeb64 |
| SHA1 | 2caf3f9d4630948ec1c5eed853f1c36e4389bfc9 |
| SHA256 | ac5266babfcce7c8af79d7295ab2f67951cb97ca8873f48263eb9fbb99650cf3 |
| SHA512 | 00ad3d0c6e28168d3d1216aa1d3352389eb6c6f5f4c4782baf79096b24abd3c3bbecdb1b7a7c2af54c5cfad4cb71a85c9c7c2f8f014aa72bd9a7da98b351648a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 57613e143ff3dae10f282e84a066de28 |
| SHA1 | 88756cc8c6db645b5f20aa17b14feefb4411c25f |
| SHA256 | 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14 |
| SHA512 | 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 2d64caa5ecbf5e42cbb766ca4d85e90e |
| SHA1 | 147420abceb4a7fd7e486dddcfe68cda7ebb3a18 |
| SHA256 | 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f |
| SHA512 | c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96 |