Analysis Overview
Threat Level: Likely malicious
The file https://letabproject-my.sharepoint.com/:o:/g/personal/wikus_vanderwalt_letab_co_za/EjfOa7WTU6JImHdGjRYu9SMBYO1_ZREg15QFkz7wGSyvrw?e=5%3aFPCX04&at=9&xsdata=MDV8MDJ8SVRTdXBwb3J0QHByYWdtYXdvcmxkLm5ldHw0OTU2MTM5MWZlOTQ0YTY4NGYwNjA4ZGM5NWUyYjVjZHxhYjQ2NDRiNTZmNGQ0ZDc0OGVhOGUxODQ1OTY5MTBjYXwwfDB8NjM4NTUwMDQ4MTU0MTE2NzA0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXwwfHx8&sdata=QUZDeENyN2wzV0krUU80RmZzdWRDamlTdDNjcWJrT2lFUUNkanhyNUxaVT0%3d was found to be: Likely malicious.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: 05|02|[email protected]|49561391fe944a684f0608dc95e2b5cd|ab4644b56f4d4d748ea8e184596910ca|0|0|638550048154116704|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-26 14:05
Signatures
A potential corporate email address has been identified in the URL: 05|02|[email protected]|49561391fe944a684f0608dc95e2b5cd|ab4644b56f4d4d748ea8e184596910ca|0|0|638550048154116704|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-26 14:05
Reported
2024-06-26 14:13
Platform
win11-20240611-en
Max time kernel
406s
Max time network
412s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-423582142-4191893794-1888535462-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://letabproject-my.sharepoint.com/:o:/g/personal/wikus_vanderwalt_letab_co_za/EjfOa7WTU6JImHdGjRYu9SMBYO1_ZREg15QFkz7wGSyvrw?e=5%3aFPCX04&at=9&xsdata=MDV8MDJ8SVRTdXBwb3J0QHByYWdtYXdvcmxkLm5ldHw0OTU2MTM5MWZlOTQ0YTY4NGYwNjA4ZGM5NWUyYjVjZHxhYjQ2NDRiNTZmNGQ0ZDc0OGVhOGUxODQ1OTY5MTBjYXwwfDB8NjM4NTUwMDQ4MTU0MTE2NzA0fFVua25vd258VFdGcGJHWnNiM2Q4ZXlKV0lqb2lNQzR3TGpBd01EQWlMQ0pRSWpvaVYybHVNeklpTENKQlRpSTZJazFoYVd3aUxDSlhWQ0k2TW4wPXwwfHx8&sdata=QUZDeENyN2wzV0krUU80RmZzdWRDamlTdDNjcWJrT2lFUUNkanhyNUxaVT0%3d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe849b3cb8,0x7ffe849b3cc8,0x7ffe849b3cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1912 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2552 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4488 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6912 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,3644247048548677128,14116147950814010187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | letabproject-my.sharepoint.com | udp |
| US | 13.107.138.10:443 | letabproject-my.sharepoint.com | tcp |
| SE | 2.21.96.97:443 | res-1.cdn.office.net | tcp |
| SE | 2.21.96.97:443 | res-1.cdn.office.net | tcp |
| BE | 23.14.90.90:443 | m365cdn.nel.measure.office.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 52.108.8.12:443 | euc-onenote.officeapps.live.com | tcp |
| US | 52.108.9.12:443 | euc-onenote.officeapps.live.com | tcp |
| US | 52.108.9.12:443 | euc-onenote.officeapps.live.com | tcp |
| US | 52.108.9.12:443 | euc-onenote.officeapps.live.com | tcp |
| IE | 52.138.229.66:443 | eu-office.events.data.microsoft.com | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| IE | 52.138.229.66:443 | eu-office.events.data.microsoft.com | tcp |
| SE | 23.201.43.41:443 | spoprod-a.akamaihd.net | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 20.44.10.122:443 | browser.events.data.microsoft.com | tcp |
| US | 52.113.194.132:443 | ecs.office.com | tcp |
| US | 8.8.8.8:53 | 132.194.113.52.in-addr.arpa | udp |
| SE | 184.31.15.227:443 | wise.public.cdn.office.net | tcp |
| US | 13.107.246.64:443 | appsforoffice.microsoft.com | tcp |
| US | 13.107.246.64:443 | appsforoffice.microsoft.com | tcp |
| IE | 13.104.208.160:443 | storage.live.com | tcp |
| US | 13.107.253.64:443 | aadcdn.msauth.net | tcp |
| IE | 52.111.236.89:443 | augloop.office.com | tcp |
| US | 152.199.19.161:443 | npwuscdn-onenote.azureedge.net | tcp |
| US | 13.107.246.64:443 | appsforoffice.microsoft.com | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| GB | 23.206.73.72:443 | cdn.onenote.net | tcp |
| US | 152.199.19.160:443 | ajax.aspnetcdn.com | tcp |
| US | 13.107.246.64:443 | appsforoffice.microsoft.com | tcp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 89.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.73.206.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 13.107.246.64:443 | appsforoffice.microsoft.com | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| SE | 23.34.233.72:443 | fa000000012.resources.office.net | tcp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| US | 52.111.227.11:443 | tcp | |
| US | 13.107.6.156:443 | admin.microsoft.com | tcp |
| NL | 52.111.243.12:443 | messaging.engagement.office.com | tcp |
| US | 104.21.63.237:443 | lcdediaplayer.msk.ru | tcp |
| US | 104.21.63.237:443 | lcdediaplayer.msk.ru | tcp |
| US | 104.21.63.237:443 | lcdediaplayer.msk.ru | tcp |
| SE | 184.31.15.227:443 | res.cdn.office.net | tcp |
| US | 104.17.2.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| BE | 23.14.90.73:80 | apps.identrust.com | tcp |
| US | 104.21.95.193:443 | vocbooster.com.ru | tcp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 20.190.160.17:443 | login.microsoftonline.com | tcp |
| NL | 20.190.160.17:443 | login.microsoftonline.com | tcp |
| US | 13.107.253.64:443 | aadcdn.msauth.net | tcp |
| IE | 20.190.159.68:443 | login.microsoftonline.com | tcp |
| US | 52.108.8.12:443 | euc-common.online.office.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 68de3df9998ac29e64228cf1c32c9649 |
| SHA1 | be17a7ab177bef0f03c9d7bd2f25277d86e8fcee |
| SHA256 | 96825c1e60e4a87dc5dbae78b97104e6968275fa1602c69053d0192cae143f43 |
| SHA512 | 1658b0bc504a8a5c57c496477cd800a893d751f03d632ef50aff9327cd33ad0e4e4f27bcb85b20bd22bef2ca65600b7d92e2a1f18fd3d08ad6391983de77beaf |
\??\pipe\LOCAL\crashpad_3764_CWWPSZJOGYMJGWZJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f738fcca0370135adb459fac0d129b9 |
| SHA1 | 5af8b563ee883e0b27c1c312dc42245135f7d116 |
| SHA256 | 1d37a186c9be361a782dd6e45fe98b1f74215a26990af945a2b8b9aa4587ec63 |
| SHA512 | 8749675cdd8f667ff7ca0a0f04d5d9cad9121fd02ed786e66bcd3c1278d8eb9ce5995d3e38669612bdc4dccae83a2d1b10312db32d5097ef843512244f6f769a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9fae4a8b911d95d8ec647412c8a60851 |
| SHA1 | 3749cf409f40dce3e3324e83f7bb28b243dfdd80 |
| SHA256 | f4b7fb84311e368d526c9911c37adae5e2a513df5837cb694dcaf3044a304ad9 |
| SHA512 | e2f868e1df39ce8bd6397d7a1f287001b3ddeac81e822ed328f45520790bf8a4f8c7cdc99c0a6faed3fd929c749cf26f503c6dd4ac402934eb9727332cfd2742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 04fdea7331495638bf4f415cb98909e9 |
| SHA1 | 0ca54496cdaa6bb995c3ef82127da8364e2be6ec |
| SHA256 | 571690aeec8b1be1751112ddbe736cab1390c1b15755119bf02d3e99eaef469b |
| SHA512 | 645743dc205b9a67ca38e2568df34675efed6af036ec037aff61818afa7c48375bfdaad25d25c4b470b948e18191d097f716c129b5fa8d31bd00209eff561fe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 963134dbc53026547a4c2d842abcc9da |
| SHA1 | c06a2c5bf96643b29a960f8708c25d09ef2e79f4 |
| SHA256 | 4b13ede27e0fbe18793bd1f9dc6bbffedfe9dfeeee21a3c2fdce147cf80512c7 |
| SHA512 | 1dd75c2423ecea01986dd5611c0b2bb10ccfeb6f4a8c072f3f41a61ca959071d48e2032e96f00651aad27711c5d533ea0ab6b2961bc4604d84929f3a307658d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d81b9c684bd29147f8cc9b941b9d50cf |
| SHA1 | 865fd816e9de927400e21303bd713c61cace6e9c |
| SHA256 | c4e4718ac2920919d08cf14806e02dd3770cd8efd8ad85d1a5daffcb39772a94 |
| SHA512 | a12d2323e9c45dccbd233e739c9f79b3c6cfd9845d886f650fc126713b7ec0e35091d5635721be77892995b8762cf5f409f236456af5ccd2e85c685b98c816c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57acda.TMP
| MD5 | 4de967f8f2604b15fafda291df628157 |
| SHA1 | b124e016a393042cd6bf7455e58cd33084ae3516 |
| SHA256 | 58293f7a2fc0eb0a8b10ffe62f1325e7b6e6f8eebd8c6ab328948df110e62f98 |
| SHA512 | b19239fd1711a2d6260b8cc731d8c439d3fff2e5fdf68b714603762baef3ed8d10cc8a7f66d198e7f24a29312aad99e55e9150e335c699a7bb6d9b9ee7aa2e3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f8d50459db10d862e726566a13bc604b |
| SHA1 | 9b6a3f60a7b57d95273373204af425146bf5146e |
| SHA256 | 25ef7335674d5441384e13744d3d3d89abc5584be4cb5328fcaa18f303fdcff1 |
| SHA512 | 837acfc549e4e27e8e3e23c359ad254449c5a047bd2bae1afb739bd1bcf68925c3d136e8853dad95e7489d213c98f96f81d1b459423015d4e8e2c920e9e1246e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 716d71c9fdb7aaaeb90aeb3c04817c1c |
| SHA1 | a3a727596f367dbe88b53b96345d0a0043a718c9 |
| SHA256 | 22d3ceb1f867883e0fe0efa113c96280bb9315635d35408c22242af83271bdf4 |
| SHA512 | 8d1704214d7be193161bf93fcb68cfea65e095681102421781d69aa509c3439d8af01754310510e928e08f3a61b8d156ea24e1b6cad7fc41a9623a6bedd7145e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | df33b18b9003abd1ff51bf9bd87e403a |
| SHA1 | ff59399c92fe0619fc608221c236537bd858c603 |
| SHA256 | f43be0cd24e2e26d84d2e0b6209479d01daa1389bac953bd61e9ed029191258a |
| SHA512 | c679ce15cd7271dd0371bc2909cdd690e4216efcc824a5af6e6e0df6a95b1d4c04c774bc427972e2a38e12561e6562271f3ad154e883dcfd0fd5ae1d1a3575c6 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 76895a9958fcec9da538d1d9f09db9c2 |
| SHA1 | fd939724a66719fd6acfb55cd44ce901c9cb5fbd |
| SHA256 | 728c9cfd134307c0dbbefc344282c946b32f7f44d9c6b8af997636359b98257e |
| SHA512 | f773262b808ec110def178dc79fb8da03bed38ed275fb6d002afe80a34f28f68f619163d589946eb3c8acadf436e72682a2a721fc3907718a903c84f02d93db6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b00a17de7490d27125bbaa331c6fc67c |
| SHA1 | 52c20adeb2c6a50b96e30c2700f0ca1d4d101dc4 |
| SHA256 | f1d65d6245bc711ce224948e9169e790fdc1a6745a30db30f8c7b6023e1a8968 |
| SHA512 | 5e146cad33bbabe5da0158e52b02ba62128059c59468933edb493566abbff7f1b9ba2c9d9397b970d0a39c108d8b9195cf886ee9ac3a0b5dd32e9dca8a0f7362 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1132fea62efd284a7f534432b06cdf91 |
| SHA1 | f39528c69ba4e180c926189a9d8e79eaab53e42b |
| SHA256 | b9eeb3550dfc7b88dab168add67f8c82f5e188588dad83e35199402a3eeab19f |
| SHA512 | a7c9c6cbd90a156b34cd8d0ea7ec428344d866e4dc5208c4589d9bf8388fbbcc3620a7604ec85708d7ec693d1437dfeffbb6132ac159ec53e0ea0d496cf087b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e899e44220e06c00803fd11a6fac11aa |
| SHA1 | a42ad17bedc12f9c08d1829a7c283a8b97acf191 |
| SHA256 | de7e42e62674e95ee772bbfaf5446230d55b267c81a58c1d85a28bbc93480695 |
| SHA512 | daeb2f04d3ef88001e25a82deda092130b0301c3991a8248efed506206ed877838b58efb4ce60ee6f527765537d242de0c0e5807de4a5754eaf326b29c4d46c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c6930418-177b-46df-9cb1-983064c03e78.tmp
| MD5 | e40e424f042e8e815ec6ff8714851179 |
| SHA1 | 159af4034df3d8c7173374b4037bdb66ed471fe5 |
| SHA256 | b8fec06d21a9c5fa5bc64503be51edf63d229be6998457e130367ec42b86cd89 |
| SHA512 | bf4837a418b1914429c4ede68bc7e48cafa7cc20fc123a50451c1621f3a9d211b0195d456cdae2affa3bbd73d71387b1232d619505b58ddbe7dd34e8ec517324 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a8b0f9b59aafd2d88c3d0fb12346c9a1 |
| SHA1 | 50cbbd29cc6a8b919ab207a97a776cd5fdb53972 |
| SHA256 | 8e760cb5814bb10fcbd588fe9ad6ba5a309901b26f94433f5079b78200469b08 |
| SHA512 | f20de0b2fbe7809c4338679266f1f7b3d218b3af497295bbfbbaee358b0f6cddcf0c34911b5c948b2c790c304b160fcc0729595a41f4256040617216c557a98b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d808434bd499caced8748f26552544f4 |
| SHA1 | 029e4f5ce107f6b3a828bb1f78ac413adc73b2dc |
| SHA256 | 669a3392650605bd4d5a183f1948df83d826f3a76816b7a155df1cb67d14bffb |
| SHA512 | 995c0e60adc12edbbd193a6e509265036b5b67f45c2673e5157482a9f741b34b93b259eb95653e8e267ace8ddc427b5cc8ba886819333fc95d8f3ba17a261e37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 64e60fc94dcb919ede16e73ab6779843 |
| SHA1 | e9d16628293a0d2b10cd1eb436883138ed2168d1 |
| SHA256 | 64836c4157d5daa47081930d2eeb3ae2349622c0f71615426fa53158a345efb0 |
| SHA512 | 510a21191e1de187020d3a7d0b74e2f9789f78576aa47cbc476087077430e966635979a8e44d61befff60e49f8056f943dc0242cecf0266362768b8856d3cb33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2d4d10a9f1a004877cb3392618c2e78d |
| SHA1 | 8cbfa272eb88c09b6bea000758b33b131eca6248 |
| SHA256 | d2ad588f606722206a20f4d9a205cb15206b635eadb0e054e57c4d24313a356e |
| SHA512 | a0c9f678c15b7c310804ecc875b0b241313f7d04439bf9562e64342649f9bbc9da01d2a4c8d84b36bdbc2f2bbe8c66e0cefaa628b00826e2119d0891714d8d9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0225883ff19370da9db803ae63de7588 |
| SHA1 | 3ec5b17c17311b8c81baa51e0febdb14ccbc060c |
| SHA256 | 560036abfb3b07f36857d63ed0594a20f0e3ecc9c8adc39e7f30dd32331f9b41 |
| SHA512 | 86d63c28e51606fa207dbbce956fa2049f9cefd9d18f86dffb1d454a48bd8473f2c21355b05bc37af92fde3429f9b76813749a95daaefc5c7489256a8b8a2ed6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2d6d2d31a1c3a5c66295c9aa9c81c1c3 |
| SHA1 | fbf7cc35ec33b6293fb6a14408b7b9874e648659 |
| SHA256 | bf53d3dad3c05a84cf563ec7c3f9c544715ecdfe19dca8025ace7cb6a1ebb436 |
| SHA512 | c0466ffaaff5201677eaa95d62db9834318f9d8858eaa556b600283192254bc65cf76e91d8077f334a707dfb617eb374509353b084a49bd5989c761d24d5d760 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f85d7c7037ce6e71cdad520ee6f87aba |
| SHA1 | 8e6ea83a99c4d8c5dce4267aa71766b4ceebe974 |
| SHA256 | 0298c382944d670b21cda9483207ae7ac5660481f3f25606fc2ccbc8ad3756d0 |
| SHA512 | ae60d3cdb3a33417b333d171a4fd6e14008c0a355115adb8d6062f48641ab395bf490c494d568434832a8a6cc1ebe3d9d590cbc15a7b3579561f540a2f598ff6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ab26eb11b04a7b66e654fdd42a1c9eae |
| SHA1 | 5d0d370508f62ee09b1f61b0e1a0f8ea0c1b21da |
| SHA256 | ec7cb52372cfe1840f4efce587ed247276e42cd5cbf017c8c9b52a4cd45b57d3 |
| SHA512 | 479fe4657f73a5ba8b8df9c302b18242f721dca48304c0db9266a1032fd25d89591d0d0da02507bac97ab75459848946fba88f06b619ed0a0599eaaf88dc0445 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4feccc8c55444a9f4b180e0294e3c510 |
| SHA1 | 597a929b0cc237bc7260e79dd9cd168c87ab086b |
| SHA256 | 16b8d333b5a81f6817593aa06009da107cb3e240fc7d20b62a62b99298a69b5d |
| SHA512 | c032af53735dd35b906fd303275fceb4fab4dc89a5c0889f947fd4cc35ed6a6ba487de9f96e62ba10cafaac360c7e5ff6f91c1043f72d48df4f5b4c4b19b6b9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 115eb43858b6a751b6a5f8e346472b99 |
| SHA1 | 0e47cd2c2e849ed524b919e34ce89b0b36605ae7 |
| SHA256 | 755ce96f7f3547a91f5b788cf84636864f99ada60ef18398e9a29e021f21adb8 |
| SHA512 | 7166b362391f1326243759e1fb0772bcb7b377c06df73f0dd1c86fcfc7b2424787adf0f1818515c2a491cb8be23acf76512021ba26ecb08061395fbc318f1dc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6a2d7b8d54eb45ebde413cbe097be17c |
| SHA1 | 682ace52bc3598420f7953785604765e049bc492 |
| SHA256 | a316687dc05867bcce9f3d983c8a3ff8f308dd728b441ac8139197db393b8ddc |
| SHA512 | 73ebd0e938c44852bdceb2b1a3ccd265dc6e627f9ed6b1569a6aaffe97d31faface035969c85eea5c9991512439ef2e87a48f6eafd762939146cac8fbf7f3b7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7ce0c8ae4d18fa11479dc1871e4dfd23 |
| SHA1 | 3ec743ee47511685d118effd3bc14cd4cbfb3717 |
| SHA256 | eadae4830a9608a1b66c264d12e63690b96e0f75c1ffd6a38e225f68bde82b4e |
| SHA512 | 8129403d2727337a312126325de998b778a4b7730a8eba6945bcbffe84b6a7da11e18b19aeed7fbe80175c31670e262de0fca725f6c3a7d54bed6cc9a4d1d506 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7cd200d674a956fe3b9868b073aa748a |
| SHA1 | 5210df7ff1ca68cf73d3e9fda877b2b846eb39b7 |
| SHA256 | 7e8ecef842b4d9f4fec97525f9d5ea716a5a91ac72f3f2d03c7ffcc5c1d34a98 |
| SHA512 | bae380d89858bc39d8fc0d37b7095c8bd1d9578a846d564b1008e84cdf6d7ad61ee7a001523bc693828ae3107504f5ab221f8742d42c11e9d6b78e8b91d61183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 39bd9026ddf7c1a839420adf46c83b3b |
| SHA1 | 442c3dbbd1cc339bf6599c77f79b1344356f8abd |
| SHA256 | 731f1592507a29ec70b1cbdd26006a04c59d2ce238b6f1e498903aed3275204b |
| SHA512 | c61f3aa32cc7d1da5442c646216d542fe61c0de6a528a5993e86fceb592762a17ed6662db95780e67be67b8cf65446d66558340dcfa0eeda5083253df00e8379 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d5b317cfd1506ef4d1c6d54a0ff1fc8c |
| SHA1 | ed9865c05c29e98793c3774731e77e53251554ae |
| SHA256 | 2c803b8a70ca2fa854df2be3e0abc89ce807465ceb885ae8c9b259886f6ebc7a |
| SHA512 | f23e933d7b6f58747ff47098646b05e926ed199be68d630362cc4fff2ff426aa2b04d929d84d151f022c083c4b03044923e50235a04fc6a571d1dd2d08253b88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8a18abe89681d2d8348a928acdd1e66e |
| SHA1 | 557f1fbc45b9f9c4b0ae4b7efdb0ab022f65fe37 |
| SHA256 | b849e4950be2fe4bc7aa6424cf3477774360ce0dfad387efde8f256e560449af |
| SHA512 | cffc7e0446afb7eef476c757f74a85c8cf422dc142d90914ac9d565af00807107970b8d9acc59d92f3c0d5f87d2164e649ddcf3b6710e192b4e96abdccb31058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 995ab986b90d73c02e1d2b88b9ca1a8c |
| SHA1 | ef219724765d39de7a2280b1f078418efb2586ed |
| SHA256 | 9cfd0e0d6c592322f6c5ee185f2d712ce746aeb2ef6326371825bed311e7ef6b |
| SHA512 | 8376d6120d91659d642808210fc6d11ae332146e933bc6fef8a8bf3c2de3227f9e5c2e4fff0c5037b6f2d0baf9463c274ddd45fadc40213f40cdb137d513baf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eb474561908fedb7fa5971632a24b12a |
| SHA1 | e6545eec717598848363817294fe8b805a388753 |
| SHA256 | b21f84a136965a2179a492f821954498f7ba4724bd7da1fea8e0d13e21bbcf8a |
| SHA512 | 133933086b05b192450f3ba6914719da53f7e20e8a4f26a1438197dc5631b31e97b658376785cd3e567ef56107d9218c1ea8b1e27d8112a13cad787144b25fc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e868f15d7f01adc3b6b3c6604e69dbf3 |
| SHA1 | b41957dbd2a9ec52c55bfea4cd7d33b7d562ae60 |
| SHA256 | bd1a2a366bd73e4e7d45b779ea0f88b31bfc59bd3f3d3da04b85664016015459 |
| SHA512 | 2d25b53453a356c96a87478932b4e115e4d3bd8cc9e5019a25d545f5913b9989a7228904e22998dfc87ac0ca8a201553a8037a8098446bfe6112d351a9b2192a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c5022aee108d35d89fc62237ce3f625 |
| SHA1 | 79afe42f46d0e32aaede1fc552be871356f4cf4d |
| SHA256 | 9bf91f742391aed9fd6a781ebf927f9269fef80104f5fd852a391cb93e2442c0 |
| SHA512 | 57896681b124277373cd78e3b3bc2a99c57a700b351117c8381a38d99fec67a8f247b399ce2ddd503f7a151df6f6e4ff53ea9e6d506e00487ab6c43f8bf599f7 |