Analysis Overview
Threat Level: Likely malicious
The file https://vk.com////away.php?to=https://tracker.club-os.com////campaign/click?msgId=ds0i838c6bd137e6a03157c6c728cbc659e734fc398%26test=false%26target=circuitovtr.com.br/dayo/u4wzs/captcha/[email protected] was found to be: Likely malicious.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: httpstracker.clubos.comcampaignclickmsgIdds0i838c6bd137e6a03157c6c728cbc659e734fc398testfalsetargetcircuitovtr.com.brdayou4wzscaptchatest@sk.com
Legitimate hosting services abused for malware hosting/C2
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies registry class
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-27 18:30
Signatures
A potential corporate email address has been identified in the URL: httpstracker.clubos.comcampaignclickmsgIdds0i838c6bd137e6a03157c6c728cbc659e734fc398testfalsetargetcircuitovtr.com.brdayou4wzscaptchatest@sk.com
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-27 18:30
Reported
2024-06-27 18:33
Platform
win10v2004-20240508-en
Max time kernel
148s
Max time network
152s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | yandex.com | N/A | N/A |
| N/A | yandex.com | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4124900551-4068476067-3491212533-1000\{649B1646-DCD4-45C3-BB64-55D48030A344} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://vk.com////away.php?to=https://tracker.club-os.com////campaign/click?msgId=ds0i838c6bd137e6a03157c6c728cbc659e734fc398%26test=false%26target=circuitovtr.com.br/dayo/u4wzs/captcha/[email protected]
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8f40f46f8,0x7ff8f40f4708,0x7ff8f40f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5028 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6280 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,12328829580940975062,16938651809019410658,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1880 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vk.com | udp |
| RU | 87.240.137.164:443 | vk.com | tcp |
| US | 8.8.8.8:53 | away.vk.com | udp |
| US | 8.8.8.8:53 | ad.mail.ru | udp |
| RU | 95.163.41.56:443 | ad.mail.ru | tcp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.137.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracker.club-os.com | udp |
| US | 35.170.14.114:443 | tracker.club-os.com | tcp |
| US | 35.170.14.114:443 | tracker.club-os.com | tcp |
| US | 8.8.8.8:53 | privacy-cs.mail.ru | udp |
| RU | 95.163.52.89:443 | privacy-cs.mail.ru | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | stun4.l.google.com | udp |
| US | 8.8.8.8:53 | stun3.l.google.com | udp |
| US | 8.8.8.8:53 | circuitovtr.com.br | udp |
| US | 8.8.8.8:53 | 114.14.170.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.52.163.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.41.163.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| BR | 177.53.140.240:80 | circuitovtr.com.br | tcp |
| BR | 177.53.140.240:80 | circuitovtr.com.br | tcp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun3.l.google.com | udp |
| US | 8.8.8.8:53 | k1g.ticemi.com | udp |
| US | 172.67.167.161:443 | k1g.ticemi.com | tcp |
| US | 172.67.167.161:443 | k1g.ticemi.com | tcp |
| US | 8.8.8.8:53 | 129.250.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.140.53.177.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.167.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | poky.25bvnw8.ru | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 172.67.197.249:443 | poky.25bvnw8.ru | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 249.197.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.alibaba.com | udp |
| BE | 104.68.85.25:443 | www.alibaba.com | tcp |
| BE | 104.68.85.25:443 | www.alibaba.com | tcp |
| US | 8.8.8.8:53 | s.alicdn.com | udp |
| US | 8.8.8.8:53 | g.alicdn.com | udp |
| US | 8.8.8.8:53 | 25.85.68.104.in-addr.arpa | udp |
| US | 163.181.154.215:443 | g.alicdn.com | tcp |
| US | 8.8.8.8:53 | assets.alicdn.com | udp |
| US | 8.8.8.8:53 | insights.alibaba.com | udp |
| BE | 104.68.85.25:443 | insights.alibaba.com | tcp |
| BE | 104.68.85.25:443 | insights.alibaba.com | tcp |
| US | 8.8.8.8:53 | sale.alibaba.com | udp |
| BE | 104.68.85.25:443 | sale.alibaba.com | tcp |
| BE | 104.68.85.7:443 | assets.alicdn.com | tcp |
| BE | 104.68.85.25:443 | sale.alibaba.com | tcp |
| US | 8.8.8.8:53 | aeis.alicdn.com | udp |
| US | 8.8.8.8:53 | i.alicdn.com | udp |
| US | 8.8.8.8:53 | open-s.alibaba.com | udp |
| US | 8.8.8.8:53 | marketing.alibaba.com | udp |
| US | 8.8.8.8:53 | onetalk.alibaba.com | udp |
| US | 8.8.8.8:53 | passport.alibaba.com | udp |
| US | 8.8.8.8:53 | tradeassurance.alibaba.com | udp |
| US | 8.8.8.8:53 | ug.alibaba.com | udp |
| US | 8.8.8.8:53 | 215.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.85.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gj.mmstat.com | udp |
| US | 8.8.8.8:53 | buyercentral.alibaba.com | udp |
| US | 8.8.8.8:53 | bdc.alibabachengdun.com | udp |
| US | 47.246.136.160:443 | gj.mmstat.com | tcp |
| US | 47.246.136.160:443 | gj.mmstat.com | tcp |
| US | 47.246.136.160:443 | gj.mmstat.com | tcp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| US | 23.219.235.76:443 | onetalk.alibaba.com | tcp |
| BE | 104.68.85.7:443 | i.alicdn.com | tcp |
| CN | 123.183.232.65:443 | bdc.alibabachengdun.com | tcp |
| US | 47.246.131.241:443 | ug.alibaba.com | tcp |
| US | 8.8.8.8:53 | fourier.taobao.com | udp |
| GB | 79.133.176.222:443 | buyercentral.alibaba.com | tcp |
| US | 8.8.8.8:53 | activity.alibaba.com | udp |
| US | 47.246.131.139:443 | tradeassurance.alibaba.com | tcp |
| US | 47.246.131.139:443 | tradeassurance.alibaba.com | tcp |
| US | 47.246.131.139:443 | tradeassurance.alibaba.com | tcp |
| US | 47.246.131.139:443 | tradeassurance.alibaba.com | tcp |
| US | 47.246.131.139:443 | tradeassurance.alibaba.com | tcp |
| US | 8.8.8.8:53 | rule.alibaba.com | udp |
| US | 8.8.8.8:53 | app.alibaba.com | udp |
| US | 8.8.8.8:53 | buyer.alibaba.com | udp |
| US | 8.8.8.8:53 | inspection.alibaba.com | udp |
| US | 47.246.131.241:443 | inspection.alibaba.com | udp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | 160.136.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.235.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.131.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.131.246.47.in-addr.arpa | udp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | ipp.aidcgroup.net | udp |
| US | 8.8.8.8:53 | itunes.apple.com | udp |
| US | 8.8.8.8:53 | logistics.alibaba.com | udp |
| US | 8.8.8.8:53 | my-health.alibaba.com | udp |
| US | 8.8.8.8:53 | partner.alibaba.com | udp |
| DE | 47.246.146.191:443 | us.ynuf.aliapp.org | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | reads.alibaba.com | udp |
| US | 8.8.8.8:53 | seller.alibaba.com | udp |
| US | 8.8.8.8:53 | service.alibaba.com | udp |
| US | 8.8.8.8:53 | supplier.alibaba.com | udp |
| US | 8.8.8.8:53 | 191.146.246.47.in-addr.arpa | udp |
| GB | 79.133.176.222:443 | buyercentral.alibaba.com | udp |
| US | 8.8.8.8:53 | activities.alibaba.com | udp |
| US | 8.8.8.8:53 | ai.alimebot.alibaba.com | udp |
| US | 8.8.8.8:53 | img.alicdn.com | udp |
| US | 8.8.8.8:53 | www.lazada.com | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | www.tiktok.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | apps.apple.com | udp |
| US | 8.8.8.8:53 | baba-blog.com | udp |
| US | 8.8.8.8:53 | biz.alibaba.com | udp |
| GB | 79.133.176.234:443 | img.alicdn.com | tcp |
| GB | 79.133.176.234:443 | img.alicdn.com | tcp |
| US | 8.8.8.8:53 | g-sellercenter.taobao.com | udp |
| US | 8.8.8.8:53 | global.alipay.com | udp |
| US | 8.8.8.8:53 | i.alibaba.com | udp |
| US | 8.8.8.8:53 | rfq.alibaba.com | udp |
| US | 8.8.8.8:53 | rulechannel.alibaba.com | udp |
| US | 8.8.8.8:53 | survey.alibaba.com | udp |
| US | 8.8.8.8:53 | talent.alibaba.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | world.taobao.com | udp |
| US | 8.8.8.8:53 | www.1688.com | udp |
| US | 8.8.8.8:53 | www.alibabagroup.com | udp |
| US | 8.8.8.8:53 | www.aliexpress.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| US | 8.8.8.8:53 | 234.176.133.79.in-addr.arpa | udp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| CN | 123.183.232.1:443 | bdc.alibabachengdun.com | tcp |
| US | 8.8.8.8:53 | air.alibaba.com | udp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | px-intl.ucweb.com | udp |
| US | 157.185.188.1:443 | px-intl.ucweb.com | tcp |
| US | 157.185.188.1:443 | px-intl.ucweb.com | tcp |
| US | 8.8.8.8:53 | baize.alibaba.com | udp |
| US | 8.8.8.8:53 | offer.alibaba.com | udp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| GB | 79.133.176.211:443 | offer.alibaba.com | tcp |
| US | 8.8.8.8:53 | tags.creativecdn.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| RU | 93.158.134.119:443 | mc.yandex.ru | tcp |
| GB | 89.187.167.7:443 | tags.creativecdn.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 1.188.185.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | asia.creativecdn.com | udp |
| SG | 103.132.192.30:443 | asia.creativecdn.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| FR | 185.235.86.153:443 | ag.gbc.criteo.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| NL | 185.235.87.71:443 | gem.gbc.criteo.com | tcp |
| US | 47.246.131.135:443 | baize.alibaba.com | tcp |
| SG | 103.132.192.30:443 | asia.creativecdn.com | tcp |
| US | 47.246.131.135:443 | baize.alibaba.com | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | sslwidget.criteo.com | udp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | sync-t1.taboola.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | r.casalemedia.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 8.8.8.8:53 | matching.ivitrack.com | udp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 172.64.151.101:443 | r.casalemedia.com | tcp |
| NL | 141.226.228.48:443 | sync-t1.taboola.com | tcp |
| US | 34.117.157.22:443 | matching.ivitrack.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | tcp |
| DE | 141.95.33.120:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| IE | 34.246.179.114:443 | ad.360yield.com | tcp |
| IE | 52.212.126.131:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | exchange.mediavine.com | udp |
| NL | 23.63.101.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| SE | 23.34.232.19:443 | contextual.media.net | tcp |
| IE | 54.171.23.218:443 | jadserve.postrelease.com | tcp |
| DE | 52.59.3.190:443 | exchange.mediavine.com | tcp |
| US | 50.31.142.255:443 | sync.outbrain.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 18.196.251.50:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | criteo-sync.teads.tv | udp |
| US | 8.8.8.8:53 | criteo-partners.tremorhub.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| SE | 23.34.233.33:443 | criteo-sync.teads.tv | tcp |
| US | 3.227.203.124:443 | criteo-partners.tremorhub.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | ad.yieldlab.net | udp |
| US | 8.8.8.8:53 | sync-criteo.ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | e1.emxdgt.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| SE | 23.34.233.189:443 | ad.yieldlab.net | tcp |
| DE | 3.76.127.247:443 | e1.emxdgt.com | tcp |
| IE | 3.248.0.14:443 | sync-criteo.ads.yieldmo.com | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| GB | 142.250.200.34:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 7.167.187.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.134.158.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.131.246.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.192.132.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.157.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.179.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.126.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.101.63.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.23.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.3.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.232.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.251.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.0.248.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.203.227.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.127.76.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.233.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cashier.alibaba.com | udp |
| US | 8.8.8.8:53 | lang.alicdn.com | udp |
| US | 163.181.154.215:443 | img.alicdn.com | tcp |
| US | 163.181.154.215:443 | img.alicdn.com | tcp |
| GB | 79.133.176.219:443 | cashier.alibaba.com | tcp |
| BE | 104.68.85.25:443 | lang.alicdn.com | tcp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| CN | 124.239.14.250:443 | fourier.taobao.com | tcp |
| US | 8.8.8.8:53 | 219.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.com | udp |
| RU | 5.255.255.5:443 | yandex.com | tcp |
| US | 8.8.8.8:53 | core.yads.tech | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | sync.sharethis.com | udp |
| US | 8.8.8.8:53 | gw-iad-bid.ymmobi.com | udp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| US | 35.153.23.177:443 | core.yads.tech | tcp |
| US | 47.253.61.56:443 | gw-iad-bid.ymmobi.com | tcp |
| IE | 34.241.72.243:443 | sync.sharethis.com | tcp |
| US | 8.8.8.8:53 | 5.255.255.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.72.241.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.61.253.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.23.153.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gm.mmstat.com | udp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
| CN | 59.82.33.226:443 | gm.mmstat.com | tcp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_2208_NZMDODDEOKKKPTCN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 686875a641906abbb972d29b8a6ed86f |
| SHA1 | 44235afa4a5bd1eb53d663e3266b623d54b72850 |
| SHA256 | 973c7a7f5d59d5a95a087d9781ac0bebc83f68e87ab2ddae02022fe0fc4737fa |
| SHA512 | bcb381c5e82b26761f7bf3841aeaf4d6a347007a53ba12b2072882418587e4b6be25501a2b86b9c4caefcb39b13359042896cdbc8c8bca1068785551081cac51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9e1234394d59a2ea6c9ae7c0f1f542c7 |
| SHA1 | 2c93788252ecc5ec3833a5f3d41a930f3c673ad6 |
| SHA256 | b8c3cfa1a59eab235d67853bc10b009950ea069344ac11598ea37f0e86461f8f |
| SHA512 | 2cc269e0036002ae578acfe92d0482e7ee6114fb1f8e1d7e98e84306b15661da63176e430b7706f6a73bcb0bed398a28b98825402bb476a03349bef0f2cf610b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 48ac448faa15b5ff8f47ce7782b92631 |
| SHA1 | cf3f0eea0bd2dccaff696650eddd632ffaaf0da9 |
| SHA256 | 07fdad6234ca102675cb5e8d1342541fc79b37687f02e8e90aac2dc9b873139b |
| SHA512 | 63bbaf20083cc9f7fe39377ea67336a1b24451aa6a1b96c1dd0f0a410053a21b20a0659d514f7d32b414c32371127c0be2c7ba9740279a7ad972bf47697caa6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07b5c161ae65675760b0c0e0b83d902a |
| SHA1 | 3021dce49f3fdd0843193d60d1ddae6403934e1f |
| SHA256 | f8c269527ab7287347c56b0871a3bc333f74ce8d810eede980dbb6e7a845c15d |
| SHA512 | 6918744f3bb8c7b9d880772310a47ada8ef63ae30e51eff9c016e76d824548cfe7f12f63e2ef4e76c6c1822eb26e0b5ab99f86157b411c19f9dc5a056589e60a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe579ccc.TMP
| MD5 | ca5b931d68591f0189463f2a7318db3c |
| SHA1 | 39ad8185f7cd4d582bd26a01d75558e3f90e654a |
| SHA256 | 2569a331f6dfc8502c673ad762e6c773bbb8ce9659fb1f263e86c47b22d8df2f |
| SHA512 | 441ebc3d8400a4537f29d0b33b3099cd027d4dec8cfe8ca2505ecbe0ab232f14341195c4295b4a7120303593c845f50f4705fa53bf06d6b085ed580af23aa96d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b101bd3e793b2e0a36f4c309af04f77a |
| SHA1 | 136b6d02e96ac7a0b1ae5615a0f5492895b3ec48 |
| SHA256 | e759c84a5483f521324934650a7d6dfca59e366bcf10cf98a04812d8c30acc41 |
| SHA512 | ccaeb183c45c40a87e8ed649d256688657782ee1874bcb057cb75a81602510ecddb745eb18c4c64db32ea91adfe416a952876be8db83c53c27db706210047d4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d
| MD5 | 008d0ae10f41631bb124d78799baf5bb |
| SHA1 | cd5956db2574b3e718d8e87f3e4af79e2a3b5e0b |
| SHA256 | a0aee1664677fce87357ff299c236f12803be313c1838a312d779ccf1ce0e590 |
| SHA512 | e4c1c5a8d88b6e0caa60b3c6ce02c05b0b2653c478a788d9d6c330d34439a5f91acecd67dc6baa4f40cf8f4cf21a684a13162562df8e2406cd06ac3145c6216e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt
| MD5 | 53afe4328fe10e440966d31a6cb6c702 |
| SHA1 | 5276e255a2f10e6a945a655b78cfb99e4458d790 |
| SHA256 | c7f1a36b26d87de2e8119b0f581b2e89487cd1ca529fdd4f09078247efb8efc2 |
| SHA512 | e647cd2eaee3e6172b01d6a295a43169083d3d97a79bb6473078db909959b62be2fe335d803ef71d12bc26d4a67cba826428303d87fc81ee0ee3ad54b089e7d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b43d9d11d99abbe1388b529c03458e9e |
| SHA1 | fa3bf8258c1eb18dc679a678ea493f966dbb23b3 |
| SHA256 | 2f2bbdc5c7c66f5e8bfb0ba529bf324644c020653bc016a7ca308ffa3ae7cf13 |
| SHA512 | 98e2426f8b9878bb98b7b8fec0403b6d1cf745713cfa4f3b7ff72e2251ded36896329b1e11449296a4a2ea977a66540359950cd0d291dac3d838957e2b7f5329 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bde75131a1dee9719f6c73a5125c510d |
| SHA1 | 3b3dbbbdc40274562629544f580efcb1fcd3c66e |
| SHA256 | 2a208249492db042e056d52f8fca314dafabbe2ac216249bfa9e97f13280d81f |
| SHA512 | 993564c159a5f247ec98203d893dddd581e5c96a0d7435c100089e17223528520d7726193e132a6c5ecbfb741e96fb16f2e610d86bf9e815be9ec9183f207abd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\650f2d7e-0b49-4198-8610-4e36dae21190\index-dir\the-real-index
| MD5 | bc91469983de1bcd876da986521faed2 |
| SHA1 | 4ef6c2ae52723ae3cd81387a948fdc4c3be10169 |
| SHA256 | 39dcfd89f79e57230c535cdd86905f8b073b9de56427a3d6fb06ea8725005aa8 |
| SHA512 | cc64b67d1aa168e5d1e402995ba625b481d4a1aef7815d12c84a5bab3d717a48fd3f44a1594e332b76986af0ed2efbdf5402a9b9ff99c1d3f847cb8cb5ed0f90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\650f2d7e-0b49-4198-8610-4e36dae21190\index-dir\the-real-index~RFe5812c8.TMP
| MD5 | a5c098bac2adb8e107617d5a59e63705 |
| SHA1 | 886635fc4787e6ea4bc6b6ca28b3da3c688ce525 |
| SHA256 | 655048691497a4c059fc749360f87d9405e4aead4242702fbda847c6e91816d9 |
| SHA512 | cd63544e4233cf421d63f222d9b54b4ed2fad5c95fa646494bc23dd2a5567123209e5bcd9d2d2f974023c63fe72ac7949209d7e491e762f0696d4651dabe6071 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\be35666cd73d55aaaf8ad83d8bbbe8d1cf6fb2c0\index.txt
| MD5 | f5c9287f85c597bf84a1216394c6c09e |
| SHA1 | 4a28dce4c0ea05d6b6cb7f7fd6db68b3f9aabd46 |
| SHA256 | c7f42692dc81383cee37633b684e8cb6d3c9bffe128934185ab58bd526193c9e |
| SHA512 | c1d45e34044097a041f4a15b47ffe799c2ca80c67c883f92697374a34d343f320a9403e5ebf9ecddfecdee2a40386410eab0dc3927f726a709846781b1153d74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 377667737f4457a649803fa3f94424de |
| SHA1 | 3748ee8749a984807bbe7f1c3f4a98d473cf9a4a |
| SHA256 | b5a56d4ced945f34eec75163a84da76b079019ecd5874ef635897139a617e4ac |
| SHA512 | dcb8aaee4eb16ccf606190706eca0066c112e7e8d3bcd9b50284ae3fbae7115b9183cfe51f08647c81c927b68dfae8971b0325bfd1e4002c74e062601cf71a00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581393.TMP
| MD5 | 637d10494a0898d36152eea7f71a33e3 |
| SHA1 | 844e32e8fcda9b3c0c84f26d598577bb0015b440 |
| SHA256 | 7a7934435cafeb15974ef951cf57cd8b62440def5e01c0403850c0d3eaf79a09 |
| SHA512 | b7d38609f10d198620eb147e105ef1233b95b8e31d915b6f749f176a817a5d71ec43b57f7a52d1042a14c20d2feffe0434769751147796da460e4ef780729aa7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt
| MD5 | 627b3f7e5ae2dd24a12b71add2476e0b |
| SHA1 | fd4c277d5015f6d0cbc567c4c047707e2c5be79f |
| SHA256 | 62406d52ee8e8b4fb66e68c0e7a58f1eeb4fa412cbf430efe9ea8edf32da111b |
| SHA512 | 492e23e34143e43f18276b311b6d2c53e71b34aa531df7e4f905ba46122077e0f935394677ae6f7ab31f3ccc4dea83581f4339371aff382494f94a66ec209697 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e3ece7ac1d748bd8cf130a6dd1fa386ea15cfca\index.txt
| MD5 | 1b877c8c03aca3b5fafd09076c3be9d5 |
| SHA1 | 94743f5f1c670e4b6e35016e728498d4ec98fb84 |
| SHA256 | 699e8ca1765f1876c4e1480a05cb703896603ec8319672f1bbb62bd5fc360a8a |
| SHA512 | ac498e35ff9b585f1b85f43f4069b6c87bdaf2ae25175382d4d4a19a04bc4ec67d454d5839efced66fd42143e96dbe8edb680072bed0829f5d1bae231d59ffc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6637df16e88080d48ef9b0218166380d |
| SHA1 | 788376ac4ff5f3b99b373fc5ec2bac8333be8c03 |
| SHA256 | a3b33141ea4aa5863e417039d77f9ea50208a9b0029dd1ac34c5b65e2d443978 |
| SHA512 | d376a5249d3ccc5c09618c39df2628b89c37fac4658ebeebe593d67698abf5389c6ccedeccfd326fc5aafa8cda301edb0af22ce95e51031f4593e40736437121 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8180d20f747ee871b2915adfc410a620 |
| SHA1 | 8dd2734b58d9178d1844a988d310801c571d6cfc |
| SHA256 | f3da45c83d2c201cbb06a69147079b99e0c323ebe1e517ef5866052827a625b7 |
| SHA512 | 4bbe6a4272e91c4278f39512c590bd2b753f493e5c30197be4194c9400647dd3ed2df6ed618e349930cc4327066b83e819602e6cf73d48eac74bf92b470aae7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0a6fa025a06c5ff3c65ce35d670b36a6 |
| SHA1 | c2288bb498f0323eda3df1a70aa5abcd67af3252 |
| SHA256 | edbc3edd510036e406877a4ebb7397a9e0676a8c619d5a3142abb0e75f70a4f1 |
| SHA512 | 2f04e0c12c100d5aee6cb6a3b13d1e21afa809e44a445cda2486c348913d35c85660ef10152a51d82b49583ee2be41e10256e72679aeec461c3c792a0a7c7d33 |