Analysis Overview
Threat Level: Known bad
The file https://u.to/cuvAIA was found to be: Known bad.
Malicious Activity Summary
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-28 01:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-28 01:31
Reported
2024-06-28 01:33
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
148s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://u.to/cuvAIA
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc482146f8,0x7ffc48214708,0x7ffc48214718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,3201452507482838618,13597532094934898676,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4864 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | u.to | udp |
| RU | 195.216.243.155:443 | u.to | tcp |
| RU | 195.216.243.155:443 | u.to | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.243.216.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | steamcomnunily.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 172.67.144.123:443 | steamcomnunily.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| IE | 2.18.24.9:80 | apps.identrust.com | tcp |
| NL | 23.62.61.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 123.144.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.24.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.cloudflare.steamstatic.com | udp |
| US | 172.64.145.151:443 | community.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:53 | store.cloudflare.steamstatic.com | udp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | steamcdn-a.akamaihd.net | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | store.akamai.steamstatic.com | tcp |
| GB | 104.77.118.32:443 | steamcdn-a.akamaihd.net | tcp |
| BE | 104.90.24.180:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 151.145.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.24.90.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.118.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| IE | 2.18.24.16:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| BE | 104.68.92.92:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 92.92.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| BE | 104.90.24.180:443 | store.steampowered.com | tcp |
| BE | 104.90.24.180:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| IE | 2.18.24.16:443 | shared.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| IE | 2.18.24.9:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
| BE | 104.90.24.180:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.212.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b704c9ca0493bd4548ac9c69dc4a4f27 |
| SHA1 | a3e5e54e630dabe55ca18a798d9f5681e0620ba7 |
| SHA256 | 2ebd5229b9dc642afba36a27c7ac12d90196b1c50985c37e94f4c17474e15411 |
| SHA512 | 69c8116fb542b344a8c55e2658078bd3e0d3564b1e4c889b072dbc99d2b070dacbc4394dedbc22a4968a8cf9448e71f69ec71ded018c1bacc0e195b3b3072d32 |
\??\pipe\LOCAL\crashpad_3784_HARCXILJVQJUPQKY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 477462b6ad8eaaf8d38f5e3a4daf17b0 |
| SHA1 | 86174e670c44767c08a39cc2a53c09c318326201 |
| SHA256 | e6bbd4933b9baa1df4bb633319174de07db176ec215e71c8568d27c5c577184d |
| SHA512 | a0acc2ef7fd0fcf413572eeb94d1e38aa6a682195cc03d6eaaaa0bc9e5f4b2c0033da0b835f4617aebc52069d0a10b52fc31ed53c2fe7943a480b55b7481dd4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2bbe8865e35556a02d320a98a9c9673c |
| SHA1 | 721c602152141a64e6076d5f5dcf33db8b433d50 |
| SHA256 | 04c217d2c0a1c8bd85df8dfa1966ad3e624b4bc55745feda39e6f773c25d4a8a |
| SHA512 | 619b9a25a51740dfa11afaaacfdc95b92d3686e483b876e01760a5f6d3e440ea3f73800780c339c17420bab71abf7022481f9708feb628d7220ff847d150c824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 71bdb7a4fe67d79b62755ccf64ca4f76 |
| SHA1 | 535b2498dc9da6351ef356da9227be4c16e9dfc9 |
| SHA256 | 7a3fde6b8cd82797a451daceb135af10deccc46b357c4f0dbb35c7ec7ee4c7ce |
| SHA512 | 613ba1b11b30755dda950da36849545ef45d8e7862f4747e538a5bf3b814d97b085e0bcdcd23be89f5198ed507f0cd702db10dea0332ed7dc7a1942d04a0bc04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b0c40469a57e497498b8c83df889f629 |
| SHA1 | ad4e3ab5c40454f4c2237f808d80c2f4a14bc140 |
| SHA256 | 62fd9501b9fc5ce0e315b436a298ef70e88117e3f7a302a44aa73483f40d670b |
| SHA512 | a7a41606d300a5d3444a6a314f612d4f5d650e8022a6fe62c3fa0083e4b2b17f07c2f2bf80ddfdb093dcc2c3d3f1899b5eafe643ec2172ac39e81a74600bb328 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aafe33ca808a8854265c50948d92efa6 |
| SHA1 | dea9cbef337e05b42d4834941c7f5a4bcf6355ba |
| SHA256 | a2d8e603149020b7d143cf716da23579edfb6a79b6d74e40b31bb98fcb800b9c |
| SHA512 | 48c0ad84b3f0c11ee5e6e18ff331adc48ad133bcb0827127c4edce27895ccdf985ff7993587e5c45cc61eeb1bf139d25999e607e333889237c70a3492d1e47ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0b55b6064594355035ad7507870b3983 |
| SHA1 | 0e66faf55fbb6350d0b29bc98cfd7be7bbf476da |
| SHA256 | 7b266f9e83405e431c5f94efa59dbd75187e368747f72a7d6d64e4b0c00ab6d5 |
| SHA512 | 471bba7be5d49923d841e2e657e0951294c66325c9ac3e30da39d09ece4b7d3c399718c5fac2df90e56e9278f98d323850b302105d694e31d9a0d36cc47646f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d3c482eb6106ff23e430fa8947695b5 |
| SHA1 | 0278ae43f2722eec052f6cea457587e0391b5aea |
| SHA256 | d9a6e37affef39ca244cff96855e1c9d51c64daf6b7a92e844b50a2571824abb |
| SHA512 | 3b5433d1821e78cfc3889f21c90d028446131c44308b08ea6b1699b0f8fd2d75f5ea5fcdcf88a54e63b977d7c128a00158a218a4a0d321326ba0c057f5fe87c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f7be.TMP
| MD5 | 06038008178e0dc73e1e9ac4f9e17747 |
| SHA1 | d0ba6ec1a3ae742fa3a5fda770aeb018958cd3d4 |
| SHA256 | 5f400f81819692c127456cd455c21a6284648dd4536eb12009cba94d17602c45 |
| SHA512 | 96755b1203f8859753caab56ce574462eabc576d542f6a9e61ac41a9af8bef52f7c14b0d5856508d96efb7494e102593a1d7950e813c54d5c71bd0856a53853e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 2d64caa5ecbf5e42cbb766ca4d85e90e |
| SHA1 | 147420abceb4a7fd7e486dddcfe68cda7ebb3a18 |
| SHA256 | 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f |
| SHA512 | c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | 57613e143ff3dae10f282e84a066de28 |
| SHA1 | 88756cc8c6db645b5f20aa17b14feefb4411c25f |
| SHA256 | 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14 |
| SHA512 | 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | e13edde4a25e96e573f37bdd11e020aa |
| SHA1 | 84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2 |
| SHA256 | 45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515 |
| SHA512 | 9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000069
| MD5 | d45f521dba72b19a4096691a165b1990 |
| SHA1 | 2a08728fbb9229acccbf907efdf4091f9b9a232f |
| SHA256 | 6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc |
| SHA512 | 9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007e
| MD5 | 151fb811968eaf8efb840908b89dc9d4 |
| SHA1 | 7ec811009fd9b0e6d92d12d78b002275f2f1bee1 |
| SHA256 | 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed |
| SHA512 | 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 37bdb4bf7faa47c1847e3967e99a44e6 |
| SHA1 | 252100494b62b3fea9d62932a411142e2460fbc4 |
| SHA256 | a8d4527076878c636abc49b4a6a53d16664986527729fb856946c1786f7da01b |
| SHA512 | bcc89a4ae731b80a109ebaf24c964f8b603b504f29d8e1e99e894455f8d207cf0eca26e5289ac594155e2cb26e4fee0ddf0890b78c981949da883ecf45f0f0c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 419d7ee2116edb304fa99d5fd1d5495a |
| SHA1 | 693aa4f40d3550b5f984c392c5e936344fe1e669 |
| SHA256 | 39802de76f0369a26d22fd186cc83641fb4bf5cde9a29559b7ba0314554830ef |
| SHA512 | 38c3ebff705c547ba5426b003a38ff866b007782d1f1a15fb7a7aabf98e31574e26319d8475f71e7e455b63774072e5a69e79a366819208cd3e4947af5536f91 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f1dde9997ae00ed2c3c80e29294ba21e |
| SHA1 | d828a659106c1021df92af49b7e86f1a7ef555c2 |
| SHA256 | ab8cf91684e0fc2725e632dabb4905451e0c9a914fcb6ac0f094f0d2e1e38cb4 |
| SHA512 | 3865ec31425086323be53c3277b1e090333330ba5d41070c88057c4974b36677f6d27ce2803a9a4fbc709d26f641afe0ff5f684079890bbf2b6a8a5ab892553a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 605652f745f59b62f327762064fb0f34 |
| SHA1 | d9105478e3763fbec1fc90275b0a1dd24fd6bee2 |
| SHA256 | f3a68ce611e171a5e118386e45defe2b8347eb8ae75ec6c36908c7cf5524628e |
| SHA512 | 655c23dbfbbd7b9227da9d3498d1065e34f217c4441b4fea8241aea57d8147a423ede30fb879e797e0831244cb4ee2ef8d55229dc64cfc57e19be8cccf7ccbb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd007b59e38e4a53ff165d6ee23710bf |
| SHA1 | c401474d566fdfe6f6223b56b1ee27b860190680 |
| SHA256 | ef39a146d98cd58881e2227af20452de23c3203a649c2c60653aea139f3a5dec |
| SHA512 | c3a31ccda2a26368701649fd2f19c0fbc42472f96479ba16ed0a45d02e9296888dbcf3d9cd81e625861192ffc6fe6d85727fcc14f96a9d1849c706bc9daf3ab7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | c5e39337f681f1c40f0efa29366109b6 |
| SHA1 | 3df6cdfb2a6ef5d2e0b0b2832154986629dc3e70 |
| SHA256 | 70707407660a3f4361c5b197db2be83f96fe74e2f1f95f0753e985ee30b7b84e |
| SHA512 | f73d25aa88d2ff3bdfc4d569d20c327883b16600f76410c883e07eba51715cc65d8983cebfb681f2a0c6f888394749f9975ecbf5c9af428ec5f3e433874d6534 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 6168553bef8c73ba623d6fe16b25e3e9 |
| SHA1 | 4a31273b6f37f1f39b855edd0b764ec1b7b051e0 |
| SHA256 | d5692b785e18340807d75f1a969595bc8b1c408fb6fd63947775705e6d6baa66 |
| SHA512 | 0246cee85a88068ca348694d38e63d46c753b03afadf8be76eca18d21e3de77b495215ed2384d62658a391104f9e00df8605edb77339366df332c75691928efb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 4f7c668ae0988bf759b831769bfd0335 |
| SHA1 | 280a11e29d10bb78d6a5b4a1f512bf3c05836e34 |
| SHA256 | 32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1 |
| SHA512 | af959fe2a7d5f186bd79a6b1d02c69f058ecd52e60ebd0effa7f23b665a41500732ffa50a6e468a5253bb58644251586ae38ec53e21eab9140f1cf5fd291f6a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d22a859a2356ce258ef8ed436cb709e9 |
| SHA1 | 24727075e4e7cb6b44c9c1e23e69f9fbdb15f42f |
| SHA256 | 6fa6509fb121441c92c1b6484e7b1164eff9672cda40bf0eeea794df25478970 |
| SHA512 | f3eefabedbce005b8abcf39b0212c4059c60c6a9fbcb206b240c50d11df102765b194dec2b414eabf239b9eb3f8f53c6256eed465fe622f731d28ca4b6ac6e9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9d0146957f078b4065c3d2ee549a2165 |
| SHA1 | 2b296c7d9fd52026bc3e999c06c139bfc3322cbc |
| SHA256 | 01db180c9c10c36ce05a42c1c05b062b21887c1436ba025c2a1e48b443be9cad |
| SHA512 | 1f595a16d09680d9de8e5b5bb86419773cc6e64ca53f64c79aa48d062e142db9601680f9c65b6455154a2700fe76332b27eb722ec9eb66f0a64eecb161e4b6ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ca7b968305a077901c16214c76317647 |
| SHA1 | 5b8b37af41aa292d9f53083f7b0bb0a8ec4b5947 |
| SHA256 | c10e2334f48fc015f1f3c0522a8abab1be65cc02acd35408045e3503ba2ffd94 |
| SHA512 | 0ad338ded76c5bde021779a45d6ec7db775ba6eb156204f9720bbf4ceaf918d4699c9271f2539fc0e630761bb34d9d5c0ff6de1d610a58ff941620c55b41b953 |