Analysis Overview
Threat Level: Known bad
The file https://shorter.me/ETaNN was found to be: Known bad.
Malicious Activity Summary
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-30 06:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-30 06:57
Reported
2024-06-30 06:58
Platform
win11-20240611-en
Max time kernel
54s
Max time network
58s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://shorter.me/ETaNN
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc88c43cb8,0x7ffc88c43cc8,0x7ffc88c43cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,7719565937872674219,5520887257691402789,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | shorter.me | udp |
| US | 104.21.59.19:443 | shorter.me | tcp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| GB | 18.244.155.22:443 | roblox-api.arkoselabs.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| GB | 108.138.217.124:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| BE | 23.14.90.82:443 | css.rbxcdn.com | tcp |
| US | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 52.84.90.42:443 | images.rbxcdn.com | tcp |
| GB | 52.84.90.42:443 | images.rbxcdn.com | tcp |
| GB | 52.84.90.42:443 | images.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 142.250.187.232:443 | ssl.google-analytics.com | tcp |
| GB | 23.208.255.133:443 | cdns.gigya.com | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
| GB | 64.52.81.117:443 | roblox.kg | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6486ee9e961a437dadb68ff1544d18a8 |
| SHA1 | 05f4daccca0bc1ce73fe71ad2325ba5dadd3df25 |
| SHA256 | 9a98b4686c9e90672a548c873943b3027fb111f7992263111d912318429f5834 |
| SHA512 | ee3659f68a46f37f340f98b85a7aa289e700c5ced2a4f0104673bb5f18cc82d1e9b838ec0278407213c6ed2073998e7aad78a7a39390b7e460c8e26dfa91d0e9 |
\??\pipe\LOCAL\crashpad_1160_ATKEXMBGTJOFZYYR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dfecbb576ee9795c5284da8a2a3c7f5 |
| SHA1 | f1f0a6a97850aca2b4ab267a017564af02f24948 |
| SHA256 | dca6901942fa748fc01339192c0738a06847d8497c9c61298f1e5df1f8352fb0 |
| SHA512 | d664cc261113427810dd0b2d32763ddd08611a528fe6b285782d6b8ac03304b72a90fe7f3f7142e825ab8d948d5c9cf52f420546f3796b2ac23f3d00f3c17389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6698d004fbc98087062584321a95c330 |
| SHA1 | 8eb3352330849605ed8a3b071452d1010e1446f2 |
| SHA256 | 6158e36408053f03cae5e598bf44404bc852c25a89e5adcdee28d061c5c3636f |
| SHA512 | 0d33d3ba81b75d3f1b0a05674552371ea7e4c45f53a7abd31c8c033dd767368344e5869b2d1d2a28b4c1df9f48cd85f1161344b6d3d0fe14e6d7b8d64786e0d7 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416
| MD5 | 4dad0014aab0b94b9c2e5c3c89cd05ab |
| SHA1 | 82c4a2ef376d115d48a2dffbfd17b95b6ac0b50a |
| SHA256 | 4c60f90c5596351ab61e0ea7e8b460333df31241b9bc40c1e8d87e86a215375c |
| SHA512 | faea62a37ffdc1b2cbcb1f89ca07a03bc44c8fa4417e1675c6b792c85d887de26ee659f48c3ff463c59b28242fe0d09234c4b0c068e7c4a27961728d4bbe5c77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
| MD5 | 55540a230bdab55187a841cfe1aa1545 |
| SHA1 | 363e4734f757bdeb89868efe94907774a327695e |
| SHA256 | d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb |
| SHA512 | c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | c7f92628b4c2ee6c4b452be942cd3763 |
| SHA1 | c8630d26cfc515f306891ae923b0902c9ae1e381 |
| SHA256 | 1ec4c2f5bd58783568bd8a5f86385712238cebcde8f5299c0faafb48a22fc87b |
| SHA512 | 52cd04e2b2cf63c2f011ddfae680ac3a8a9d0d6e9fa93f719e002de640cb5924fc5d56611491a326e3ee70dcc51ffc6cd2fd09a318cf9302c0f7df1be4905203 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 30da63d1ca56041258a209970547dc40 |
| SHA1 | 3556a45be9b1dd4272ba82eb1c9ade56ec1b756c |
| SHA256 | 300228a501ddf1cfaddbed8c2e3f284c5b3e73c05494f2ec2bffb83b97fa4a5b |
| SHA512 | b04ccc59295539263f052b38402160c4f418c96e783498bd4e61f62f6dda47ba94d4393d82e3bee4e3a17379ee971ae44d55ca0fe287023e0ff7091d7e0bcbb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6ce432e4cfb2a48deaefd70cde836c1d |
| SHA1 | 1229c117f027cd19a747092e5944aa71f7e97981 |
| SHA256 | a490f550830c682b73523b77a25d04de80a20b1309ca70f2f9f54b4105b0a79b |
| SHA512 | 67e03fb261ef64b7fd2aee4e300e79d5ec9864c520f3eec56d84fd68ede9c5bd9230c116ad69eab59f48a9708ff8e08cbfeffab265fbb0d6e950fe968bb59e16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 510585afbbf10556e59db129dd224089 |
| SHA1 | 72eb77e57bfe5f59fa71cef0bd9fa4163df7d9c1 |
| SHA256 | 58afe75592ccc6c7e56b3a3007c8f39aec0423574f1020aded64442fe78d5e5d |
| SHA512 | 8781ed44fb64b43b1b50851adaccadc4c30297270f7a4bfa2c624233a0d3d9edda05bd04adc96afa4af949a050985639f8e5c2c6cdf6fac61d8c88ae48372e18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8a3317f753fcf5380a568fc114734939 |
| SHA1 | 0a71ee7b084c3b249edae8cd61268d160305343d |
| SHA256 | f26c76772ee6625f776635ef5f5f8a583809bc894d6c57da8c71166d7d6d5aec |
| SHA512 | 69f13fd4e0674ce423ec106b0feea2771f14ef295aa69d1ca51649bd76b5ded3a3a04ab96c2f54a66a18d38c31abda38880030e8e2ad0ecd0cf5692b463209f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ab82.TMP
| MD5 | d1c40e73fd62df124c537e155f6cb8cf |
| SHA1 | b63cb3cec3c1a9dc69005040862affc7619bb3ce |
| SHA256 | 7d1ad0efd7299151c0b9f984ad80921acab47edf24c99e4108a51e07aa0724e2 |
| SHA512 | 1fe94bcc33ecb6a615865bf749481e902dc1371504f364150f67a71d1d131e2fbcd6fda2f67a89ffe9705d06244d971bd1ed879a4386b4aa6b1f57b835e88905 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8abbfddeb89da1e68a823fa094cf57a9 |
| SHA1 | 04a39d2c1677e4f68de9be32ea0636f5276f719f |
| SHA256 | 5b681573a4bce19cfe70e75bd21114fae3a6560b422bbb56c9884768afc636f7 |
| SHA512 | 77a95087bdca5035240d92fde3949ef404e739e09040572642ad08386add01e2b7f8ecd55692963b5361cf0278bfda3b116bd5526e28fd8fe265cd7687ea2167 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 32e9f4c956d32b6456b2890e158fa82b |
| SHA1 | ac60b8bc62df3abd10b5f55e9c4d8af36da0e809 |
| SHA256 | fa17e80f11f488de848a4f732aa2125bb34b55acd02560d1cd5cce020b8e2f36 |
| SHA512 | b52d338e31d8d5e62660d0f0ea1852253e5a7967f6aec01678471df2f50e2b4e624d7adca4a34c50185193130fe41ae9c8fde0494fcd826930089a1d47142242 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e4007ec5b41eb2b26000ccf0bc285b00 |
| SHA1 | bca04492b5a0ded36dfee10d1b06d24e4f23b40f |
| SHA256 | 68ac9a2a4393a27fbf62e0ffa20f0a732b7fae68fe4ae31dc2a5d6bd33e39e4e |
| SHA512 | b5865bccd8a7748e330c097782fecefc76913c6c837a8398ac8b0440a787c54642cc858d96e2d096e3a44e696662225953fac46aafdfe4472324a1d8342dfdc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 134b5871dd82887b35a789722b203cf6 |
| SHA1 | a83738a2d98a58dad8529a6601aa0cd313b07ea7 |
| SHA256 | 461ec8ba5f1509cf64b399cda0700c5f9e19f2877b97c9c2c5c16d3751418e86 |
| SHA512 | 908027982678cb6f2d384918e75acf30a75998ec622b3af7dd56384934ac2fb345dafd7a834214c138138f29cf7aedb41f397174fa04582cd3c297ca58d26d74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1b924b2f59c8483853d8dddc4da8a2fc |
| SHA1 | dc3b9e6881ea4d54c0acaf732afc65957fbaa354 |
| SHA256 | 81c76d27a8c5b6aaaceab28a8be5589d58163ed9193fbdd158dc29f4d4138b3e |
| SHA512 | f48ff0a308828d31c890fee0a4dd384b23461f07ac56cd8404c210b6dc9f24c1a66bddfc9589b871c8050ef695c4a1181fc519e3b1cc7a45b0857e7df63430a5 |