Malware Analysis Report

2024-07-28 07:08

Sample ID 240630-jf5stayarq
Target https://sc.link/RA0Ud
Tags
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://sc.link/RA0Ud was found to be: Known bad.

Malicious Activity Summary


Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-30 07:37

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-30 07:37

Reported

2024-06-30 07:40

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sc.link/RA0Ud

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2356 wrote to memory of 1792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 1792 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4444 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4444 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2356 wrote to memory of 4452 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sc.link/RA0Ud

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb263f46f8,0x7ffb263f4708,0x7ffb263f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5868 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2012,6238125027335608458,4115367369780608271,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4836 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb263f46f8,0x7ffb263f4708,0x7ffb263f4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2012 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3000 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4520 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2008,1537890364061315560,11923531203950591184,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6036 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 sc.link udp
RU 178.248.232.231:443 sc.link tcp
US 8.8.8.8:53 bitly.cx udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 104.21.91.178:443 bitly.cx tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 231.232.248.178.in-addr.arpa udp
US 8.8.8.8:53 steaemcoonmmunnltly.com udp
US 104.21.46.50:443 steaemcoonmmunnltly.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 178.91.21.104.in-addr.arpa udp
US 8.8.8.8:53 50.46.21.104.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
US 151.101.194.137:443 code.jquery.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.171:80 apps.identrust.com tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 recaptcha.net udp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
GB 142.250.200.35:443 recaptcha.net tcp
US 8.8.8.8:53 store.steampowered.com udp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.55.96.74:443 store.steampowered.com tcp
US 8.8.8.8:53 74.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 171.101.63.23.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
BE 23.14.90.74:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 cdn.akamai.steamstatic.com udp
BE 23.14.90.90:443 cdn.akamai.steamstatic.com tcp
US 8.8.8.8:53 steamcommunity.com udp
BE 104.68.92.92:443 steamcommunity.com tcp
US 8.8.8.8:53 74.96.55.23.in-addr.arpa udp
US 8.8.8.8:53 90.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 92.92.68.104.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
US 8.8.8.8:53 community.cloudflare.steamstatic.com udp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
BE 23.14.90.112:443 community.akamai.steamstatic.com tcp
US 172.64.145.151:443 community.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 community.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 community.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 community.cloudflare.steamstatic.com tcp
US 8.8.8.8:53 151.145.64.172.in-addr.arpa udp
US 8.8.8.8:53 112.90.14.23.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 devtools.azureedge.net udp
US 13.107.246.64:443 devtools.azureedge.net tcp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 80.90.14.23.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 steaemcoonmmunnltly.com udp
US 172.67.223.222:443 steaemcoonmmunnltly.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 172.67.223.222:443 steaemcoonmmunnltly.com udp
US 8.8.8.8:53 222.223.67.172.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 7.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 87f7abeb82600e1e640b843ad50fe0a1
SHA1 045bbada3f23fc59941bf7d0210fb160cb78ae87
SHA256 b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262
SHA512 ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618

\??\pipe\LOCAL\crashpad_2356_LGXEPKFXVUNYOPTD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f61fa5143fe872d1d8f1e9f8dc6544f9
SHA1 df44bab94d7388fb38c63085ec4db80cfc5eb009
SHA256 284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64
SHA512 971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9ecc59aaa320f4e3d6e48fa6f689a90f
SHA1 96c8cd8a7aa444e580154bd903b58d2abfc33c84
SHA256 724640e0af0b10395e128b46dfd7e213a6ae3d6f07022db7a0db8926c5a91e8b
SHA512 3c02427bea19a95e956cbf852b11f4d797a7e0c076b845670d831525fe2b1fbd46e386df4378d60e888f283a24346a3f0a363a8e157a46f3064e81d7fecce123

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 db7d13c6b262f925646fce20475ab145
SHA1 1c0263b72e58c3116d5cb7a888a3247bd49ccbd8
SHA256 82ef7b9d3d1bc5466586d79a8263a1bd12f4765eed88845b8853c5c7d2782acf
SHA512 3bc4ed6d2b8debaf23023f54f32db68dd57bc278af16de929767d9c0b97a38a525ef6e3decd67367146c381af2b1e5010413eb61ec9add69c4a3d4b312391909

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\919dafa9-09e2-4db3-9304-8f18e56f54e6.tmp

MD5 50701f6e7c62a915366256e153469b53
SHA1 aceb7b5641bc849567f227d8a9999e3e21dc1d91
SHA256 42f892dd8e4a4a06d450144ce03b2d288273449fc11a0ca0cc136fcd2f727274
SHA512 9d0c3dbb5ed986ab11667e07c34f7b2f01dfe6505b05461a2a5c980730ff8e54ec9be9643a519d04327c1d791a7b689ffd7957278cb7a8a82efe55ecdb9499f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 11e38a853a950fbfe55f2180204626d3
SHA1 2c5e8453a5aab9333cf46281b23b1b318033a67b
SHA256 b71f90ad9c4c25c1638fc007280ad260ade1d2afeb2544f0f6a317a3ecdd47bf
SHA512 e25829afe72745971e8e6b2669121a3af7e9a9acfbba8b18b0dd2ef299fb9a25e76f808ccbffb40d270a5cdb90a46f324c1e6c64dacaac5b3677988b85183a4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 101aa7e962f7367b4c036ff14200ef53
SHA1 3e3ea0b2389762be848fe7688cfd943327fc5a4d
SHA256 f97de55b97c4deb45750038e65b121d689a1057a0c10ad2befeb427eda128e0c
SHA512 b815632d2e60fa763f809070c93e97cb41bb222597bb8454bd1d5382576a865300c89ede0c01adbc03d8a20a2b07e250e29b84e1f6b05c2594f269a0df1467bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6f678578acebddcb552c8ad59f1da32f
SHA1 ec2d3ef80b15ec7bfcc6b3a7c07d0d58605dad34
SHA256 34355737be7a9d12050634ec4b618d94cde1b2e00a732cc1a3d437a35ec9df4b
SHA512 38d88e7042bd586b4bb24aefa472e51bcb7ef0e13a8b64073ab251b2051f44908302ef17328750983ed756db8998dea3df51f284549ed42f863796a58f67ecc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4bfbc87c05f93023d236d7cafb9b84c3
SHA1 c3c45d9c601184296bd8dde0c91fad1b3c6c09f3
SHA256 af5e7395bde3c427ee8911077ddf1b3d5a262f0660d71768f8c42c41aebf716d
SHA512 55bcc9548a0f37f989c111d21662570b6e6e4bfec99cc09462c36cd128d1d47556b896c25ed4b6d96e6e6f36036b8eb488c324252b24d16a723c2090ea1c72e2

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9bcdbf6df7270f7994cd6ce58ed1b383
SHA1 5b4fd362f492156576ee7fffb86e55cd0a7209af
SHA256 bea034bd1d699627255c9a57d9ccd5ddf194e873082b60c2231132c65722855d
SHA512 1e44f5b5d60bce0fccbb415c479b26a1c729cdd76d185bd54c9ef438b5d10c442331ed4f2b64325fd9f8ee48aa3221ecd61af5b382910cd18ef164f79c580ddb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8bc62bd1e51a98986641ea6c83683d21
SHA1 fd0f6190818d74c2f6a9114cc037613893dd129c
SHA256 794b7660e642294fd92494cb87ffab704d22346b76998de14641084df9f86316
SHA512 6a2a33aad793a58feb321cdb2a00653ef8377c8e03715582e8e7689c15f0e4f3709e27f217d9d5ee2c74ff6ed037af3a6ac83c072fdd40feb3b634ca8146eff3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d52e549e797ec95c1455c910294980f8
SHA1 58e7934f6ce86e94908d06500f9ec782d45934e5
SHA256 653d2b424501487bbfad22dbab714c84a0be03699a65b54a7c37b71baa4dc3db
SHA512 9f02ae058d2a997fa512bc084f8de47fddc1a31063526d3238adc1d87fc7d646051c735dacd1d27032c3951cb4887a040e74767b15e8344dd2d2112492a2bd2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\365e0d3b-b25f-47ae-8586-25dd5b9b418b.tmp

MD5 bbe6723dc98faf310154f2b68f1a0412
SHA1 66649e7eabe065a3a00859d75a10bf582dfa3229
SHA256 ebb4af9fbf44a3020fc8d3eed503f5ef2d8c83c4c6237c0a79801b7b0c0c2254
SHA512 824edd20ade25709a88c03c650a77216cc57989c4e9465a386fcf2c5289e971b09bd093dc0f8563e70225995d26ba92abeb8dafbdda2ace313f66f4d04f66f6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b6a85f62d4a43e7a577671f0ccf38814
SHA1 cb75175cce5718f237a415f8d1a0ea877da0783b
SHA256 d1116274cd391092c5b65640110bbfba13749c22da603db49e3009e85b8a538e
SHA512 1b053018dc456820d2f062f583ba7da4c09dd017d0d452b8159a375861dd48e1c9381c583dfd839de4560daf7d349d7faec3581ff2a8a09efae93a3ebbfb574e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f7d43d2f03a0d441daf17360b82e2e66
SHA1 f54bb7c3b6a4069ac9a7f761d99bde3266cc4fef
SHA256 5324386155b127c7d5c5a30ce9d945227e1f009f2e9fd7342ff1394dfb3e6805
SHA512 a1d8094022ab7bd089009954f399fa6b99b0f7cf291451f85173bb8f5f4d53e6c2f72c6e4128ea45905569a09fbf0bb2ca3fa6bcc2348b16066585031867aa34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0243c6777e6a0500ff6e52ebdb20e9ca
SHA1 191019758296554d2093acafa86e3155b7ae973f
SHA256 9cdc89d9471794730f4257856fca7438d9223b3def7076e7f9c0939fae357326
SHA512 7ac01ef338f21a3527ba0236404211d5c5ba2492617c948d681c0cf17086dc93474ef989a11de5e9b027eda2a5b4758ded92e214b60fbfad516390eb11779722

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 dbe2de29cd1b28411ee709f960244b02
SHA1 087128db492a209746387e108abf175ff465bab3
SHA256 d22af10a75d9eb043d91bb3657b16b85d4e6ec09531de1d51223d9fd84bf361b
SHA512 962fd8ef1309cb7d8de209069ab249bfa9becb3bf44d576821a5601f3e2c27a6328f7338c659587d73eafe6351b8862ea2d0020625269197cd8d266b8b4ad00d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 4c20fa32d2f45d28cc35de2c47b8227e
SHA1 ba7155e0cae2393c4e8298124f61813e7530358c
SHA256 f9f445bd37fe6fa61ada3b1d43716c1894ff991df9cd6c3eb4b559daa8c32996
SHA512 ecccb5ebbd773adab002ce4a6e90209e06f57f92e18c0813f285c5010d2953ef59d9f4a6d9be9aa22a16f06e8c9b62220010c047e0805d7604cec2572454113a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

MD5 005593d74eb5ce3737a9a4ac811b581f
SHA1 42fb6e3e8b3cf854c0b79b3fd5275dac48b9b675
SHA256 4fdf65e951a99442cf8f567f9e3313ae5cbde2ce423b0ce87204616d1fc77585
SHA512 8da546906323cf5f08de3b4e4dab0492b4758515dee80c9cf67559b01ce235bccc1c48a38e6645b4f2585d941a7d78207790f5e303ce6da6da1f965de677f5a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 2bec31dbf9991640654583a9a06e946f
SHA1 218675bff4edf58ac1922ea7d98be52e39d703b3
SHA256 8e74b8e004e53771207b20cdd88832ad392cdba4758cc6ce1bfe691d17c2d535
SHA512 27d8cb276555a47c36677972606700cd66dd24f3c9861123d644e94e2d7334b77284ac0a2093844e047538312298ebe6ac31e9565eaebeef88925238d1aa656a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13364206666517559

MD5 1450a11d0b1626c1643334c735e9fcf0
SHA1 cf109e111f235b6e4c2088331cb11b0efa3d17d6
SHA256 4d71404fe8fcd210bcdbe53764d5bb56a7821f5a75b009f078a5c90cebf6c1bb
SHA512 f8957815b177df820c1ae133670df22250f440a352a73441999a894193e6fbbb920cc2cbca737edf860cfd84e812aee35f1d4f2393f477e4238c71135a8d2b0f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 27f465ed506a1d80f1644af45c104f08
SHA1 1eb525579bb5ee764ad9d59800b859eac3935f42
SHA256 80b6740f88ea9749214e0e4a98ac44bd492c7ff4d79f7b82dd286e0850ca6b9e
SHA512 5008c36bd19b394867e57d22ba411aac39c21b716374b6523198aff21f4e493a2e1d7a04ce63db5705ceff471cbf8ab3421fe9e9dcb1c880fcbac17cee2b8305

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 b79cafb977499267786020107f848cee
SHA1 4b1fe644ada7bc214c547c2558840d68c4fe359a
SHA256 15d38ba7b0a29d0f924a089675cfd96bf7c51f89914e8801524a98d1a93b439d
SHA512 365dd2343154e1314cc3b952315f05d83086d53a7484b5dd3373d0e3ffc8f25c3089cac93c9384b0b15aba148697e19502c4bd65f6a77913e63fc1f29026c34b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d13173c942ce3c5ad92d88715d454612
SHA1 1485b4dec548dc0e5cadeb15bd4d33cda7c740fe
SHA256 054b4a210137335aec44e0f43b9fa1c5c50d5db214b73676666073a5b30e5d56
SHA512 67e7b990805c07fb61615e93d392f325dec2972351b25e07cab574204c1f90314fb27fbe71bc93f8506c13f7fb49f81867f7a94ab7565e85b3e4cd302503e014

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 1baeeb2416590245fc2a90db4fe9d3eb
SHA1 db612003a6614eb377252bd749a28e22eb8a0a00
SHA256 2b767a0359cbf5d06102d9ef3a18d50f4d82bc986a22db27122a433bb5306023
SHA512 bfcc939102cb22ad5a0e4afc8426afb3898b90c881a9696664c98b36a801804a5ec611f4748fd0fe9ab0535b23629d7e8706dd1b88cd5619870a17446c8589a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

MD5 cffd7a325a8dce91f8bffe1af3f637a5
SHA1 9a76c6ef49587bdc6a1e9afe84794bb6e69207e3
SHA256 ca0f68ccdd15687e169eb5fff663d53835e248bfb50432c86bc461aa089753f7
SHA512 6a73592271406d15a7fb0a2d04a99fa7e3b78e955d8b766b726a73c314bd0c72f24bc9bbe049e1c3e5a125ad78a6b205e3883032e4c23e90ab7fa0d84e8ce93d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 3e14c4551458fe70b7d36ecf9b6b5c1d
SHA1 61737000f79ce1825c16f028ffcd4f476fa1022c
SHA256 d26d1f95b75f89ff84601a07393643ed34a8156767f37084174bfc634f23ab34
SHA512 9ec3aa1ef47f83ae1d36d6510ef2e76522f1e00c75b1a9e4e0d44e6dc421e7d031eb21b83f1abadff936fa305149f08fb49345d23bbed506dd82951ed381026b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

MD5 32a50afc22321d5b8959c7a6f025276e
SHA1 b8e24a996797a3bb7ac0fbdbacb3380480311544
SHA256 699dade9d1e718a42f4a480fb57528643c7e51d01c7e7ac5a4a74df638918b7e
SHA512 73bff4ab2e3e86770d956363a0d8695f50b358a7978f465bdfb6523fbef5542488ee6894d4fb123f7065f85440d7f69b0d6175c4996718bfaed14557d9c2228f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

MD5 d84717daa3b1601f76e995042253642a
SHA1 f09c5973786e7640c66cf04892d16ad3cb28c456
SHA256 9a4c8a684455eb87bf8ac6da6d9f177182b4cbf2efeca63f987eb9a101ceeac4
SHA512 a601288cafccb446fc1eda05fdb81f80899c24403db58c6a6e831a23ab4df5176455097a2d58f1ff4a63f32a33fd78781f77a56f072fed75b44ef37bb098c614

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

MD5 25a724385665aa52c66f0ac82f23c227
SHA1 f8085a04c4ee92ff2b633e27a1bf407b009385e6
SHA256 ded232ea53aa469b23ff54a78572d6d6d554bbd38a179c46779894d5c5a2e921
SHA512 5f07232e144e5cfffa0c4d91048e9d269d8f0d387e6866da9842a1d574afe161e73e63b91f4189e6a1120d1cfb0a84d26a20fca14af5cc2ebde6989a7fe9c7af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

MD5 6fb545ce54aa4bbe7f518acb75ad2b63
SHA1 16bc653eb2769c057a10f24767fb85eb4caa7ae6
SHA256 b7aa397ae1dd1a558a197c91ac7bc4a3909ecdcbfbbf690c1e6aa492d14311ee
SHA512 9b570e8239310a74c4f6e72b2e235e974b38de521d6b32dbbf2a5f80bb0413ce90ff52e6e484e716324e70ba4c8b7b923215441c94979d3710a8a485bae10f38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

MD5 ec358e5e04a98e249a4834a6a9013735
SHA1 f0c0978682313a3519ad224712226943122e2e01
SHA256 89bfe7188e55f688311f2e10fea38ea86fe4fd27bd73402eef2f96aba1e290fb
SHA512 5915a87018a18906bf628b00143fc4e779788457e9613c18298b9bd1fdc0879dc9158f358d4ec61b67ed34be36857a21a28f68baaec8d2714a0e770802042d21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

MD5 bf659808229f8e3845ecbd358d0e7c67
SHA1 927a98fc440562b2695a221fbb262577f5c22d13
SHA256 040315d02fb97094afb7886aff781f88ac4be4b17ab1ab545c6026bacb130cff
SHA512 f22af86f78a62b786ffc236dcac354f7cb4cdd3b80d7ebcc6627602f9e2aae22b4bd08c340a09a853552093126bfa398db1dc410d2ec0b5d1994f0fc5cea0607

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

MD5 2478dbc591b0db913469f0283bc78c6e
SHA1 676d40c71b6c9f022818b032c61f8af67b922045
SHA256 5b7ca11de460da66fa7ed232f5d69a39d5221dab2f449161cdcd5252fde7b5aa
SHA512 9131b6ecc4aac8ea98ef82fa99903d2c78f7fcb45a6e0040321d2a69b78d36e62af6dda393a7801b1b385ace362145af767a4e9f947ccda64ec32a013195e2ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

MD5 2c1dbf494810908b7452fce9fd0c3d8f
SHA1 85c6abd6396e15232875f52180e2b892d8edee7b
SHA256 6eddae911e7e735158cab4de6779b87918c2b71b4f61964872f555c79ccf79fc
SHA512 125a2f37fc4ea84c475c77d99312030c482789fc9453bdc9eb528221361b079e3108944aa204315614d170a94ff58c8d1364a14431e6ddbd425d805fc5a013d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

MD5 95549ef15cf9854d18650d695c097da2
SHA1 6102e5a958a5316523202939c34e54fe936c91b1
SHA256 8a7275672a84f56d8addb5ffaf122b4858d726fb5e20d28cca991c88efa820d7
SHA512 3a1cd2b92a691b4d4af13b7a9b91e4bb26de82a87401e7905b817e6715b0c2af78fb2385a8a1c7cfeca2413e4ce57d333d12f5a74b1b819a59562eae4044c346

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

MD5 dffb7164984c0c892ad67aff97aab87d
SHA1 df94cce03775263525ecdf1a4f6a55adf2e0b6f8
SHA256 6103cd48521fd7b05920814ed60455f92b327e00330008ec4f161e9bf5135502
SHA512 bc8c4f3643e19b8e2ead7808a433f9b3a07b7c64409b9428ffd5ada52052516bd7eceb77f0d4de1340d0b08b4fb943aeb827667aac9935fc1aa559173daad97a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

MD5 384e5b959ce3e59e12f93605f61043c4
SHA1 bb26bbf602cc8abcde380f1e91587f15c6485317
SHA256 b76542269d00a0859d591ec572b0dd408b2f4c15f0dae9c23be7dccfdf54e18f
SHA512 ecda40def5bc359a1b8e0e4a033f5fa68f7262f2b36e2149b1efd472a88673e24b381d34489e5bcc899ead1b057763eb940f7c3430dc88cdfcd03f47a0992e2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

MD5 4b4432e5b52736bf811f0b99d2a4ad45
SHA1 e9dc0c4b936109902138cca51dc4307f7bac6730
SHA256 d730bda38b999e036ddf955dc244957b692c6fcf687977cbb7ebf6190d8c75cd
SHA512 2d2fd022ef17df8ff0842c7c718ab0a58ff14bc7f1a711e525252aa95960349fea2dc7c27f22a6dc88ff4066be41fafdf90af477febb76221c33efb7c1e5826e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

MD5 916657b1904462de4fd9ddda8acf9d97
SHA1 ee32edf403ae7732a39154d925f20b96f28f24ab
SHA256 6220d4d16f2dc838ae215035cb67b832fda74852f0b4e52195a2a29cde0f9977
SHA512 a4c1d241ecd7b64edec45f27963e35ea809f9f75d8ba9c0a7b5558f890fb7ee0305a8a827697fed58ff993804b3ece3e5e5a80b6b24ed3a38cd195f26c031a73

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

MD5 e8e1f8273c10625d8b5e1541f8cab8fd
SHA1 18d7a3b3362fc592407e5b174a8fb60a128ce544
SHA256 45870d39eb491375c12251d35194e916ace795b1a67e02841e1bbcb14f1a0e44
SHA512 ca77d40ec247d16bc50302f8b13c79b37ab1fcf81c1f8ab50f2fc5430d4fabc74f5845c781bd11bb55840184e6765c2f18b28af72e1f7800fe0bb0b1f3f23b24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000006

MD5 a4e164f6a15386763f5a9915b9b2abc8
SHA1 8d499d52070f47a4084008fcb8874fb148994d4d
SHA256 dad5ddc6868717a6c955e0c7627f0f93adca70d5d20733c1a98324269fa19f85
SHA512 9ae0dc6c7638553dc8b7c99f0f0b5671901409b50c0cd7666b556a08cb979b4334cee2b10bc826a3d7ce435a84536a0e81d2fbc79104e29588c5b506da97aa0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

MD5 1c74a5849a15838aa320557fecc82be9
SHA1 6e83263454331eda7a7a1e3c5b0511678855e66e
SHA256 dd9bc79150401d669af60bb137a8c5c548863ecc1db9b761ae0617edf301a75d
SHA512 b9a11f23833e54d1b77d08972aa4ed1c8da8df8a887d46c8427abe8cb9e3c0fe516d5344e98a5225bfcf5383a9095cc1df7107eb9642911ba214641ae8c6a23a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

MD5 229ea50691bbc6020bccd7d2e13ef989
SHA1 2f2b677310dc565d07dce3540aff681b4d950e5a
SHA256 f82a6a5842282615488327eba6c127c49259ce17d02b2e9f8c7af76c85338bb1
SHA512 b61d3a1445225946a1f2a8ef3878a322281fe5231a66b3d85a584f746c53e4b6ccedc72c598097b76e1fc7a043bffd65f761d65df87be1950d70d1efdbf752b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

MD5 66d010d21a179d7558ff4fc0aa5d57ee
SHA1 5ee00cb49437d46b685892f879469d3c34a38b5e
SHA256 5658f3a33a87d63081b5cfd2b085a2bc5127415b4e4ce5e66d6ee177fe89b2a9
SHA512 daea6bcd59991c786251b854079356b5acbd019a9fabfc41604ac37bf51877b56f246bf8884b06aed219299d12afa8fb939fa0d0e080ae8f6a055e458dd6fcd7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

MD5 b7be30cfe0fdef05107c5f853727c38a
SHA1 681bda0b4fb93d946d434be405901b3f5235aa7e
SHA256 e0d69b8d3424bce8116d589ee2106f49ff2142ad6c77d262a32ec29d22852279
SHA512 edaadbe1fdac7740a6cc1f35e883a5fa671a0ed6563c7c0856a36751aa087281296cfe031434624dbc8f205d040c144964082f9fa1541e42d334298bf477659a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

MD5 74cd735e815ce316c96381df1c9558fb
SHA1 42c1205403552c2d0d14bbf6b731b3e55c7e554e
SHA256 c4bb4c784a5eaf87e8cb16c5e342d63f327431d569f3783f75bb4ec07917ffa6
SHA512 cd714d1d2b9d661ce45a1ecc743a4fd49433ed13ebcdf0ec6f3cf5d6c1706ace23912905be8547a64299c4b992c09645f5b51fc3c104135a0194c544e104b2a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 73153af78c14abd6aeec40d3287b6c93
SHA1 fd498abd17b1ae421c75df0a0bacb5184e710b5b
SHA256 56a72deda95e782ccc2469ea07b283c3313dd117e7d8cc0489bd89080e0b4bd1
SHA512 7e01245ba1b773d26779039efdba0bd1893879bdf1c40b6ab4153ecff88753a25c4e5da23357794acdf391699ec6c675e48ca98ca4162c354edb6648c0edb263

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

MD5 53572681b8ab8e7af4c2dd7ef2268651
SHA1 b0749df30e300c9ae0c84a1fb49ba743ca87c681
SHA256 dde6c2a4ffd311e61affabfd8c2f0499c61da7774dd7b3d3514287e33abe11c0
SHA512 f5b950bb344b157d8b46188b48f108e192fce5f86c3e7bf40489b824318adb65b119427869e7f4578ac7dabb5c15be9e4d6ba43c39201bc1b9bb79613e592a6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

MD5 cf297c216655b824aa0ea9cdc775e13e
SHA1 3546b87631d445f812894c04bc47f70256ffe5e7
SHA256 3a5e24f327c72133ce336511102441888d4e3edb26af8193310748f43f8b80be
SHA512 e0cb2bd839107d36d7a6f806ca4df38081eef9b471d55d7f131af282458bff3397a5fc2b41f809a55843b611af3919c0cd377e82ad57bda7224751fbdbb47d0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 f75abac9a488d698c567ad6cbfdab2d4
SHA1 2b762a649c113c4beb38083595cb55ee767e4cad
SHA256 93bdb0334815f36120b628b18c81c2555d9443b76fa57ec8e5d9af50c1c2a2c9
SHA512 af45410a46a780a0f3953afdaf60bb5a96570c3cbe4eaaa0a25e7de177157d97f994f88eb1848c52ec68b7acf0b6bdf62f3054e62deddc1ac9db708ab056549c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 6903840587e3dc48affa04ad3b8ef5e4
SHA1 2a11102195915812a470466c4aaad560401418e6
SHA256 11ba18691262b972d54359b8a4b1f1debd518dd344ffdb0e4411487b4d2d9998
SHA512 12b12d9856cb2d4afb5f1eed657a4c30261470fd1028c5547875e548c0e2133bfb03df5095d3969a092f6a6a718967b0db820f45641702b9da919930c85aafe7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

MD5 1a9d0b061ef5942180d3bbc2e30b6522
SHA1 ea60f5a3802ada4e1e409768879a33cb2faf19d7
SHA256 993eff842ccf19db7c2070d6a97dcf65bff763095649178db8c26d6ce6df8198
SHA512 d619fa7d0013076a94e0bc6dab3adfb6caf3ad5ccb9d4a082e5456cca61bf5d935cccc2ab144b621c076d45768e9955099878556f674cb349232e8d4c9c0c9e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4545949cbc7e6ba1af01c2dbda83ccf1
SHA1 82bb0b8fede80393d55099f9f2977b369110592f
SHA256 c7423bbade5a23f87dcfd767421ff7f49b556702af2d195bc85b06ad3185f55a
SHA512 d4226b52d0581b4ee3d742adaaf81acd269bcdf0d14e9509fe1611769bc02ccbe4f499f50c44d088ae4d1bac7b63552df8871373c5e857bfc053bcea29fb6e06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 89c60ae5210733099d9490bff80842dc
SHA1 93199cee24afa71de591fc7c7fe8d5057c4f663e
SHA256 d6322c8b44a5470acbc348bc1d73b424aaf145f9d1cfa829ca596944b9a6682c
SHA512 8b510a134194a616f02239ce26285f139532b5575f922eaad1217612c10754e13ae6df60085eec4bfed99f700b22141d69e67bdbf6b40faea28efb6a5cff6115

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8edc6b3911fb5ff736f23472244b197e
SHA1 c7cd0934912e5c5490811ce9f8a99b1c63ee4dc5
SHA256 3fb8f0854b23a468a36dc016e9a0e794ef3bc4ca43fd97d65ef9c002d91048bb
SHA512 ee1627d9d4bd3e780ffad9b1da74228a2eb2573519ff440e6b759303182d183cba9f16840d1ae55842e4b259a97e1cd1b10b564583ca53c779811d59d54e9530

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e219cf9f55fe07ccb7ffd0edc70e42bc
SHA1 48aae09e4e1c82673bb92da19f763e9cf6a80c3d
SHA256 063c8dc64dcf9a99034b9d62020995bfe33ac981813ae11e4f6ca6bc9df31c7a
SHA512 09bafb6ae5d3628a3bd793be737150f5d506585748bf94dfe1ac74e4d060aded15bc08251587289370854b308920fd42dbf39e2b86e9cefacf8b620124efd62b