Resubmissions

07-07-2024 17:45

240707-wb1phsyblg 1

04-07-2024 17:45

240704-wbwessshle 10

04-07-2024 17:44

240704-wbhtpsshjh 1

04-07-2024 17:43

240704-wavf4ssgra 1

04-07-2024 17:40

240704-v85jas1akr 1

04-07-2024 17:39

240704-v7854asfre 1

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2024 17:40

General

  • Target

    https://www.youtube.com/channel/UCCmzcphyrH6Br5eNUnQR2mw/about/about

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UCCmzcphyrH6Br5eNUnQR2mw/about/about
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffca1246f8,0x7fffca124708,0x7fffca124718
      2⤵
        PID:4780
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
        2⤵
          PID:348
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:752
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
          2⤵
            PID:388
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
            2⤵
              PID:1952
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
              2⤵
                PID:3948
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
                2⤵
                  PID:3692
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
                  2⤵
                    PID:1244
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:1872
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
                    2⤵
                      PID:436
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
                      2⤵
                        PID:2436
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3436 /prefetch:8
                        2⤵
                          PID:3396
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
                          2⤵
                            PID:2924
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
                            2⤵
                              PID:3112
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
                              2⤵
                                PID:2412
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
                                2⤵
                                  PID:1620
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                                  2⤵
                                    PID:4652
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5976 /prefetch:8
                                    2⤵
                                      PID:2736
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
                                      2⤵
                                        PID:4064
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
                                        2⤵
                                          PID:2576
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
                                          2⤵
                                            PID:4132
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5140 /prefetch:2
                                            2⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:3400
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:1832
                                          • C:\Windows\System32\CompPkgSrv.exe
                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                            1⤵
                                              PID:3404
                                            • C:\Windows\system32\AUDIODG.EXE
                                              C:\Windows\system32\AUDIODG.EXE 0x40c 0x2ec
                                              1⤵
                                              • Suspicious use of AdjustPrivilegeToken
                                              PID:4976
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:4520

                                              Network

                                              MITRE ATT&CK Enterprise v15

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                Filesize

                                                152B

                                                MD5

                                                a8e767fd33edd97d306efb6905f93252

                                                SHA1

                                                a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

                                                SHA256

                                                c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

                                                SHA512

                                                07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                Filesize

                                                152B

                                                MD5

                                                439b5e04ca18c7fb02cf406e6eb24167

                                                SHA1

                                                e0c5bb6216903934726e3570b7d63295b9d28987

                                                SHA256

                                                247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

                                                SHA512

                                                d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                936B

                                                MD5

                                                f0fe1d94149fc6b391f299f484658de1

                                                SHA1

                                                a6f74d807165a8f52908f8706d0e2ff271e65e4e

                                                SHA256

                                                fc0ee308ea4c1200f0c90563c52b479f5949e6eac380ea4bbe6e9a8192538530

                                                SHA512

                                                995a51bb77f74d358b9c738faed50c2055d3b8183be000ebe087dc38a3b89e4dce6d11c2031c47a65c34cafee11145b095a2383a69778b700bd494a480fd104a

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                425ec263c394e9931df05e534775d349

                                                SHA1

                                                a23581cd6fc5549aee77a0c49aef4024cee79528

                                                SHA256

                                                14de07e1ea7874a05249cbdc107220d2c725a6e108147105fb16a0c9e014511d

                                                SHA512

                                                fc4adf11ab23c5e6c2c8c13b0cab9ce334d39bb6ce208d397486e19f861ca7e003fb4508333742573b739c82389954e416084c9cc11e24a72a7c6ff79a6c6923

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                beee4743def244b6fdb0d4a3ad2d3fc4

                                                SHA1

                                                016e0cc08d7431a34fbbb42a2dfbf04b95ecefef

                                                SHA256

                                                846b15900698dc028bc6d314ab8cdd3396a883d2055fb70c7f9e3e19030af29f

                                                SHA512

                                                c701919fcfe6fa7f0408fa63d94eba11c3a335e4d1a7312c4e77e936cbe7fc310e3c577d1688c14c18b79c7cb27a3a638018be2f5979225676c33fe2efc0a05f

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001

                                                Filesize

                                                41B

                                                MD5

                                                5af87dfd673ba2115e2fcf5cfdb727ab

                                                SHA1

                                                d5b5bbf396dc291274584ef71f444f420b6056f1

                                                SHA256

                                                f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                SHA512

                                                de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                Filesize

                                                5KB

                                                MD5

                                                f57358ba5925f60a340bb1c4247eaf67

                                                SHA1

                                                43bbc21024f615d3e2baee7035594b37ce0be3ba

                                                SHA256

                                                be03ba5b71eb9a87bdc57193372518e4df2535ed96a0147223b98e721023f9c1

                                                SHA512

                                                ccae8779667f63ee0f06cb97a0ae31b5ad28ee0a22bc35d4d1f8f7e49e87083421759f93bbc2da593679c2949b0ac1d1a7f26d12a1a5c85bfce4b3dd32adb8b6

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                bd9c93bfc51b35b636ced2414c2b1392

                                                SHA1

                                                0dbdc2d2e19b67216367c8c8f08abc842e9814f2

                                                SHA256

                                                2bc55981151331b4b1e58e6999303532a37a45591870a3ab21dfc2942e8ce793

                                                SHA512

                                                8a41d8b387ad0f29a36aad907b0314b9b4de4a4698e6089d64f9fc424fdb84d40b20fc7c48f1ab9024e32fe6008eef2d2ba8bb8c130378757dc1c52c22daa265

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                Filesize

                                                7KB

                                                MD5

                                                2f759853391a3343f71b969e2f948544

                                                SHA1

                                                2ab685f9a74572a951aa1315032c9c93ae777eb8

                                                SHA256

                                                453d2bf6d7cd161206eea5b6f114a796632ceadfe8c7cfa184d638de4445f971

                                                SHA512

                                                df6d0f03f66590d0582fcff9b0d3137ec6b0a85c88f03b7006ab48837cc8110bf81a8deca5f6ae26ef2e6789ba620c72e5fe1a224a0998cd4b93bf8195ae086e

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                Filesize

                                                7KB

                                                MD5

                                                4fb2f0c8f9bdf5d8438bd9ee2dcca85f

                                                SHA1

                                                4123ca769115729407d11471b7cd266d431ae983

                                                SHA256

                                                ab8ef35d8d5fc3e8d5ed1a61ae05602322cb72317a6119b10acfcc90c83e68c5

                                                SHA512

                                                b56fb172d3a49590377bd3a8a11461615ef3d294d32b8bf13671f9b557274bca801e8e83e760bf13cdf43650d6ba59c4b5ea14ca68b16c036a8ba30741eda7ba

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\304afd7c-5609-4437-bb57-d32753f52930\index-dir\the-real-index

                                                Filesize

                                                2KB

                                                MD5

                                                84c526349a31feee171f4cea61a81c3a

                                                SHA1

                                                efe2a48d0aa6cd50ec50bfb44391e79eb7cff0ec

                                                SHA256

                                                cf219fcd05bd2630a8eb6d2ae3fa145e6a625b56d235565b21fae5111ad81d97

                                                SHA512

                                                b3922b3b455b322ef9dd4ba4cc881aaa98f7532853a367ca66c1afc4d2deab59ab722ad907e201163d5c28d075fa4a7e301e6c028123d78945fb4e83d01b04b7

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\304afd7c-5609-4437-bb57-d32753f52930\index-dir\the-real-index~RFe57d1e6.TMP

                                                Filesize

                                                48B

                                                MD5

                                                e2e6000572b1ec57ef5b7eb5549ed640

                                                SHA1

                                                c644a53cc734e2e79b299c3ab85138a482afaf62

                                                SHA256

                                                873e8ba548f14ebf71427ba96157f0ec0111778711f12ccdcfe7449457bc38b5

                                                SHA512

                                                aa078253d653d25c8dd5da54488cff0c9515865f3b6fa8968472214f5ff415675ecc26f27832d5d4ab86602d749593081e4702e459885e87c60070b2f4946137

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                Filesize

                                                89B

                                                MD5

                                                921f24ffb78d9c2cba578e4a34d9bc0d

                                                SHA1

                                                5dd5f20a1067f3cd8812a4178f6b75775e7da198

                                                SHA256

                                                d9508f6dfc50c0ba2f938aaf1bc711a39f51710d4dec70b6269d7ff93f3fb4ef

                                                SHA512

                                                9df38664c6470d6541b3176139c22cec3cee1fd02ba2426857cb21fe2db1c7f9292ad64413e3756fbe316ff1173a7d8a1a2076695f63d0632e484fd9a26354bb

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                Filesize

                                                146B

                                                MD5

                                                a361d6a1b2114811c7333d3e77b7ef01

                                                SHA1

                                                2cac879e5fdf49d848738476e9635e8cd713eace

                                                SHA256

                                                016f1cf683082bfbb9c42c36ff99887e39641e905823eed07acd4bd652c4ee06

                                                SHA512

                                                d25b24d1664f92f0018d23b17c8619886b9b9b132bdb99a4d364c69f05d1e8cead96c7106f1d4539162a5f058f84484b11559cff1ce080d0de16b4b2bb5862e5

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                Filesize

                                                82B

                                                MD5

                                                9f276351aeb5830dd6b556d295a1eaf8

                                                SHA1

                                                d4bbcb9079bbc5cc89fbb5d8f00b22a0857632bb

                                                SHA256

                                                17649aaa9699f5fd55e86c4db2eefc6cc193852b878c3a7c4f7ffbbd887d0069

                                                SHA512

                                                cde744f3baa65df08208727a91f192b08b5cb15a29c4b5fb284034ede80fd660389da03cfc6607090902fb53781141945fc29802ca5d1b4d4151f9910980c3c6

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                Filesize

                                                84B

                                                MD5

                                                a646555a677c81587d84dfe9a296b090

                                                SHA1

                                                f42d99ec6ea3d411841e06df3d9e3ad520d33d71

                                                SHA256

                                                2cd185361506a63be97cf8d952128f16937b9a86d726e42bda032d59c37f52ed

                                                SHA512

                                                6e21586cd56dfd95d26a86035272c05fb294efdbb5da43a7aaaf3d020d002979d9b03e6c42a305807028ab516ed6e17fa595a72854a956c0b2834f6eb5fea372

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                Filesize

                                                72B

                                                MD5

                                                b1bbef97d4bf224b2959d19e3d907ab5

                                                SHA1

                                                2179ed288ccf644b4301573287cc3bc6c5093459

                                                SHA256

                                                fd4089ea7e1f710c5f9b23ebfd19fbc21710aeb0fb335ab474aa984cb53108c1

                                                SHA512

                                                213443839ffb55be7bf9a8e94ecc0a1e64aa040dcf846a10224d0fe5416fadd6e56f053f2c57de58e4da35ee71dc720d5b84a9424cd60c71498b4d47ae854156

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57cb2f.TMP

                                                Filesize

                                                48B

                                                MD5

                                                f3dd8718bb3d46460d7baf16723da223

                                                SHA1

                                                96a64478899f2cb0b846da40e70ff6c44af92bc6

                                                SHA256

                                                93a6ab42c264cf4bf7af5f933ecbfe7ec80cdadd3d7548f63802796ceeb77210

                                                SHA512

                                                b043cf7b7e961fff679d9584211492ebfa3c66cece57de3a8abb33f115280bd30b6ee5ad60d20b9192dea1c7ae3b0a014069b84dfdae9767127bd0174231f021

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                275f66c65fc57e53f7bbdfdfb5d508c6

                                                SHA1

                                                e6104e9e27a804febfcffc918feea13c64cd535c

                                                SHA256

                                                e933f889eb30b64f2a91f1f20d1bd64210ce151cd920f56ed9c7a3e95691b9c1

                                                SHA512

                                                693c4e044e8bcdcd13a05b85fc0e39c108a5a9fa5fb695b426555ba686ec776aec1d06d513766d0e8900bd1d2473e004da52e64859a22555e215baa21d72d990

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                8e510254e6d2994a2406735a916ddc41

                                                SHA1

                                                c524b6c6542023d2c01c6676a3507825e69becd0

                                                SHA256

                                                284f50a207ff1b8d4705131025ad58f856ddc6574782ca3de257d9903d0ae7a7

                                                SHA512

                                                1d019670ca665b70edfc055893ea8084044429b78c937abd4bb4710e02f7b4e1359e5a4c7fe5b562090b46e94636163839411f6029d6a60653459b4eb6e0bf6d

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                9368b73852f72612177082a7d044d778

                                                SHA1

                                                464a269636333fc036d80e566ee7ce044cb89e3c

                                                SHA256

                                                7e8155de266b7ae5c70671f53239ccf0e170f16fc3703602772f992e1aa3e6ab

                                                SHA512

                                                1100c37d9ce325fd9f1ad3c917adcf2f4306c228f544dade5efbe052549f9c5701817eceec33398d134a2672d578f550de8b9ea48dab85a20cab20dc00f5ffc3

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                0d4ca851536b6966dabbda19a5f88b39

                                                SHA1

                                                e9099e95e57adbdc4a318f92ae54de7a1d30beb9

                                                SHA256

                                                39ed9f0b9574ded109c2ef9b869477b0ffbcd223aa9a0cc0e2af8027fec8eab7

                                                SHA512

                                                dc21c57c77185fab2353bb3483da97be4c443f14ed7fbf478a487f1a0acf3722c99330ae2997500cd4097bf9d3d7cedb3c5640333cd77f28861efd3bd30c00f9

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                706B

                                                MD5

                                                694f9060d5e21fb7865523dc725727d1

                                                SHA1

                                                93e7bc076d976263ce88f465079010a83fb061e7

                                                SHA256

                                                5ef489eaf4f968f1536bd43c4b0372f927cd1f1a6e7027a609ad07e53142df79

                                                SHA512

                                                b47132ae24afe698d87ce0d4b501f812b4197dfd3d8c5184a9f0e444fa6d4e97b0b31993bf073788e01249cab736c09a54beb088cb4828c7aea83c3c8d33efc2

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                1c45ec6dc0b3a963d86e1962a588c1da

                                                SHA1

                                                45a65d303bcd6dae99fe561cad7011dbce781880

                                                SHA256

                                                27f681df59fa743c58dd77d96374fbde8044c911bf1d106c54325d5c603b8149

                                                SHA512

                                                618983a07d1c58574090f61184ff57bc49d5356ff1c8a641e65eeb563066f077a35279210c873f7c75583fbd782e745f0a3ebf326f491359f09493f7dbc00520

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                c61daff3491a662a472d3e21c0185cf6

                                                SHA1

                                                b7db4138f6ef865b99b0abf22d7d661fe7adcc24

                                                SHA256

                                                76e650d32ca4c45cb7ceffd41feb36d5bbe96c02aaaf6b33e0880f41558babb9

                                                SHA512

                                                1980238be184fcc582bcfad5b2a82fd0c69affd7a1270ab0ebbba342ae298fbea47c3688c0360f4a8349ea7ca1301248edd1cea722ac73cf68b259ee5a0d4d04

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                Filesize

                                                1KB

                                                MD5

                                                a05ed6b9e04f44d97492e79029d0c125

                                                SHA1

                                                8fcf3997975b6ea2b4e3dbdb1b2c117a1af2e393

                                                SHA256

                                                79aff80a9d81ad332ab96d4bb1f91710f60b3ff56a757e5b14252e72508bda4e

                                                SHA512

                                                c52e248e4b4aa1557a6c1c142c92c6c7c199eb9c1804098a9010c7b1e63309de201cf74b653cbee81515329c0de3df66c0f52fa5dcdc3f63eab3e1734c345e36

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a865.TMP

                                                Filesize

                                                706B

                                                MD5

                                                16740a5046cb49fb760864ad19468f0c

                                                SHA1

                                                f93870b6a45cb7d4990e1bb9c4aabd7f76ed47b2

                                                SHA256

                                                860c55a3935de8381e97c2bd54bb1265d0dad96cd796c9ec7276fa86c307380a

                                                SHA512

                                                49527aefe09568cd3ebfc855c3dea3dbbf31139a2aaa08eb32974c7af5109943232b69e30cb0cf0268489f812c685c7f8df40454e8997b1a200cc8a0a38fd349

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                Filesize

                                                16B

                                                MD5

                                                46295cac801e5d4857d09837238a6394

                                                SHA1

                                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                SHA256

                                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                SHA512

                                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                Filesize

                                                16B

                                                MD5

                                                206702161f94c5cd39fadd03f4014d98

                                                SHA1

                                                bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                SHA256

                                                1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                SHA512

                                                0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                Filesize

                                                11KB

                                                MD5

                                                78e6191c4cab1e1a614a37db77091347

                                                SHA1

                                                e200efbfc0b390e13e7642e05b5ee87c0abdbe34

                                                SHA256

                                                8e469839c51afe176b0d329a63a97f4018b05bae24e846a85d4e8f76040929ca

                                                SHA512

                                                aeee5a6277bee0fa6e01532fd29019c7d4d760c864c37c8168a6d8a50eb4214f26dfc7e24b24ae5bc9da30b7cb9fd9147d0d9b5e7c5c74d4fd93cb8fe15765fd

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                Filesize

                                                10KB

                                                MD5

                                                e055699aa3f312f9468c98edc5eb4cef

                                                SHA1

                                                ea173990bbcf9b9facae9dd34087380a3f2055c8

                                                SHA256

                                                2805358be7f82e794fd9c503065aebc69ac90abb6d9a4178c049295251017d1e

                                                SHA512

                                                6393c1680e8f7195146ca38963c13238bf64fb72f48aac117173893ef85b644bb1d62684346fe86dd4c4c15cd26803de045c4b24f3f6249d4bfd4c4699bdf980

                                              • \??\pipe\LOCAL\crashpad_2652_JXSTEITFNYRGHMWJ

                                                MD5

                                                d41d8cd98f00b204e9800998ecf8427e

                                                SHA1

                                                da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                SHA256

                                                e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                SHA512

                                                cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e