Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://www.youtube.com/channel/UCCmzcphyrH6Br5eNUnQR2mw/about/about was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-07-04 17:40
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-04 17:40
Reported
2024-07-04 17:43
Platform
win10v2004-20240508-en
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UCCmzcphyrH6Br5eNUnQR2mw/about/about
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffca1246f8,0x7fffca124708,0x7fffca124718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x40c 0x2ec
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2276,6021963353459455747,10813569894570792361,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5140 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 216.58.201.110:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.110:443 | consent.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.212.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 214.212.58.216.in-addr.arpa | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | rr4---sn-q4fzen7l.googlevideo.com | udp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 84.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | yt3.googleusercontent.com | udp |
| GB | 142.250.178.1:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | youtube.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 173.194.140.9:443 | rr4---sn-q4fzen7l.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 9.140.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.200.14:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | upload.advgroup.ru | udp |
| RU | 194.226.27.11:443 | upload.advgroup.ru | tcp |
| RU | 194.226.27.11:443 | upload.advgroup.ru | tcp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 23.200.147.41:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | netdna.bootstrapcdn.com | udp |
| US | 104.18.10.207:443 | netdna.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.27.226.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| RU | 194.226.27.11:443 | upload.advgroup.ru | tcp |
| US | 8.8.8.8:53 | 101.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 439b5e04ca18c7fb02cf406e6eb24167 |
| SHA1 | e0c5bb6216903934726e3570b7d63295b9d28987 |
| SHA256 | 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654 |
| SHA512 | d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2 |
\??\pipe\LOCAL\crashpad_2652_JXSTEITFNYRGHMWJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a8e767fd33edd97d306efb6905f93252 |
| SHA1 | a6f80ace2b57599f64b0ae3c7381f34e9456f9d3 |
| SHA256 | c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb |
| SHA512 | 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f57358ba5925f60a340bb1c4247eaf67 |
| SHA1 | 43bbc21024f615d3e2baee7035594b37ce0be3ba |
| SHA256 | be03ba5b71eb9a87bdc57193372518e4df2535ed96a0147223b98e721023f9c1 |
| SHA512 | ccae8779667f63ee0f06cb97a0ae31b5ad28ee0a22bc35d4d1f8f7e49e87083421759f93bbc2da593679c2949b0ac1d1a7f26d12a1a5c85bfce4b3dd32adb8b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a361d6a1b2114811c7333d3e77b7ef01 |
| SHA1 | 2cac879e5fdf49d848738476e9635e8cd713eace |
| SHA256 | 016f1cf683082bfbb9c42c36ff99887e39641e905823eed07acd4bd652c4ee06 |
| SHA512 | d25b24d1664f92f0018d23b17c8619886b9b9b132bdb99a4d364c69f05d1e8cead96c7106f1d4539162a5f058f84484b11559cff1ce080d0de16b4b2bb5862e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 921f24ffb78d9c2cba578e4a34d9bc0d |
| SHA1 | 5dd5f20a1067f3cd8812a4178f6b75775e7da198 |
| SHA256 | d9508f6dfc50c0ba2f938aaf1bc711a39f51710d4dec70b6269d7ff93f3fb4ef |
| SHA512 | 9df38664c6470d6541b3176139c22cec3cee1fd02ba2426857cb21fe2db1c7f9292ad64413e3756fbe316ff1173a7d8a1a2076695f63d0632e484fd9a26354bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9f276351aeb5830dd6b556d295a1eaf8 |
| SHA1 | d4bbcb9079bbc5cc89fbb5d8f00b22a0857632bb |
| SHA256 | 17649aaa9699f5fd55e86c4db2eefc6cc193852b878c3a7c4f7ffbbd887d0069 |
| SHA512 | cde744f3baa65df08208727a91f192b08b5cb15a29c4b5fb284034ede80fd660389da03cfc6607090902fb53781141945fc29802ca5d1b4d4151f9910980c3c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Platform Notifications\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e055699aa3f312f9468c98edc5eb4cef |
| SHA1 | ea173990bbcf9b9facae9dd34087380a3f2055c8 |
| SHA256 | 2805358be7f82e794fd9c503065aebc69ac90abb6d9a4178c049295251017d1e |
| SHA512 | 6393c1680e8f7195146ca38963c13238bf64fb72f48aac117173893ef85b644bb1d62684346fe86dd4c4c15cd26803de045c4b24f3f6249d4bfd4c4699bdf980 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bd9c93bfc51b35b636ced2414c2b1392 |
| SHA1 | 0dbdc2d2e19b67216367c8c8f08abc842e9814f2 |
| SHA256 | 2bc55981151331b4b1e58e6999303532a37a45591870a3ab21dfc2942e8ce793 |
| SHA512 | 8a41d8b387ad0f29a36aad907b0314b9b4de4a4698e6089d64f9fc424fdb84d40b20fc7c48f1ab9024e32fe6008eef2d2ba8bb8c130378757dc1c52c22daa265 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 694f9060d5e21fb7865523dc725727d1 |
| SHA1 | 93e7bc076d976263ce88f465079010a83fb061e7 |
| SHA256 | 5ef489eaf4f968f1536bd43c4b0372f927cd1f1a6e7027a609ad07e53142df79 |
| SHA512 | b47132ae24afe698d87ce0d4b501f812b4197dfd3d8c5184a9f0e444fa6d4e97b0b31993bf073788e01249cab736c09a54beb088cb4828c7aea83c3c8d33efc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57a865.TMP
| MD5 | 16740a5046cb49fb760864ad19468f0c |
| SHA1 | f93870b6a45cb7d4990e1bb9c4aabd7f76ed47b2 |
| SHA256 | 860c55a3935de8381e97c2bd54bb1265d0dad96cd796c9ec7276fa86c307380a |
| SHA512 | 49527aefe09568cd3ebfc855c3dea3dbbf31139a2aaa08eb32974c7af5109943232b69e30cb0cf0268489f812c685c7f8df40454e8997b1a200cc8a0a38fd349 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b1bbef97d4bf224b2959d19e3d907ab5 |
| SHA1 | 2179ed288ccf644b4301573287cc3bc6c5093459 |
| SHA256 | fd4089ea7e1f710c5f9b23ebfd19fbc21710aeb0fb335ab474aa984cb53108c1 |
| SHA512 | 213443839ffb55be7bf9a8e94ecc0a1e64aa040dcf846a10224d0fe5416fadd6e56f053f2c57de58e4da35ee71dc720d5b84a9424cd60c71498b4d47ae854156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57cb2f.TMP
| MD5 | f3dd8718bb3d46460d7baf16723da223 |
| SHA1 | 96a64478899f2cb0b846da40e70ff6c44af92bc6 |
| SHA256 | 93a6ab42c264cf4bf7af5f933ecbfe7ec80cdadd3d7548f63802796ceeb77210 |
| SHA512 | b043cf7b7e961fff679d9584211492ebfa3c66cece57de3a8abb33f115280bd30b6ee5ad60d20b9192dea1c7ae3b0a014069b84dfdae9767127bd0174231f021 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\304afd7c-5609-4437-bb57-d32753f52930\index-dir\the-real-index
| MD5 | 84c526349a31feee171f4cea61a81c3a |
| SHA1 | efe2a48d0aa6cd50ec50bfb44391e79eb7cff0ec |
| SHA256 | cf219fcd05bd2630a8eb6d2ae3fa145e6a625b56d235565b21fae5111ad81d97 |
| SHA512 | b3922b3b455b322ef9dd4ba4cc881aaa98f7532853a367ca66c1afc4d2deab59ab722ad907e201163d5c28d075fa4a7e301e6c028123d78945fb4e83d01b04b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\304afd7c-5609-4437-bb57-d32753f52930\index-dir\the-real-index~RFe57d1e6.TMP
| MD5 | e2e6000572b1ec57ef5b7eb5549ed640 |
| SHA1 | c644a53cc734e2e79b299c3ab85138a482afaf62 |
| SHA256 | 873e8ba548f14ebf71427ba96157f0ec0111778711f12ccdcfe7449457bc38b5 |
| SHA512 | aa078253d653d25c8dd5da54488cff0c9515865f3b6fa8968472214f5ff415675ecc26f27832d5d4ab86602d749593081e4702e459885e87c60070b2f4946137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a646555a677c81587d84dfe9a296b090 |
| SHA1 | f42d99ec6ea3d411841e06df3d9e3ad520d33d71 |
| SHA256 | 2cd185361506a63be97cf8d952128f16937b9a86d726e42bda032d59c37f52ed |
| SHA512 | 6e21586cd56dfd95d26a86035272c05fb294efdbb5da43a7aaaf3d020d002979d9b03e6c42a305807028ab516ed6e17fa595a72854a956c0b2834f6eb5fea372 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a05ed6b9e04f44d97492e79029d0c125 |
| SHA1 | 8fcf3997975b6ea2b4e3dbdb1b2c117a1af2e393 |
| SHA256 | 79aff80a9d81ad332ab96d4bb1f91710f60b3ff56a757e5b14252e72508bda4e |
| SHA512 | c52e248e4b4aa1557a6c1c142c92c6c7c199eb9c1804098a9010c7b1e63309de201cf74b653cbee81515329c0de3df66c0f52fa5dcdc3f63eab3e1734c345e36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2f759853391a3343f71b969e2f948544 |
| SHA1 | 2ab685f9a74572a951aa1315032c9c93ae777eb8 |
| SHA256 | 453d2bf6d7cd161206eea5b6f114a796632ceadfe8c7cfa184d638de4445f971 |
| SHA512 | df6d0f03f66590d0582fcff9b0d3137ec6b0a85c88f03b7006ab48837cc8110bf81a8deca5f6ae26ef2e6789ba620c72e5fe1a224a0998cd4b93bf8195ae086e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c45ec6dc0b3a963d86e1962a588c1da |
| SHA1 | 45a65d303bcd6dae99fe561cad7011dbce781880 |
| SHA256 | 27f681df59fa743c58dd77d96374fbde8044c911bf1d106c54325d5c603b8149 |
| SHA512 | 618983a07d1c58574090f61184ff57bc49d5356ff1c8a641e65eeb563066f077a35279210c873f7c75583fbd782e745f0a3ebf326f491359f09493f7dbc00520 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4fb2f0c8f9bdf5d8438bd9ee2dcca85f |
| SHA1 | 4123ca769115729407d11471b7cd266d431ae983 |
| SHA256 | ab8ef35d8d5fc3e8d5ed1a61ae05602322cb72317a6119b10acfcc90c83e68c5 |
| SHA512 | b56fb172d3a49590377bd3a8a11461615ef3d294d32b8bf13671f9b557274bca801e8e83e760bf13cdf43650d6ba59c4b5ea14ca68b16c036a8ba30741eda7ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c61daff3491a662a472d3e21c0185cf6 |
| SHA1 | b7db4138f6ef865b99b0abf22d7d661fe7adcc24 |
| SHA256 | 76e650d32ca4c45cb7ceffd41feb36d5bbe96c02aaaf6b33e0880f41558babb9 |
| SHA512 | 1980238be184fcc582bcfad5b2a82fd0c69affd7a1270ab0ebbba342ae298fbea47c3688c0360f4a8349ea7ca1301248edd1cea722ac73cf68b259ee5a0d4d04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f0fe1d94149fc6b391f299f484658de1 |
| SHA1 | a6f74d807165a8f52908f8706d0e2ff271e65e4e |
| SHA256 | fc0ee308ea4c1200f0c90563c52b479f5949e6eac380ea4bbe6e9a8192538530 |
| SHA512 | 995a51bb77f74d358b9c738faed50c2055d3b8183be000ebe087dc38a3b89e4dce6d11c2031c47a65c34cafee11145b095a2383a69778b700bd494a480fd104a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 275f66c65fc57e53f7bbdfdfb5d508c6 |
| SHA1 | e6104e9e27a804febfcffc918feea13c64cd535c |
| SHA256 | e933f889eb30b64f2a91f1f20d1bd64210ce151cd920f56ed9c7a3e95691b9c1 |
| SHA512 | 693c4e044e8bcdcd13a05b85fc0e39c108a5a9fa5fb695b426555ba686ec776aec1d06d513766d0e8900bd1d2473e004da52e64859a22555e215baa21d72d990 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 425ec263c394e9931df05e534775d349 |
| SHA1 | a23581cd6fc5549aee77a0c49aef4024cee79528 |
| SHA256 | 14de07e1ea7874a05249cbdc107220d2c725a6e108147105fb16a0c9e014511d |
| SHA512 | fc4adf11ab23c5e6c2c8c13b0cab9ce334d39bb6ce208d397486e19f861ca7e003fb4508333742573b739c82389954e416084c9cc11e24a72a7c6ff79a6c6923 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8e510254e6d2994a2406735a916ddc41 |
| SHA1 | c524b6c6542023d2c01c6676a3507825e69becd0 |
| SHA256 | 284f50a207ff1b8d4705131025ad58f856ddc6574782ca3de257d9903d0ae7a7 |
| SHA512 | 1d019670ca665b70edfc055893ea8084044429b78c937abd4bb4710e02f7b4e1359e5a4c7fe5b562090b46e94636163839411f6029d6a60653459b4eb6e0bf6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 78e6191c4cab1e1a614a37db77091347 |
| SHA1 | e200efbfc0b390e13e7642e05b5ee87c0abdbe34 |
| SHA256 | 8e469839c51afe176b0d329a63a97f4018b05bae24e846a85d4e8f76040929ca |
| SHA512 | aeee5a6277bee0fa6e01532fd29019c7d4d760c864c37c8168a6d8a50eb4214f26dfc7e24b24ae5bc9da30b7cb9fd9147d0d9b5e7c5c74d4fd93cb8fe15765fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0d4ca851536b6966dabbda19a5f88b39 |
| SHA1 | e9099e95e57adbdc4a318f92ae54de7a1d30beb9 |
| SHA256 | 39ed9f0b9574ded109c2ef9b869477b0ffbcd223aa9a0cc0e2af8027fec8eab7 |
| SHA512 | dc21c57c77185fab2353bb3483da97be4c443f14ed7fbf478a487f1a0acf3722c99330ae2997500cd4097bf9d3d7cedb3c5640333cd77f28861efd3bd30c00f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9368b73852f72612177082a7d044d778 |
| SHA1 | 464a269636333fc036d80e566ee7ce044cb89e3c |
| SHA256 | 7e8155de266b7ae5c70671f53239ccf0e170f16fc3703602772f992e1aa3e6ab |
| SHA512 | 1100c37d9ce325fd9f1ad3c917adcf2f4306c228f544dade5efbe052549f9c5701817eceec33398d134a2672d578f550de8b9ea48dab85a20cab20dc00f5ffc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | beee4743def244b6fdb0d4a3ad2d3fc4 |
| SHA1 | 016e0cc08d7431a34fbbb42a2dfbf04b95ecefef |
| SHA256 | 846b15900698dc028bc6d314ab8cdd3396a883d2055fb70c7f9e3e19030af29f |
| SHA512 | c701919fcfe6fa7f0408fa63d94eba11c3a335e4d1a7312c4e77e936cbe7fc310e3c577d1688c14c18b79c7cb27a3a638018be2f5979225676c33fe2efc0a05f |