Analysis

  • max time kernel
    1680s
  • max time network
    1758s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-07-2024 00:46

General

  • Target

    https://grabify.link/K2VN2B

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://grabify.link/K2VN2B
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4628
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9225246f8,0x7ff922524708,0x7ff922524718
      2⤵
        PID:1052
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
        2⤵
          PID:1080
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:928
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
          2⤵
            PID:1612
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
            2⤵
              PID:3992
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
              2⤵
                PID:1880
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
                2⤵
                  PID:4532
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4644 /prefetch:1
                  2⤵
                    PID:2792
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 /prefetch:8
                    2⤵
                      PID:4668
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
                      2⤵
                        PID:4168
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:2276
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
                        2⤵
                          PID:3668
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                          2⤵
                            PID:2736
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
                            2⤵
                              PID:3260
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
                              2⤵
                                PID:4464
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,7348125900844011610,11900450384302127720,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:3780
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:4100
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2956
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:1824
                                  • C:\Windows\system32\AUDIODG.EXE
                                    C:\Windows\system32\AUDIODG.EXE 0x4c8 0x2f8
                                    1⤵
                                    • Suspicious use of AdjustPrivilegeToken
                                    PID:1708

                                  Network

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    8dc45b70cbe29a357e2c376a0c2b751b

                                    SHA1

                                    25d623cea817f86b8427db53b82340410c1489b2

                                    SHA256

                                    511cfb6bedbad2530b5cc5538b6ec2184fc4f85947ba4c8166d0bb9f5fe2703a

                                    SHA512

                                    3ce0f52675feb16d6e62aae1c50767da178b93bdae28bacf6df3a2f72b8cc75b09c5092d9065e0872e5d09fd9ffe0c6931d6ae1943ddb1927b85d60659ef866e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    1790c766c15938258a4f9b984cf68312

                                    SHA1

                                    15c9827d278d28b23a8ea0389d42fa87e404359f

                                    SHA256

                                    2e3978bb58c701f3c6b05de9349b7334a194591bec7bcf73f53527dc0991dc63

                                    SHA512

                                    2682d9c60c9d67608cf140b6ca4958d890bcbc3c8a8e95fcc639d2a11bb0ec348ca55ae99a5840e1f50e5c5bcf3e27c97fc877582d869d98cc4ea3448315aafb

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    456B

                                    MD5

                                    01a1558d4a7e724a1ee1177ffb1424a8

                                    SHA1

                                    13163e4e897449ab14326c9a728dc637466603b0

                                    SHA256

                                    11a134ba47aba3bb9169825fa6f4d1e9950a2e04ad9ff6cb250dd24884b7809b

                                    SHA512

                                    7c716e900d576ab1a660355e07e1cec147bea2d910a43d03c44899172777309366197ceb328329c69813105c101bd43af413fefece4090b1c0362a035d84856b

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    2KB

                                    MD5

                                    4b188e57ca70d0193d4246b40e761b09

                                    SHA1

                                    e3c784a9e3af066efd3e7f6163fb98374cdebec2

                                    SHA256

                                    ee8a459d7fbe4e39d2302641434cfc9a7d045bed0b278538facdd2e103996c97

                                    SHA512

                                    7def568d4fdeace7623d66c929ee69c7c4b3c4fdf99b02b7cd79586386ce7f23a554bf2b5358ad576d4ed69eaec4d9e046a8e8065c60294c29a977c2061c8d2b

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    2KB

                                    MD5

                                    11c1febfa2f546bf32979ec8150e5a21

                                    SHA1

                                    fa230b9ec3cf0a4db15098b4324f3105bae9b3fb

                                    SHA256

                                    c89a2c988a0e4e52c7303eb777b96bfd2516b45b086f0ef2cbb525e09b675c87

                                    SHA512

                                    a4a08f0c41df621602fd00296dfb490318101dd51ad6e0be17be4b84f6b7db3c23f609be6f264a771c7967ce72b5fb7f4220ad741844ce97fe91576d6be97d6c

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    2KB

                                    MD5

                                    5dfea563257d6f1032abec17ec8c8d45

                                    SHA1

                                    d8f71aa914ed446cd8ec6474e0554c4593ad9722

                                    SHA256

                                    698d5dc277133ee1a1d6577103bdcfa73792cd44645b9407104701848938b77c

                                    SHA512

                                    5015c120733394fbaa5ccfac24b7f3636fcab013827377a9931e8268ebd0f6724ec498463e77853ec1a354857b4f138625c981d60e751de34425491c8560cd8e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    2KB

                                    MD5

                                    74890ceaa7d8282d399709be37104b0f

                                    SHA1

                                    ab2bedafcf505b3d9275128de14697f8a8fa2c74

                                    SHA256

                                    3206ca6287e7c9376fef27c597a93a34f843e92e8a00aa2528ba9ab764195dc1

                                    SHA512

                                    96c51a86567694dc16d7157d3cb9cce228d5ec0bc10ff6bc5600ac873db938006d2ffb86e9c9aa3baaaf110811f97c9a35d233a275283ed37901324609673e2d

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    2KB

                                    MD5

                                    15afcf3f57dd17ef0372047475a6c379

                                    SHA1

                                    174d2cd904b1f5c9a6afa99913985c5a3afc117e

                                    SHA256

                                    3ce98b7d46a08cae356a715b51850b1ae275004433a01270a912eda5cdaa2c45

                                    SHA512

                                    db5c15281facd65f1bfed76925c1b1621c82df10768ed6612a5a5cf2c48c75d8bf04332581fcdfbe88f4486c7da00ce751aef9acd5e02258b275f6141d4e3fd0

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    5KB

                                    MD5

                                    3b86c3f9a3728d7a7612f4af70d2459a

                                    SHA1

                                    51d1aa77055d91bb208f8f2a7f49ea36aa5461a9

                                    SHA256

                                    0bd51247c32d5fb7122b504d83df13c4d4458535aafa1efa258d3597e1507bc1

                                    SHA512

                                    29e8115de508d3719cf29ca5b4e3cfae2aa2a6832552abc5b081790a25cba897c2c7b8bbe588d752e05e546cc0e10d3d8ecaa962de2f7f08b735f960a192ea80

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    19c82292297bd7e5e0638aff8c89bc5d

                                    SHA1

                                    e555c8e4be7471923dfe9978407a25415e0b68cb

                                    SHA256

                                    a6bd53b0a809c3facd435f78aa4fd99a1ffac202e71dc022d2b7e35a140f155c

                                    SHA512

                                    aa7374af333dad03fb62aef9106d9a10968b833a1f3e59cbf24e93e73655fd9264b02829a6bf611c28d7fa0de4d266e4837c14a34d4d2bd92cd859116af611df

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\00a8a950-b896-4008-b9f9-b983d1d1cb77\index-dir\the-real-index

                                    Filesize

                                    2KB

                                    MD5

                                    8b331a1b7a96da614ce16fbd117d131f

                                    SHA1

                                    1ab4befac01e8c52fc6834c40b399d59f8d61ceb

                                    SHA256

                                    3b9400fa4c92e15f18245eb8745c5c85c02545e088ed1921a14b25c7c7335b2a

                                    SHA512

                                    067a3e9910c1660c76fdacb097cb3b0cb3fd2a1b3ba3df22916cdc571e40bff775669acd2be9aaad39fbbbf3ff1137b7a8ba3153991989699ad49947dd6962aa

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\00a8a950-b896-4008-b9f9-b983d1d1cb77\index-dir\the-real-index~RFe580114.TMP

                                    Filesize

                                    48B

                                    MD5

                                    1a2f24a6eff07c5c67d8dd8fbcb1c9de

                                    SHA1

                                    eb5bb1136dffadab11f0b775ea394a808857edb1

                                    SHA256

                                    6fb03f94c6e52b0d090fba4531479114356e8b1c8c2ce09caaf5ab65daa40f6b

                                    SHA512

                                    2f67cb81cae39e621b5bebaa76bfcf0a0784cf8ee09d3c53fbdad5715b211349ee71e48103b79874e2477766a8152856c5a11e92fcb6e60d337cfa4f95109ca0

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    146B

                                    MD5

                                    e9bb54100cceb2959237bb1e4c1b94cb

                                    SHA1

                                    d7b3fd612dde22472582775b8c2315a36e267a0a

                                    SHA256

                                    e42daa448d431a4444f7fc52cfe8e682dfbba600b1bf980eda387880daabdcb5

                                    SHA512

                                    6b65213c550b89de64c03e265dd11bcb93d2c407a34aebfea8eb4cc63c287477a2c0aefc4a3aa3f40d49ff6e5288128fe0a544ebdec0e3d8d07f5c6fb268fdc1

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    84B

                                    MD5

                                    c0ef0a7ce9965f3a7f307e0e82180df1

                                    SHA1

                                    b6862e86e1674b6a5e81e00ae5001cc8d7eca050

                                    SHA256

                                    7edd35da23bd791902e8c1aa419c0b3ebaf2f7c6be033ea34e71d31ae59b3714

                                    SHA512

                                    ce5b5eac896cd436013a9bb6e581723b36da1979acf43229fdb997c751bbb984ed0e7320bed641732dafeb355edc12b14e2ef603fce9961e3742c2fd391a2bb8

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    82B

                                    MD5

                                    0ecbfab81e3509e02caac9052caae43f

                                    SHA1

                                    3725716814b4279f7bbe63f14ced61990326ca0c

                                    SHA256

                                    805c437f72a2f695ad238ceebc7337d9a7120ac7aa69f3444cdf95711890da5f

                                    SHA512

                                    275c62d69b226ed1777ce4a7d7346fb3fd91f546182d879fd006cfb24689111caf73729578187fd254ae5bd0519d9a1dd660a7410171f501a6e211d65f8aa443

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a548.TMP

                                    Filesize

                                    89B

                                    MD5

                                    67c3f5b75fdddde8df55709ae9dbabbc

                                    SHA1

                                    22a47b0d90f7d33eca34aca63f267f230c586c5e

                                    SHA256

                                    20594275e7f7079e3b4e7cf84eced7323f7d9313bb836e2cb3b353e2d279aafc

                                    SHA512

                                    bf2b72b006daa6d94ad479f81101614d1631e74f35070a5116d4fce848a301d2996426df3c382da71c2da36a2af6c1981d2e2bac5fd0be6c1eb627ba6c5495c4

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    46295cac801e5d4857d09837238a6394

                                    SHA1

                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                    SHA256

                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                    SHA512

                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                    Filesize

                                    72B

                                    MD5

                                    eaec90e1ddc331f412803bc529f241f1

                                    SHA1

                                    568d84bf528955a352c52bc61c6eab59d5fe8f1b

                                    SHA256

                                    ae979431a393de8275ab6c5e754df7e8e9083f4ea1e94f4be44b41b1ddd7ae68

                                    SHA512

                                    d66d57636f196884889f9ea96de06fa1dde98122d46ef2949099ef9a9aee1e06c440ff50c3cefa546099f07e0915c95e4d9959565982963f7ef441f9be67f75b

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f443.TMP

                                    Filesize

                                    48B

                                    MD5

                                    b9cb1d5f7c4a30a94dc7780bdfc537cc

                                    SHA1

                                    bd71ea693618df231c4f2cbe031650d0062cac26

                                    SHA256

                                    a2b21c162e07c22ad9d8703b7bf5b51294120e3b5cf88b212627e935f0dc6a17

                                    SHA512

                                    7ea4706c80c8f0ea0c1b29289106e9e7c8956001b834f52c1f7162cc45232821d7f96d50e97fa607b506e53b8fda4494e2b95aea12a54159440bedf1553e35b5

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    6752a1d65b201c13b62ea44016eb221f

                                    SHA1

                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                    SHA256

                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                    SHA512

                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    11KB

                                    MD5

                                    787d0610179d6660e24ec6e575e9ba48

                                    SHA1

                                    227a620903f9eb3262cd36966bee010f467c8ed7

                                    SHA256

                                    dd2780306fb7d49b56991fdef117e4b91049f70f2ec56ab784dcd75ca8674f32

                                    SHA512

                                    a48f627b2c3895cba7fdbf4cfe5e966ad75b787808dfe75716293fc1320b666fea627c14d0e7b1080eddd76cdd47e9ff0aa558acfef0190bc4095067afd33c55

                                  • \??\pipe\LOCAL\crashpad_4628_BLPYJYSWQBMCSWQO

                                    MD5

                                    d41d8cd98f00b204e9800998ecf8427e

                                    SHA1

                                    da39a3ee5e6b4b0d3255bfef95601890afd80709

                                    SHA256

                                    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                    SHA512

                                    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e