Analysis

  • max time kernel
    1680s
  • max time network
    1685s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19-07-2024 00:46

General

  • Target

    https://grabify.link/K2VN2B

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://grabify.link/K2VN2B
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1600
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc85783cb8,0x7ffc85783cc8,0x7ffc85783cd8
      2⤵
        PID:3248
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
        2⤵
          PID:800
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4164
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2544 /prefetch:8
          2⤵
            PID:2964
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
            2⤵
              PID:4140
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
              2⤵
                PID:2780
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
                2⤵
                  PID:788
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1
                  2⤵
                    PID:4664
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5248 /prefetch:8
                    2⤵
                      PID:928
                    • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5952 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3456
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
                      2⤵
                        PID:3308
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
                        2⤵
                          PID:3444
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
                          2⤵
                            PID:3092
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1
                            2⤵
                              PID:4992
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:5100
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,11470018831949945243,12056424236585811174,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5564 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:1744
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:228
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:3120
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:1540
                                • C:\Windows\system32\AUDIODG.EXE
                                  C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004C8
                                  1⤵
                                  • Suspicious use of AdjustPrivilegeToken
                                  PID:4528

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  4656c526f71d2c1122865ef7c6af3ff5

                                  SHA1

                                  61684265064c225f323d304931ff7764f5700ac2

                                  SHA256

                                  7172417b8464d5c2f52edfc867f4d83e475b58fd316b1916cdde30ed5bdde80e

                                  SHA512

                                  c3e4fc0baa216ef561a448e42378af01a50e0ebd9b5fe554c9af0ea3362b9ca2f4a1b99cfab66c18df085250dd7a5ca1b01ab256e28156d657c579f5518aa56a

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                  Filesize

                                  152B

                                  MD5

                                  bc5eae38782879246edf98418132e890

                                  SHA1

                                  46aa7cc473f743c270ed2dc21841ddc6fc468c30

                                  SHA256

                                  b9dd7185c7678a25210a40f5a8cac3d048f7774042d93380bbbd1abb94d810d7

                                  SHA512

                                  73680b22df232f30faa64f485a4c2f340ba236b5918915866f84053f06532b0a722c4ee8038af3689ac04db41277c7852f7a11a0a15833ef66bcc046ee28afb7

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  456B

                                  MD5

                                  802e6dcef3a7bf72fef316d479ec304f

                                  SHA1

                                  f07fca4f93ee5189366b68b6a957042f26edcebd

                                  SHA256

                                  c7ea565a4ad574da110b641f882d8e5595c102190dd44dbc10820925cdbf744a

                                  SHA512

                                  939ecfc17796a3f7f326f53b8a415d4be3465139108a52abfcc29fff1838cc09bc346664659d5c963705daafd97b507d6b591cf45c1e5f37e96374e4c51f3f6b

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  68d753ab0e9a9e7768db4364565431db

                                  SHA1

                                  b913a116248bd9e417dad1511c700e431c8a4cd5

                                  SHA256

                                  369a782f3a96724c063c1b257adc749dd6fa50823051980ce82be7d0e0813c0d

                                  SHA512

                                  d3930b84fdb49340da851e15dfda5e9b7f12ffa223d46b771c7d1cbd84edc1988669fed7fbe89f32bdcbb0fabcdbdb63428d1cab34e7f7888b0f756bc0252fe2

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  d0003e2671dcd617bfcde33d6ba21e7e

                                  SHA1

                                  847a9343d130747ff6948896ac0625cd461ce6ba

                                  SHA256

                                  089dc2abf4f88961e27688c2ba9c48c22c200dbca338d4709212ae4070f35cbb

                                  SHA512

                                  810ca831ff2ea10df65e394cde6d80dd352243306867ced0bed53cb60a38d6644e7b61231d95affca9f47bd511790a9882cdc8d7153c65cf7e6c5025f199b90c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  3e11f5c9e16009a5dcbbda56a4966558

                                  SHA1

                                  01a38aa15dca68a1e26045b72852ee9a3590b84b

                                  SHA256

                                  1a850c3a335adf18a76c0e76aa3ef5aede4e5ad0230b12cfc161c795c4a68cfc

                                  SHA512

                                  76c9532b06737fb8aafe35c60cd0910ae07510922cf91678fbf1968c3d2aa9df359f72c40f8a4daf9330049bfc53794be9d8cc5d779cf6589540da5294d58d6d

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  092a0f2a8eff88394fad37d8b69f509f

                                  SHA1

                                  6e39ca1d186ac25b7845e8109e89392ffd46a31e

                                  SHA256

                                  7466daa9fdc46db23282da8f87520ebc1d4ac6714be06474270222c0b15c3767

                                  SHA512

                                  4cd61fa7c7c83ecf56a9e17c4ca38f15b6aab62f02659230adbf8dbec8587c75149cfca6db88779d70843b9e46f3f007bdcec3362464cc7f001218a5aef9303f

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  5ba0fadbb770ae0faf71c30ff302ce08

                                  SHA1

                                  ecfa61e9c24c5257abc1e1cea7df558815d3373d

                                  SHA256

                                  0fd0908432c88e3e1764de4c7d7f65f2c2c45bf8781983c87d6163b4258f9f4c

                                  SHA512

                                  0e0f6cdbd62913988eb309942839c16b213d4d0485bfc837c6fca54cf834b7426707dae6944c375d2dd9c95e9336b47e8b4ffe472619de18a2a7b83b316cb629

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  fbf0b1bf10e946cfd5db60373eff29f6

                                  SHA1

                                  73dd405fda9587981679ceffc4ccbd9c3f762f4d

                                  SHA256

                                  4112a30eb2cfbb1c2cdad7f48fd7b1c62fd7f7d395af6981e38dd4e35180a07d

                                  SHA512

                                  2cef1c36a1d60ab35175b0fb5b1ba200ea8a3569ae89f98feb239d6dc0e7895729e111cdb34411abebdf7f8a9883957200459b1c99276c75c503326bb266b338

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  5KB

                                  MD5

                                  2e9520d5f2d5cbb084a4ac8c8d0dbf7f

                                  SHA1

                                  285ee653a56d4470067215716855c8e3f974d016

                                  SHA256

                                  28168591ecee02362e8b8164844390db3877c035d767fed1d1ed7b10b84ff931

                                  SHA512

                                  91cf22377895f3ddc82eb74f48c31ad7e6604edeacfc34776198163bd7b09e9ba3731f20e7c4f91f499f8a2b61267229f0401594fc9b1dda1dc549087b70f4f6

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                  Filesize

                                  6KB

                                  MD5

                                  f3298a0ad5e90e10d240d1d40e857cf5

                                  SHA1

                                  9bee48831fab3c4bb8f1a13d9aaa79c9f7f69b1d

                                  SHA256

                                  3e1f10e2df571dd934c286f25f13bdda59b0cb631ad0811789250e2c8c4c8059

                                  SHA512

                                  e1a32431abac0f21370ce2d10c46710498d640e75e6fcfe97e82d346ac4e91626fcb5bc189c011e4b1b4019bb8de2a4471b34e26cb2ba409991a2251fa35c38c

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5a6c0423-1fa7-4199-8356-37160c080892\index-dir\the-real-index

                                  Filesize

                                  2KB

                                  MD5

                                  88743ea68b979e0117acea7e77f6e29d

                                  SHA1

                                  603833ca6b123a867cb1bed17eab82a4d9eeeab3

                                  SHA256

                                  97d671c91fba70213a68942c90f9f3a34f71e209933eec4360ac1a49edddb040

                                  SHA512

                                  910f385045daf1723b49f847d075b6fbf7b2b6200a0fe866a90e5b7b67611679a753d6cd4ea9fa76f4febce293712ff9b82fdab29b358ab7900657b43b4f7be0

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5a6c0423-1fa7-4199-8356-37160c080892\index-dir\the-real-index~RFe58538a.TMP

                                  Filesize

                                  48B

                                  MD5

                                  5c843444b26c502439990672106f6072

                                  SHA1

                                  601858a2ada155c2afd670967176b8d7ee2ce01e

                                  SHA256

                                  046851f1d85d744cf3f3cbc1c06b78972cfe3e765fe848a25bdd7d497dd4297c

                                  SHA512

                                  3e9de9538a8178cdcb25b2d046e46b58d77ef46a888ef5782b06925f572a356e4088b5c7a89b90716d37c1e503668226e1821a09474385b73114b57fef259671

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                  Filesize

                                  146B

                                  MD5

                                  74078f8807a255d395922c05e9292823

                                  SHA1

                                  cb47c9fbabb2d35cc50e45ba8bc3d242c15e4ce1

                                  SHA256

                                  5d08a6617dab86a240f3b7e9a5e983388ebac4e8cdb7fd67788b990271406ce7

                                  SHA512

                                  3e32dec21b711687552115456b02e595add32dacba2f9300647663811fd7cdf6e64ea3f36f4aafd9d1cc2817c050d4faef8f0fbe5518d697964c8adfb9127ec9

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                  Filesize

                                  84B

                                  MD5

                                  3fbff53b618e4ea33e7b1d1aa90c84b0

                                  SHA1

                                  3f2538f78b9e1b608d0e457d2cfec851dd7b13cf

                                  SHA256

                                  e506c1d05ae6a23e04b249bf55ba980a2fbbfa92b59d78b55c4800daea490e74

                                  SHA512

                                  0cd84f7ae5ca7eb6bd6ae947e6b9153ec43d7bd9e40cd2a8076ce6fb074179d2343d86bcee32f0b53abe9f9dc47f0d215b661eac1218f147c7ffe7dfb734e245

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                  Filesize

                                  82B

                                  MD5

                                  a0318544e15e2550c612446922d95841

                                  SHA1

                                  a593c1dae895d0b8aa2f5db1b0b5d28975ae2d8d

                                  SHA256

                                  0ce29d92131950ebb89377900a9fd7a39902b55c10651cba4a6eb745e45df884

                                  SHA512

                                  66de5080d6d576916a6835bedafc0e4c638642e27c3ef30abe31e863508795e95c97383b0c516c6532067e4eba432640e1296129e78c6aba3a39cac46e7f2d29

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57f6e3.TMP

                                  Filesize

                                  89B

                                  MD5

                                  8476b697f56d077753f06beb5e69965f

                                  SHA1

                                  a9490c14194d965850f88c2a80320b8c1307a71c

                                  SHA256

                                  1349f2be2dcb0e1a83f03162950ae8b69dfd50b254704a742a250c85705d17dd

                                  SHA512

                                  f9862eed044ef6bddbfc49832e828dafecc49d8f31f4b76f9723657ae7522963ea10aa01a3ac448853a1aa3ef65fa3b45bda911ec8a0fb15d42dbdfc3add7802

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  46295cac801e5d4857d09837238a6394

                                  SHA1

                                  44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                  SHA256

                                  0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                  SHA512

                                  8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                  Filesize

                                  72B

                                  MD5

                                  5517f25a40ec49f93e0737145cdbd87b

                                  SHA1

                                  76a09ce9c31f720aa0d554043c3cdc738b10a7d9

                                  SHA256

                                  b71093cfb2a4e674494b4a95d1f805904411b631028313d70660ac05194f3216

                                  SHA512

                                  f185dfec13800009a3d213acd989bb0c79155efbb1da458aa5f64c8ad1037989b4bb6b8568e909d35682004c1ca3409b7e079bb3e7a4d562e9147c2ee21dd0a6

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5845fd.TMP

                                  Filesize

                                  48B

                                  MD5

                                  940245966490e382cdfba305ba7c6b62

                                  SHA1

                                  da540f2b628dc14900922b9b4ec98ac722834e57

                                  SHA256

                                  e8396144ea2126495403332791325cbe52af5679bf1eebc06e9fa13f6b330b80

                                  SHA512

                                  3b45d5cc3803149ab3d4c97ecdc18eae49c4f832c82bed030edeaad706b32858d703e85be260be205ebc544de460c5295bf77bf81dbf700d5ebb309f8540d71e

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                  Filesize

                                  16B

                                  MD5

                                  206702161f94c5cd39fadd03f4014d98

                                  SHA1

                                  bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                  SHA256

                                  1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                  SHA512

                                  0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                  Filesize

                                  11KB

                                  MD5

                                  8d4223e0bf1683a118880efddb583fd1

                                  SHA1

                                  6e59c98e2403b29eeb73d260bb7fb5d113c8cc21

                                  SHA256

                                  aa4bfb804ffa0ef659aec14572174ab7ea6c941cebdd11172851fda7aeb0e9df

                                  SHA512

                                  870d77a4292dbeb1a3751650b146016489d0b412047c4cae13419418e76f4a6172f88189b2efbd04b59e35873c76b3994df85685e7c3fed627f3b8f9fe1c92e7

                                • \??\pipe\LOCAL\crashpad_1600_ZKAYAMXAJUIKTHIE

                                  MD5

                                  d41d8cd98f00b204e9800998ecf8427e

                                  SHA1

                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                  SHA256

                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                  SHA512

                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e