Analysis

  • max time kernel
    500s
  • max time network
    505s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/08/2024, 22:01

General

  • Target

    http://Google.com

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://Google.com
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9991f46f8,0x7ff9991f4708,0x7ff9991f4718
      2⤵
        PID:1908
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
        2⤵
          PID:1112
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4084
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
          2⤵
            PID:4044
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
            2⤵
              PID:916
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
              2⤵
                PID:1280
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
                2⤵
                  PID:5084
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
                  2⤵
                    PID:2356
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
                    2⤵
                      PID:4500
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
                      2⤵
                        PID:2936
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
                        2⤵
                          PID:464
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3952
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5132 /prefetch:8
                          2⤵
                            PID:1432
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
                            2⤵
                              PID:4900
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
                              2⤵
                                PID:1784
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
                                2⤵
                                  PID:4348
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
                                  2⤵
                                    PID:4340
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
                                    2⤵
                                      PID:3280
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
                                      2⤵
                                        PID:2756
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
                                        2⤵
                                          PID:1692
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
                                          2⤵
                                            PID:3464
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
                                            2⤵
                                              PID:3956
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
                                              2⤵
                                                PID:2512
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
                                                2⤵
                                                  PID:1672
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
                                                  2⤵
                                                    PID:4204
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,10831662120973242751,2526556053427439135,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7100 /prefetch:2
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:1640
                                                • C:\Windows\System32\CompPkgSrv.exe
                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                  1⤵
                                                    PID:4544
                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                    1⤵
                                                      PID:536
                                                    • C:\Windows\system32\AUDIODG.EXE
                                                      C:\Windows\system32\AUDIODG.EXE 0x2c8 0x4fc
                                                      1⤵
                                                      • Suspicious use of AdjustPrivilegeToken
                                                      PID:1372

                                                    Network

                                                          MITRE ATT&CK Enterprise v15

                                                          Replay Monitor

                                                          Loading Replay Monitor...

                                                          Downloads

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                            Filesize

                                                            152B

                                                            MD5

                                                            f9664c896e19205022c094d725f820b6

                                                            SHA1

                                                            f8f1baf648df755ba64b412d512446baf88c0184

                                                            SHA256

                                                            7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e

                                                            SHA512

                                                            3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                            Filesize

                                                            152B

                                                            MD5

                                                            847d47008dbea51cb1732d54861ba9c9

                                                            SHA1

                                                            f2099242027dccb88d6f05760b57f7c89d926c0d

                                                            SHA256

                                                            10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1

                                                            SHA512

                                                            bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

                                                            Filesize

                                                            209KB

                                                            MD5

                                                            3e552d017d45f8fd93b94cfc86f842f2

                                                            SHA1

                                                            dbeebe83854328e2575ff67259e3fb6704b17a47

                                                            SHA256

                                                            27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

                                                            SHA512

                                                            e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

                                                            Filesize

                                                            42KB

                                                            MD5

                                                            f934b8651447a6a76ca8b68ea6eb40ad

                                                            SHA1

                                                            5bda83811706c7595b7d15e6cecec56d7b20485b

                                                            SHA256

                                                            f6011a9da52adc6991e8b2d68ee56cebbf71ae04fe6945d30c1fbb087e062134

                                                            SHA512

                                                            1dcab4611b8d5cc4ff68fd0429f94668bf84d64da4a34200520cf6f40575a46722ade3d84039487c942096438b7eefc45bc2b4734ef055ff89ec39b1f1ac38e0

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000080

                                                            Filesize

                                                            607KB

                                                            MD5

                                                            73bfbebb35b5c61e472e04a9cc44f8d9

                                                            SHA1

                                                            8d012f5b6239ad40a670354c6c269493d08caefe

                                                            SHA256

                                                            d5eea33b0e0228db4300fb0cea8465f6c20e0a45a5ac05a3022f7593e6ad2226

                                                            SHA512

                                                            bcc034efd0f5ec5e3eb905c72fb21df89b2b3403defd311716952bc2df309cedeae609cc59b87dc22ec983df2cc26df74e1c0d1600fe3e28527fd3efffaa5b47

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e

                                                            Filesize

                                                            1024KB

                                                            MD5

                                                            a8aadfb47cd701844be64380bcf1af55

                                                            SHA1

                                                            0a3cc6c4fdd4cbbde413d8e9c194f3270a968e80

                                                            SHA256

                                                            bb66692c7845e614d0db9a069f9bfb7e93122e155431cb226493f94f5678f4b8

                                                            SHA512

                                                            4f0fd7c6ba052d449247f2f42c18adc9fda1ae6c54997d4dd03d8ceaa5ef0118fb066c6909a6750449dee2399fd488e9309548240cad34fd8d91fae1ad11290b

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a0

                                                            Filesize

                                                            1024KB

                                                            MD5

                                                            94d3bdf1774e7b0e56e926ffa5cad9d2

                                                            SHA1

                                                            309739a0bb461a2a758438b98b12dcb21d19c532

                                                            SHA256

                                                            5e2923e2554fbb51bc97866d44ac0f873774ba282b7795b017b58020157d3eb1

                                                            SHA512

                                                            d30710318e5ce39c9f93f4d23ef6693e2768d95e45181b4a3a6e905933f5bba5a4f46752dcdcf61b9025530b7294ed3d34730b29c84d252ba95b207a27db9e3b

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            b3d62975a7cbf6e7e48ec72fcb09ec05

                                                            SHA1

                                                            b85943e76fc9fa88108f5984a5d999ab00d65b35

                                                            SHA256

                                                            1b906dcc789a9926a837fb6dee6bb0bb4090f1f316837bdb626c33d599ca67c7

                                                            SHA512

                                                            d3ab8a12c9bbc72b8fd1c4684e5d74b9ea9d478cd158f786c908102824dc3e59c9e325a5ac3280f1e94ed8aff85f5e95cc748e2fca54bfe06083369ac3c878b8

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            db6365e48cbba0818cbb8b471fe5ab4a

                                                            SHA1

                                                            7330edd996bf7dbfb8c8ec64bf09019f00e0ef3e

                                                            SHA256

                                                            04a50502f80382033bcf33b1d2be1628e3939f338958fa788a9923c606cf09d0

                                                            SHA512

                                                            dd9a35f523b3f3b22864131fe4e310477df9e64b9feeb74ac0eb4dccad6d8a2aae28de6806e4accd820a525308aa12cb2e2da2f8ae11c397f78406d41f0c2744

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                            Filesize

                                                            288B

                                                            MD5

                                                            4679c298b9ee5e9170cee88c29d335f6

                                                            SHA1

                                                            06ddacc8ef95418301cd8ed2d7642df0888b70e4

                                                            SHA256

                                                            a6f59f918d121acd0af98ca5b8c2c663375cec2cf5a51e4252660890ef1326c7

                                                            SHA512

                                                            62753a64505e0f5112021baea01ac96aa39293d6ebe67ab70d201ffbceb9039c4a3fcfa78595fa05831dc8844ff887cd651ec7d4717789733d4ab23f5532e136

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                            Filesize

                                                            4KB

                                                            MD5

                                                            7c20dae18640a43c3ab26c9b0f691146

                                                            SHA1

                                                            dd7f97541e78fb9031ee5d362fc7f25fd109e95d

                                                            SHA256

                                                            15f94d9de1af250f177f86a7a4f7f2f3b840095e5de0586437667720e7e46236

                                                            SHA512

                                                            a74e4db4cfb4369e91a7b3ab2d30a96aaf157dd7b736c055761a76fbff96142eb5b2a00a977e888b5da910dfecec7df8892b4d9e9360ef841111fa2d8aa614c2

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                            Filesize

                                                            4KB

                                                            MD5

                                                            fef5fe10f4e66266bf97ad558ccb2124

                                                            SHA1

                                                            c4427c8187ed1d7c21fc57c5cc5d139766bd3879

                                                            SHA256

                                                            f69875352c3f19e76bfd512ee64da64000901163445d65d0cb80aaf880aa3cb1

                                                            SHA512

                                                            0d0fe3dd21781c877bf4f8db1a8791efab6af10587e4f0ab817e0369abb667c24b469b017570a146cda2dad19a46b20d5843a28336a3ef1ec95fcafcd76bb5a3

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            7fbb6e5ee2843c5d006e0010967d7270

                                                            SHA1

                                                            a73bbd2dcc7c5a7f7e7e790d4826b2d3992b5ef5

                                                            SHA256

                                                            ea8cd18e1860af7256fe8da37ae9eb04bdc68b9cb581e3c7b2b0af7b7177d966

                                                            SHA512

                                                            e9af937401ccde472ef27672c78f8a2cbcc4320860a5d450f987aba15ad3303e9b025bc15dcf36fe66b63164c62aec2f211c46a5cc18c4543b3d2722da6d0a54

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            a63a40da8d0774659896381ea01fbf5b

                                                            SHA1

                                                            f515adf3e97d5d430f6394a3ef6f24ad9409f60a

                                                            SHA256

                                                            0ce3039a722ef1fc9cdf4240bd600dbf51e2b01be665366b0df860fa7c082aba

                                                            SHA512

                                                            bb2fd37e8febb2af358775fd5ec86297d7ad543900b8d11b5bac22a19901f29bc41e7ff2e3a41e77f59b74546210f1e049551cc8c4ed3182145ead6423d07ca6

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            7KB

                                                            MD5

                                                            abcc9b871aa924709e3f6910fcc4e335

                                                            SHA1

                                                            d4e7d607b5261abc6ea100084122f24a5a155541

                                                            SHA256

                                                            be367dd1eb94c7f19fa88d030385fcea68aa3459c2e88b4151ad9fb68b29ad26

                                                            SHA512

                                                            cc477e355ecd3cba3504f07a2d1280601e9931ff4f9a35a4bd7b7dcde6988f200a1dac9c36f5cf94defbb47be08a6a57ae461a662d05b7c50338f0143bbc0f59

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            8KB

                                                            MD5

                                                            6521492a398577b3bb812d1072d53cf5

                                                            SHA1

                                                            e634bf58598d4f6e68f92b5df96fbd8cb0bff6ff

                                                            SHA256

                                                            40eae50dd1172c9d250644b422d523c9a48384ce1f3e13237f9d8153ee3ad3ae

                                                            SHA512

                                                            5406a69dbafaf803740ecd2696e53bb85779ca6caf6858c7b852fa1fe991d721551fff8ab394f1584a959147fbd119843b0024a9d692eec768a6c78cf868262f

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            8KB

                                                            MD5

                                                            243c9488fd9abb005382fd65065ad70a

                                                            SHA1

                                                            693fc7a36d0997e58a684c0e933cc15682ffad6d

                                                            SHA256

                                                            52d66f02c74de36c47bd977873289bca7bd8d73490e4e7bf8a2df02c0f034773

                                                            SHA512

                                                            8604494390f3408efc1fe513690de4965f6f7cd9889985c264b113db4a6a0249adf439658c9565168f08c6b23fa1981746482718aeb497f322ea8f95ecaa3259

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            7KB

                                                            MD5

                                                            e5d4e7ccadb606f9dd1b00dec7c289ef

                                                            SHA1

                                                            2bd12111866a6444c194a97d7ae5dbe8740325b9

                                                            SHA256

                                                            fc2b0e27987f3cf43d69583e15ebcb39f98f74e8fdcae95f8091ba7379f77546

                                                            SHA512

                                                            8529aa63092c5faa49bcfd4066d125c5143c83c605bf3cb5e3c69a85df58cb6271ccca2a5198b9ff48ce785f6fad0a82375d4b9028d3ad6787acfdd0a3057a9b

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                            Filesize

                                                            6KB

                                                            MD5

                                                            5c8e8aa33002d96be588a6627ba9e2d6

                                                            SHA1

                                                            3eacb80b9f5373430704b7be7081b26b76ac931c

                                                            SHA256

                                                            418f75856c841383310496602ca78ec720543ceaee2600963b228d63193d2134

                                                            SHA512

                                                            014c862fadc348d613af6ee17b4372ee80280fcb453a65cca71188d633bb0c81b54819d259201fb96fb34fff46e0cffaf6cf6a07c6dd986c680299f6a836912c

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            dc69e87bf05b612de752956d3660eb1b

                                                            SHA1

                                                            cac4e079a83121f8a0167c062fdaa2a5b125fc3c

                                                            SHA256

                                                            c2a762bd91b8a7de1957e846e2ece3515c0b6e703b437f27d064e2cff5df29e5

                                                            SHA512

                                                            080dd8ea6aa243f24aa9073ebc7efc1a7055d3ee2e43c3a9fad35672110554d2fe958000f590ac18bc67778b640d36e370ba1f43cef3ca41aae161dda682df3e

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            737e91ea8d4d63e18075fe670d431f31

                                                            SHA1

                                                            bba33899075ecd67d7b1df540f2321483c053bc4

                                                            SHA256

                                                            950f8d71b0f4e9fa534b96ca4e9f0fcaa713e6f7c4297e6d01ee9a296e461c87

                                                            SHA512

                                                            30a271756fe92d22995983c64fa19af4af709da2a9ba16751f005d1a54bc8f756ca246bae155d536fe337413fe1cacc403cdb03b65516b36457eb6ecdd3e4dac

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                            Filesize

                                                            1KB

                                                            MD5

                                                            1dd5946f76bd81368c3a9134fec724d3

                                                            SHA1

                                                            1db8e67c50a13685ad8145d1617dc282b0ea1aa5

                                                            SHA256

                                                            7aaa7026d146ef37a5ffc583a1ca3c7230fe6b0c10db0235f6722ab19ca63f20

                                                            SHA512

                                                            f8b12bc4c106ad520e7b9e68ab3fb03e5639c31e9918e2ce7dc61db75aadaa81b7c256fc01ca5d22d3080844b398b064d48edd2abc5dbf075578763626a1d95d

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58b38c.TMP

                                                            Filesize

                                                            538B

                                                            MD5

                                                            b23bf7175981631b20ca4f5e8c0fb93e

                                                            SHA1

                                                            0acce851ed3999d82df2bccc0b7f4bfd0e40be27

                                                            SHA256

                                                            e8154806b99d49f436192ea932a1f90a76b065722184696137ff8dabe6cd7f76

                                                            SHA512

                                                            cbfd8a8f479ff5d46379cb438a22fb930c8db236ea0f96ca2b6d3e99dfe1e49a20d0d13f37dd8b82ba0e5c6e5748d298bada872c8e36a893d9cdc9d17be6026d

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                            Filesize

                                                            16B

                                                            MD5

                                                            6752a1d65b201c13b62ea44016eb221f

                                                            SHA1

                                                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                            SHA256

                                                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                            SHA512

                                                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                            Filesize

                                                            10KB

                                                            MD5

                                                            ee1a19998dbfd3491425e75692d9f773

                                                            SHA1

                                                            2eb9bcf61adeee66718272ead731d4bcb666b807

                                                            SHA256

                                                            f6efd0464f42a3f60f99d0b93a965e653c5c74f5b25de71f13884aa0959aadc8

                                                            SHA512

                                                            ee46af01a13ebeaa13574eedf9b2e43c7d2609f4ecfa8bcf3eed29536c0573081b2eadf188a23ac8011e75809073998a18ff718e4fe1ad2f84ab909a99ba78a5

                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                            Filesize

                                                            10KB

                                                            MD5

                                                            2df9fb65314b14403c6d9a538f8d6966

                                                            SHA1

                                                            1322ad7084c9e9df5dbcacdb77385b36f0d1905b

                                                            SHA256

                                                            6be6d909d08a30e5cd1de3d7a3f4f00c8ceeb49c76bb6b2088b3b0ce9261dd5c

                                                            SHA512

                                                            ae716369e0dff942ee591379e096f820dfee4f9d02a40f04c0884e7d763fba8810da86ab71fde86c1e8c61af31d4fab26fa04c2f29d8c7e1e2894adb2225cb89