Analysis Overview
Threat Level: Likely benign
The file http://google.com was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-03 00:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-03 00:02
Reported
2024-08-03 00:04
Platform
win10v2004-20240802-en
Max time kernel
72s
Max time network
73s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-355097885-2402257403-2971294179-1000\{CCB29988-3061-4CDC-8FC1-CAFC90B01540} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffae7f046f8,0x7ffae7f04708,0x7ffae7f04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2764 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5920 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,9761199030386359712,11830244280436985297,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.102.139:80 | google.com | tcp |
| NL | 142.250.102.139:80 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.27.103:80 | www.google.com | tcp |
| NL | 142.250.27.103:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.27.250.142.in-addr.arpa | udp |
| NL | 142.250.27.103:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.102.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 88.221.135.33:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 95.101.143.201:443 | r.bing.com | tcp |
| GB | 88.221.135.33:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 33.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.23:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | sydney.bing.com | udp |
| GB | 88.221.135.33:443 | sydney.bing.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 89.33.18.104.in-addr.arpa | udp |
| GB | 88.221.135.33:443 | sydney.bing.com | tcp |
| US | 8.8.8.8:53 | tse4.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse4.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | testfamilysafety.bing.com | udp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 8.8.8.8:53 | 201.197.79.204.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dc1a9f2f3f8c3cfe51bb29b078166c5 |
| SHA1 | eaf3c3dad3c8dc6f18dc3e055b415da78b704402 |
| SHA256 | dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa |
| SHA512 | 682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25 |
\??\pipe\LOCAL\crashpad_996_ZWESJGBTOEEXJDTN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e4f80e7950cbd3bb11257d2000cb885e |
| SHA1 | 10ac643904d539042d8f7aa4a312b13ec2106035 |
| SHA256 | 1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124 |
| SHA512 | 2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b5da4598defbc7e1426fd95ce274917b |
| SHA1 | 0a0cf7d669388c527ef894e0703065ff10561911 |
| SHA256 | a20d6537d455a063504d37c0cd0d63b440d6c1b8660bcac0ed2693d320ddff07 |
| SHA512 | d2e543d5ede6cd9546996ad7d785a5d348e2dad9e52da431ba672d906438250daeaff6a5c8ec2a8970b13223676524ce45cdbd16a1bac8708fa79cb230ae6e50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fd6d13d48addfeedc25d3157317e017e |
| SHA1 | c3f2a34f8a8fd48006d7ab782a1b3c81933323e7 |
| SHA256 | 9f83a1e4a34d773752b12756adbf67ad4014c0547f85c1aa8b31d839fd040776 |
| SHA512 | 12a5a2898ee7660f046fc5d88d2658f83f72b54284e888d556f2063477608c7adcf2511c8211ea4e602563ce18f7bc01eaed4091218fb69ee5e65e89ca2422ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\98bd0078-5f04-4190-a3d4-4aba8353f929.tmp
| MD5 | 469462a01c35de31dc8e8251f98efaf6 |
| SHA1 | 4af3a3365518b88f4bdfec0a6a48b7f091fd14b5 |
| SHA256 | 9e0c50681c0813dc2389b78000eee05c0c06354906703700fd9133ce0ce3c20e |
| SHA512 | 672bc986b756f9af4ba3ca7e79811d2858a53293a6872b0f0524d42b41c905fa78cea60ad36fcc5bd9b3f1c90a41b07a167791daa990c1bde92a7fb979c9bcd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4bc618df92fb8c629ebc652305823b4 |
| SHA1 | cb929afa4c370163a2c4a17542e60194aaa83515 |
| SHA256 | 4c0b61e7fa539ce1e5c9afaff43f8fd7cdb368e9b0307d82e769555698e37e98 |
| SHA512 | 1dc6f794b1e1e999579d08132fee7e70465161dc672f22ca5c9a5fd5ea7dee5239128265f177e8e7b718e638d3eeafedf4a130787bdd5f6fc7b36d4d07ab7c41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8ccad88cadca4ce8bae6b5faac37f806 |
| SHA1 | ecf037fd8c84253fff29ccf354ae2f28a15aee70 |
| SHA256 | 441fd87fb7219715efd9f26d98e5a86c22358c6fd2f3c089cac45e12fcee07d1 |
| SHA512 | 0e5eb04f89397d52a1f9a96bacc153ba17ee0aab2bae0ec828bbe402de015a9ba3f35bb728b2849d13aaa97ce537e7e432589034d36c0e443160d2773edf7e41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | ed3c7f5755bf251bd20441f4dc65f5bf |
| SHA1 | 3919a57831d103837e0cc158182ac10b903942c5 |
| SHA256 | 55cbb893756192704a23a400bf8f874e29c0feee435f8831af9cbe975d0ef85d |
| SHA512 | c79460ded439678b6ebf2def675cbc5f15068b9ea4b19263439c3cca4fa1083dc278149cde85f551cd2ffc2c77fd1dc193200c683fc1c3cdac254e533df84f06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 24a806fccb1d271a0e884e1897f2c1bc |
| SHA1 | 11bde7bb9cc39a5ef1bcddfc526f3083c9f2298a |
| SHA256 | e83f90413d723b682d15972abeaaa71b9cead9b0c25bf8aac88485d4be46fb85 |
| SHA512 | 33255665affcba0a0ada9cf3712ee237c92433a09cda894d63dd1384349e2159d0fe06fa09cca616668ef8fcbb8d0a73ef381d30702c20aad95fc5e9396101ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 027a77a637cb439865b2008d68867e99 |
| SHA1 | ba448ff5be0d69dbe0889237693371f4f0a2425e |
| SHA256 | 6f0e8c5ae26abbae3efc6ca213cacaaebd19bf2c7ed88495289a8f40428803dd |
| SHA512 | 66f8fbdd68de925148228fe1368d78aa8efa5695a2b4f70ab21a0a4eb2e6e9f0f54ed57708bd9200c2bbe431b9d09e5ca08c3f29a4347aeb65b090790652b5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | f4f4670127e079187b74bc5e96e28e3e |
| SHA1 | 4ecec08804973c7520c57949d7eebf38b454beb0 |
| SHA256 | 584a50f53fa326d3a9cabff8b0d3b790b4261eb2518ec2d5c3f183d20894947f |
| SHA512 | aa10f4f46c1f536c43153ed576155ead623ee2f50611d4f7cd5e37b5f7e3d6fedacd5345ec98055370290bde5308bd91290e77236c9f5917d0c90656090d2e2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be3d920252c8d2c2736668e198d1ffa6 |
| SHA1 | 7fdc632ce974978fcbdac52bf1d539f7529848c8 |
| SHA256 | 75cc961c5302119cd5b7706b537547ff7c48266acae997cc38f03fde7ccfdf4f |
| SHA512 | d2425559d97d0e1d5dce4bd72632df183848c84d86c606067c9b2fa952880dadd15758165cf09cb4ec3bf7ae40e82d5239546554d784e99dddb20703937c9997 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c884f60ac3c0b128b125a62b06ab8e88 |
| SHA1 | 6b231fe6b4f9d22b30b5260ce4d4c04d1bac04b0 |
| SHA256 | 4b192433ea15373be540ac5b39866e2839032b56d22a9d5130429f5279c33ca9 |
| SHA512 | 38c0bd41afdd3160645d584b02d64f6aa05c490103f23cefecae659c9442a0826fb8d33542f26a50cd77bf13da95da2e7748720399e8ee9753293604945b675a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5871b0.TMP
| MD5 | 2e08bf63fee6164dcd710c6bf5d6623e |
| SHA1 | 32335f636a2fd2632552f435b852d5f85ce09297 |
| SHA256 | 074c76487b2dcdaeddf4e0e654545e235439382f794f817c98cbbdc09e0d80ae |
| SHA512 | 33ff4197d13941fb24ee9d59fee03fb11edd5c8b94728ff13b48fcbebae85bdd20a5485f4492f1a5f1940f38e0975b440d4bbf3b49f8440519097ae5b4ed2c65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1dadb264f4911a0aa5d3a1ceec3e97d8 |
| SHA1 | fabbec0fdcb1e10c1f3627cd9450215cb2427c58 |
| SHA256 | 0dff50a4df46ca4cb5f64958ff48b57e4ba6fad8260f9d8c73c3391fb07e64b0 |
| SHA512 | 28c344c15211cefc537ab4d796a423d466483d50e4f5dc5e18cd02e71785d1b6689bd74426ce7f1a1d1cbfcc36f3084fe16531da19f5bc12d2d6db41a5579830 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f4736a25dcce2464d401fa42520c1823 |
| SHA1 | fdc523fd9a49dcecc6df6ff1d2f7927a3c52fc5b |
| SHA256 | 443901d2bfdb40495e1546d0c609fa1b7e233ef9a0d4b613b7829bb6a572aab0 |
| SHA512 | 4cbc1917f4e31eb99f4bdb59283ff874318994ae566141c2d40e2476face6f73bac9c1507b9e042311b072a6f78be09ca82665189c3ea4d6658597093fe4ee70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 70df4cb0a8fb6ad5028a196aeb2edfab |
| SHA1 | 6c6caa0b6938fdb2331c61167d04f357bfdd7eeb |
| SHA256 | 04d0f063d295167ef04e3798a99907317671ffc95f430003a1470ad466ec98b8 |
| SHA512 | e24352ed2fe3ffb6c54bd858287ca70e98deb5539a5180f40642e0aceba40f969b3354ffe42ae73b2201b8fc7e1fd0b06f327bacfb6d1820eb3286688c35f148 |