Analysis Overview
Threat Level: Likely benign
The file http://Google.com was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-03 02:13
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-03 02:13
Reported
2024-08-03 02:21
Platform
win10v2004-20240802-en
Max time kernel
497s
Max time network
496s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://Google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff84d6646f8,0x7ff84d664708,0x7ff84d664718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3536 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x478 0x4a8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3352 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,9272348639168104413,4011512481527727915,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.102.100:80 | google.com | tcp |
| NL | 142.250.102.100:80 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.27.106:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| NL | 142.250.27.106:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | support.google.com | udp |
| NL | 142.250.27.106:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 106.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.102.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.142.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | goldtits.co | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | goldtits.com | udp |
| NL | 78.140.176.68:80 | goldtits.com | tcp |
| NL | 78.140.176.68:80 | goldtits.com | tcp |
| NL | 78.140.176.68:443 | goldtits.com | tcp |
| US | 8.8.8.8:53 | 68.176.140.78.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.xxxtarget.com | udp |
| US | 8.8.8.8:53 | v.xxxtarget.com | udp |
| US | 8.8.8.8:53 | a.realsrv.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | stats.hprofits.com | udp |
| NL | 142.250.102.95:443 | ajax.googleapis.com | tcp |
| NL | 45.133.44.9:443 | stats.hprofits.com | tcp |
| US | 8.8.8.8:53 | betterxxx.org | udp |
| US | 8.8.8.8:53 | th.safestatic.org | udp |
| NL | 185.130.226.134:443 | betterxxx.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| GB | 87.248.205.1:443 | th.safestatic.org | tcp |
| US | 8.8.8.8:53 | 95.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.44.133.45.in-addr.arpa | udp |
| GB | 89.187.167.38:443 | a.realsrv.com | tcp |
| US | 8.8.8.8:53 | syndication.realsrv.com | udp |
| NL | 78.140.176.68:443 | goldtits.com | tcp |
| US | 8.8.8.8:53 | cdn.wasp-182b.com | udp |
| NL | 95.211.229.246:443 | syndication.realsrv.com | tcp |
| NL | 45.133.44.9:443 | cdn.wasp-182b.com | tcp |
| US | 8.8.8.8:53 | 134.226.130.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.167.187.89.in-addr.arpa | udp |
| NL | 95.211.229.246:443 | syndication.realsrv.com | tcp |
| US | 8.8.8.8:53 | wasp-182b.com | udp |
| NL | 185.106.140.7:443 | wasp-182b.com | tcp |
| US | 8.8.8.8:53 | s3t3d2y8.afcdn.net | udp |
| NL | 185.106.140.7:443 | wasp-182b.com | tcp |
| GB | 89.187.167.38:443 | s3t3d2y8.afcdn.net | tcp |
| GB | 89.187.167.38:443 | s3t3d2y8.afcdn.net | tcp |
| GB | 89.187.167.38:443 | s3t3d2y8.afcdn.net | tcp |
| GB | 89.187.167.38:443 | s3t3d2y8.afcdn.net | tcp |
| GB | 89.187.167.38:443 | s3t3d2y8.afcdn.net | tcp |
| US | 8.8.8.8:53 | a.magsrv.com | udp |
| GB | 84.17.50.8:443 | a.magsrv.com | tcp |
| US | 8.8.8.8:53 | s.magsrv.com | udp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| US | 8.8.8.8:53 | 246.229.211.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.140.106.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.50.17.84.in-addr.arpa | udp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 142.250.102.95:443 | ajax.googleapis.com | udp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.236.111.52.in-addr.arpa | udp |
| NL | 78.140.176.68:443 | goldtits.com | tcp |
| NL | 185.130.226.134:443 | betterxxx.org | tcp |
| US | 8.8.8.8:53 | a.realsrv.com | udp |
| NL | 142.250.102.95:443 | ajax.googleapis.com | udp |
| NL | 45.133.44.9:443 | cdn.wasp-182b.com | tcp |
| NL | 45.133.44.9:443 | cdn.wasp-182b.com | tcp |
| US | 8.8.8.8:53 | www.momvids.com | udp |
| US | 172.67.75.191:443 | www.momvids.com | tcp |
| US | 8.8.8.8:53 | r4mp3j100w.ent-cdn.com | udp |
| US | 8.8.8.8:53 | z0000g.yvmads.com | udp |
| DE | 94.130.130.77:443 | z0000g.yvmads.com | tcp |
| US | 8.8.8.8:53 | 191.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.130.130.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | z0000g.yorkvillemarketing.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| DE | 94.130.130.77:443 | z0000g.yorkvillemarketing.net | tcp |
| US | 8.8.8.8:53 | chaturbate.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.16.41.196:443 | chaturbate.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | c7739b5000.mjedge.net | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 84.17.50.8:443 | c7739b5000.mjedge.net | tcp |
| US | 8.8.8.8:53 | a.magsrv.com | udp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| DE | 94.130.130.77:443 | z0000g.yorkvillemarketing.net | tcp |
| US | 8.8.8.8:53 | web.static.mmcdn.com | udp |
| US | 8.8.8.8:53 | 97.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.41.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 8.8.8.8:53 | s.o333o.com | udp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| DE | 85.10.205.45:443 | s.o333o.com | tcp |
| DE | 85.10.205.45:443 | s.o333o.com | tcp |
| US | 8.8.8.8:53 | u3y8v8u4.aucdn.net | udp |
| US | 8.8.8.8:53 | 45.205.10.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.92.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tsyndicate.com | udp |
| DE | 94.130.141.49:443 | tsyndicate.com | tcp |
| DE | 85.10.205.45:443 | s.o333o.com | tcp |
| US | 8.8.8.8:53 | wct.link | udp |
| US | 216.18.168.161:443 | wct.link | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.16.92.18:443 | web.static.mmcdn.com | tcp |
| US | 8.8.8.8:53 | thumb.live.mmcdn.com | udp |
| US | 8.8.8.8:53 | 18exgfs.com | udp |
| US | 8.8.8.8:53 | 49.141.130.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.168.18.216.in-addr.arpa | udp |
| US | 104.17.37.193:443 | thumb.live.mmcdn.com | tcp |
| US | 104.17.37.193:443 | thumb.live.mmcdn.com | tcp |
| US | 104.17.37.193:443 | thumb.live.mmcdn.com | tcp |
| US | 66.254.103.176:443 | 18exgfs.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.18exgfs.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 66.254.103.176:443 | www.18exgfs.com | tcp |
| US | 66.254.103.176:443 | www.18exgfs.com | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.37.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.103.254.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | epoch.com | udp |
| US | 104.18.5.99:443 | epoch.com | tcp |
| US | 8.8.8.8:53 | d39iocnrk5rxnb.cloudfront.net | udp |
| GB | 18.245.158.43:443 | d39iocnrk5rxnb.cloudfront.net | tcp |
| US | 8.8.8.8:53 | cdn.x1cdn.com | udp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| GB | 64.210.156.16:443 | cdn.x1cdn.com | tcp |
| US | 8.8.8.8:53 | 99.5.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.158.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.156.210.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r4mp3j100w.ent-cdn.com | udp |
| US | 8.8.8.8:53 | engine.phn.doublepimp.com | udp |
| US | 192.152.95.130:443 | engine.phn.doublepimp.com | tcp |
| US | 8.8.8.8:53 | c73f010962.mjedge.net | udp |
| GB | 84.17.50.9:443 | c73f010962.mjedge.net | tcp |
| US | 192.152.95.130:443 | engine.phn.doublepimp.com | tcp |
| GB | 84.17.50.9:443 | c73f010962.mjedge.net | tcp |
| NL | 95.211.229.246:443 | s.magsrv.com | tcp |
| US | 8.8.8.8:53 | 130.95.152.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nwr.static.mmcdn.com | udp |
| US | 162.247.243.39:443 | nwr.static.mmcdn.com | tcp |
| US | 8.8.8.8:53 | vast.livejasmin.com | udp |
| LU | 93.93.51.191:443 | vast.livejasmin.com | tcp |
| US | 8.8.8.8:53 | nwr.mmcdn.com | udp |
| US | 8.8.8.8:53 | galleryn0.vcmdiawe.com | udp |
| US | 162.247.243.35:443 | nwr.mmcdn.com | tcp |
| US | 8.8.8.8:53 | 39.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.51.93.93.in-addr.arpa | udp |
| LU | 93.93.51.190:443 | galleryn0.vcmdiawe.com | tcp |
| US | 8.8.8.8:53 | twinrdsrv.com | udp |
| US | 172.66.40.197:443 | twinrdsrv.com | tcp |
| US | 8.8.8.8:53 | 35.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 190.51.93.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.40.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ccs.livejasmin.com | udp |
| LU | 93.93.51.225:443 | ccs.livejasmin.com | tcp |
| LU | 93.93.51.225:443 | ccs.livejasmin.com | tcp |
| US | 8.8.8.8:53 | 225.51.93.93.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dc1a9f2f3f8c3cfe51bb29b078166c5 |
| SHA1 | eaf3c3dad3c8dc6f18dc3e055b415da78b704402 |
| SHA256 | dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa |
| SHA512 | 682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25 |
\??\pipe\LOCAL\crashpad_4552_FFZHOAEZDAOIVSGC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e4f80e7950cbd3bb11257d2000cb885e |
| SHA1 | 10ac643904d539042d8f7aa4a312b13ec2106035 |
| SHA256 | 1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124 |
| SHA512 | 2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 50ec4cbb86b9273947e649347e2ea93c |
| SHA1 | e98be7f2e40cbeb3069b497ad9fcceaee5938c5b |
| SHA256 | 3c7924e261f813bc5cc187b214552fdfa6dc8a907783b9d53bd002548145cabf |
| SHA512 | 35adb5a74b2cb0dcf8f87e0de20db793a48d50ac0942233473bbaaa5147e949d3f603377d9d8d573a193281b388ea88850df59f5930ca59ecbb6fe7ac687007a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d64cef843a1c9543bdb3c7f6287fa6b5 |
| SHA1 | 7e7ed8b667b739dac95fd077e68ce454bfa083c1 |
| SHA256 | f44e84fae8eff57ac258819055b01419c887b6c81665982f40e14f6af45dda0a |
| SHA512 | 6cc9777aa9a728fd88f9008337fc893a30935af737bec9290b2942e9daa7a0c3dff066075047eb23a4a4695dfd569d9744eb82bf9ae6a9b24ce89ec5e90020e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d971ed136e0be9674e2c41a089909eaf |
| SHA1 | 3938440db1be54bddaed9588bccb996953ad698b |
| SHA256 | d2866715290c2b118d47cd7c88f552d4e433a97e99201019dcfea6406ae24530 |
| SHA512 | 275bb86082546811c89223aab530c5b9678bc9422959b636d4b1eb191acd3e9b3663afc9ad4348c1b073ccd882810e0c8776ef06ad43dffc0b00faac61337349 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 906a49aba2eeb8e9447ab167fb5785d5 |
| SHA1 | 3fed9cb293a3721050b7c1697991459362fb0bff |
| SHA256 | d898f9d44a82564b95ebbbd27a0e36f38fcb9f9057179760c1590739d7879560 |
| SHA512 | 7b7e3d29ca8fb5b334c6448eabd5cd2a1e3c2d807f3d40ae8be864f01fa9ee441c6949e7848789b464e277dc9abc9f7ceae0669b66e970729cf6db3f190f3f33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5b4a6d7d656895449fc97c8dd61fbfed |
| SHA1 | e5fcb98ea3d4120f7dc11370f7ee135241a450cb |
| SHA256 | ea8d92ad1a9e6aecd4512a7875e655ba35b8fad9eadba419fcdac78ff194e94b |
| SHA512 | 20969d6b7237d80e2a73462fe6afd0836592f446ccd907fca43fe05f7c2ae904c9072306cd680bc218a35a2e1678299aca8f0f2ce38614902f7e60bbef42d833 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | f934b8651447a6a76ca8b68ea6eb40ad |
| SHA1 | 5bda83811706c7595b7d15e6cecec56d7b20485b |
| SHA256 | f6011a9da52adc6991e8b2d68ee56cebbf71ae04fe6945d30c1fbb087e062134 |
| SHA512 | 1dcab4611b8d5cc4ff68fd0429f94668bf84d64da4a34200520cf6f40575a46722ade3d84039487c942096438b7eefc45bc2b4734ef055ff89ec39b1f1ac38e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | cfa9f685ec440d8bbfb8848e0c5815b1 |
| SHA1 | f9cfc26fb29ec38cb9c163c73b2ee27d3e4806d9 |
| SHA256 | 762843fe743d1eeba3bb3daf1c1e631f824a94c4f6c454a88ba805b59391b8bf |
| SHA512 | ec836f2d647d84bcad717261a114f89144152082804ed476f581445efd316db993ab4fe3c4c2454cbc19c6fb1fa68fd1241ffdde21f7c0bbae1a19833c709457 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 79e6346307a3d03798b8689368791f6c |
| SHA1 | 00e17cb077f8c2db95469bcc03565da2cc431a4b |
| SHA256 | 458e305e13a3680f46f59ed6e41906f58c586830ae8b804f999d9288ba73b83f |
| SHA512 | a8f7621757e3038ac72cf49cade19f0595b0c2fe021bfe08717fb3d6d04f3aea26f97b3d16b1cdfc9709f100e0644be160be593b2b03818d09ffb30a2a16ca90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584496.TMP
| MD5 | 0ecd975b4913619c6210232c9b8c0cc0 |
| SHA1 | c0becc0c5641c04f2c9f186c182dc465c4cebd60 |
| SHA256 | 7e7e2f45bedeb21fff78dfd8750b5c10409b9e566ee1cbaebc79b51c8c445d1e |
| SHA512 | 135cc69feff827ea8380d0869d4704edb7ad2cd3864b5c740982fc327d94e029d04bad1d0873d2d0e17d4a9771b4dc6d40b5dd45b626f84a76fd6e6f72865d8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ff385a60-a7fd-4ada-8eff-62c7b159d457.tmp
| MD5 | 57de5b0967b37ef2bdcabba2bdb2c9c8 |
| SHA1 | 076389830e31f87361cb3e1bda611041585221e1 |
| SHA256 | 3d6ca828f25101584dd573ad1cb3adc2cbb650cc1a279dcdd5d4b330c7a7e08a |
| SHA512 | 8ed9289530c3c0a3e12c6adfac81b2cc2e0cd369862aa4a1439a62810c5bec8be57b469c8048f7585eef30a6c8ab04135896f4955fac6172c374d02c4be3b601 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8a9f6fa3c61970378a76787fa5bcc8c8 |
| SHA1 | fc37998561b498b91314aaebfefbadb3b7032390 |
| SHA256 | 867df02d420f2f62d4b1999e36a151213e62643c40652cbb2641c58229d79451 |
| SHA512 | 8e459c259667d2299145657aa810386a434f6e875b26b75d15d9394d69146cd78f562a7b0b53bdc3c8f387f4c05035246261461d01f3bc767ef4da93e7633c3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 11a76b244608442ef577787bd84d13f9 |
| SHA1 | 4e5d894794193089ee9caab3518e10346d43d445 |
| SHA256 | 9f791bd79820367089c9254f50ca3cf52ff08a5901ec33344e1f2de2d61e1190 |
| SHA512 | cd12914455d9dfaba1176f8b57822d0324142c4a74eb05560a910bf8f677983d6c2b2aeeca3d2f6ea1054e92c088b0a39f78caf874e761e82a42a42b26ab132e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 4daaccdb07866cc3fae3c4973a15b9c1 |
| SHA1 | 65b04d541fb34f97b958d0e68e31cf33c00eebcc |
| SHA256 | f03f10bf6c4d2cd8faa43766f0ccfba78dabfde5c71cfee864af6c230dac8355 |
| SHA512 | 0d3144d273d7c84d78f29174f213864c84e8a9084994e25bca5dcd2327571a42078fbc6c050e74f8934b0e896c9ea7a71430eed5f3ebd122323280136d1183e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7abd6689-50a5-4da9-bafe-6f2aa10bf27d.tmp
| MD5 | baedc6caea4e02bd2a805c71c3363130 |
| SHA1 | 1a9d70bd0a6319dfb6a35f0e3920d1d4eb96f011 |
| SHA256 | eb613d3d196418418a84fff06766006e0af564e03b42cf2393f59be62a2d9ef8 |
| SHA512 | 8d17a820e8752de8c07a985ea744b0683b43c134d60faabdbdd57f1349007fb48aa05639809f9e032dbb32742ea889e90e190f65023f01120ccd4b08c092f923 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f305bf68f4a4088a852df9529eb8065f |
| SHA1 | f8f2c566a2c93746f27863f3177c16e6af8d042d |
| SHA256 | 5e9db81aaceb8b977a83c2ac4e180962b975b2971d7933bc35a28b151b79e1fd |
| SHA512 | 2fc1e0b407d553fd7372c78085901eb6a0e6dc7032b9fc2792302521c26a0b17df067795e94c9d099718ba14ed4cb77749542b5ca48a826a2df5f27556736000 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6b0c7cd9263831ff49f18aff6fe0cb2 |
| SHA1 | 473df96f8db4b9efd81e42370ad92f1b2b1c67d7 |
| SHA256 | 8b0738b5ca3c34687dbd13754c573d3fc3ac5cacf4ee43b7172ea419814dcfa1 |
| SHA512 | d116d7320dbee9106ca8ec21ba987d1f18776a5e3c56be036176a6d7c19678d29813adf331bc0cf619161493c72cd77830bd8902f433e9b30e15abcd7440f252 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3aaacb87061d4d20e59a1f48749f9366 |
| SHA1 | 2f1200de32b5102c4fa9afa6623ce7a09531f51b |
| SHA256 | 1919c570424ecda365612a7daaaab0b42a38161b69a9ca64ce3c6d9a52940463 |
| SHA512 | 5f2a8a058dde798583f1d97a562d5396fc6f7a5179158fa860d9c5a1df24028d750a7ea21865dc445dda3a645bbefc92920316ea08bc89791c302acf14ca25a1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5e51cf18819eabdea6494a2a536f3d38 |
| SHA1 | 7b0108b36965ba9d9d356855421c319c07de76ee |
| SHA256 | d24f137341c4c02d1def1982f284bef184f269dd7b06fdddd4c8bff99d10c545 |
| SHA512 | c8ae0b579d9848565e22d20da9ff792379385862d232a53a21203a537452a0c02727de45be1d906c99dea95ea2d7ff40ede56b8fd6e8ffbe5be660206e6b6101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d2
| MD5 | 29a37a3aa77315c802d9676b2718ee06 |
| SHA1 | 59c3a509a85454c58701a1a838a6c603870382d0 |
| SHA256 | 17a5c9147011fb6969768d5f23aaac18d192b5abf90243877c55154889255758 |
| SHA512 | d8697897225c9a8535b19257a221e482c5d1d9418acc323433108edf4467057e43d8803b69a14124953a03ea8a427b7b158a44fbf5b5c77dae078943afe16a64 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9a104a79fa2fede113929e3fa5f43929 |
| SHA1 | c65241e9aa4c7b081e9ad2df26f4ab79935c4bec |
| SHA256 | a988294baa4ef1e2d2790fbc4548acfc18a19844f9f0b2bdde33ead5307444c8 |
| SHA512 | fa9136d6d067c0ff4e3bb1da4a272c6119239c3b9c4de801d3abd2d340acecd53f7519d08e68ef26d66b086ee76186fa1fbf76ef7cbafbc852b93d93c10eba8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 785bab5abccd98b74e2101f2c90a3433 |
| SHA1 | da979c4479dbaff830f247df96da666793aa400d |
| SHA256 | 31db7755a5261822f4b486fbcfc1e25c4823d14cd600410a97cb60fccb456620 |
| SHA512 | b6eb729a2e152af7bedafeaa936b1dacc6a04b4186149f95a04bacb8504a728fd99a5fd1a53fac8d99bd29b5c4e12f3f71669ed62e391a20edf6a4c544672fb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2b1fffd881655b5a04559e46f33b4255 |
| SHA1 | e932cb0124751a9bf358885eb0f3166c9c939bba |
| SHA256 | dc0792762e3cfe0469b4141f8f035919cf03385c1c953f3464872bdf2a17439b |
| SHA512 | e6fe64ef71587c7194357945a78b357527eb8f35a5d0a69d10b323fc0a1f4eecb9c0582a2fb5c44d60f8bf49cc2451baf1ae256a22d2d716f0a53945a7a754f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a6eb68e2972cd792a87e9a9a28947db8 |
| SHA1 | 37fe6a666b36296df3909d57982017596cae6cc4 |
| SHA256 | 4b4b10476c8ad2c651dfc492715bdb63755167bda7c76f9fca21cb99706bd34b |
| SHA512 | 2e35da417d4bc082afa7ba015cdd802ef451db6e157ad22d00204e0841cc333596372fb335ee8edfc337b5ab8a7c12b7bfca20ed1a8880d3cc0423f0308c40e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43b5faba28e5d646ab73a35796f858e6 |
| SHA1 | 159d7f0a52541f8eedd132b8be40a4d34c0d811a |
| SHA256 | b76617a4ed1167d9d8e78f699354f1718df190b9d62b7942ca7283227e187de9 |
| SHA512 | 7f0500f5382350ccc47cbf7814083b6f4cb2621fa5ea2c02cf8397495d6112d30b76be8dbe23f0831c9019cae3e1e1e20cf6a17f5c55ac83b426d1816c69fa7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bbd19ff51299b8f9ee712e0947c34986 |
| SHA1 | adda17422add397547b6452fe383976d849222bc |
| SHA256 | dab114a690718c11831359d1ad3491366a83299aec1f065a80ccfcaa714be4b3 |
| SHA512 | 9f125d6da98e51e81e102419a06b1eeb36512bc5dd61e67be6300b0232f246094b52dd0e28e5c9e6d085d4b63e7b0f6b33db7eba8165beed6b2d9a79b712beca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e9
| MD5 | 541b52f8df8a3df08f715d27c3656ff4 |
| SHA1 | 1bd6efae9fd4d98a754b112e7125352cace45000 |
| SHA256 | 028c7327da81c16d3a6a57aa82e54bc08404fc20c2ea660c1441dabe88c7b098 |
| SHA512 | be74a4e0e2d21cba10a0230fe161f3e65f97892bc904fdbe5a14db7922e4d4f9fec7e9b8c9ca3bda93d341f528ac15e5064f11bcdfccfa9211a4807486d3310b |