Analysis Overview
Threat Level: Likely benign
The file https://google.com was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-03 09:46
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-03 09:46
Reported
2024-08-03 09:48
Platform
win10v2004-20240802-en
Max time kernel
123s
Max time network
107s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4182098368-2521458979-3782681353-1000\{E43AFA3D-EAA4-41C5-91BF-56E2DE0FA51C} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 631033.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffaa162cc40,0x7ffaa162cc4c,0x7ffaa162cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1912 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2148 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3260 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4640,i,8920086569390190757,10694039732539219903,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa0aa46f8,0x7ffaa0aa4708,0x7ffaa0aa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5028 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3632 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2036,14035550605078741958,15918368972746599239,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaulta5a0ad77hc833h4d57h9fdaha3907e313dbb
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa0aa46f8,0x7ffaa0aa4708,0x7ffaa0aa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,7073223675021210658,11699322370614631488,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,7073223675021210658,11699322370614631488,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,7073223675021210658,11699322370614631488,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.102.101:443 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.27.99:443 | www.google.com | udp |
| NL | 142.250.27.99:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 101.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.250.102.95:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 94.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.102.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| GB | 184.28.176.56:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 56.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 184.28.176.90:443 | th.bing.com | tcp |
| GB | 184.28.176.49:443 | th.bing.com | tcp |
| GB | 184.28.176.49:443 | th.bing.com | tcp |
| GB | 184.28.176.90:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 204.79.197.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 90.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 173.222.211.41:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 41.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 104.18.21.94:443 | www.epicgames.com | tcp |
| US | 104.18.21.94:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 23.200.147.41:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | store.epicgames.com | udp |
| US | 104.18.2.64:443 | store.epicgames.com | tcp |
| US | 8.8.8.8:53 | static-assets-prod.epicgames.com | udp |
| US | 8.8.8.8:53 | epic-social-social-modules-prod.ol.epicgames.com | udp |
| US | 8.8.8.8:53 | components.unrealengine.com | udp |
| US | 8.8.8.8:53 | cdn1.unrealengine.com | udp |
| US | 8.8.8.8:53 | cdn2.unrealengine.com | udp |
| DE | 18.66.192.78:443 | epic-social-social-modules-prod.ol.epicgames.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| GB | 95.100.245.24:443 | cdn2.unrealengine.com | tcp |
| DE | 108.138.36.96:443 | components.unrealengine.com | tcp |
| DE | 108.138.36.96:443 | components.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 41.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.2.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 3.220.35.29:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | 24.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.36.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.192.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.35.220.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cms-assets.unrealengine.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| DE | 18.173.187.7:443 | cms-assets.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 7.187.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn2.epicgames.com | udp |
| US | 104.18.2.64:443 | store.epicgames.com | tcp |
| US | 8.8.8.8:53 | epicgames-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | launcher-public-service-prod06.ol.epicgames.com | udp |
| US | 104.18.29.127:443 | epicgames-privacy.my.onetrust.com | tcp |
| DE | 18.173.154.80:443 | launcher-public-service-prod06.ol.epicgames.com | tcp |
| DE | 18.173.154.80:443 | launcher-public-service-prod06.ol.epicgames.com | tcp |
| US | 8.8.8.8:53 | epicgames-download1.akamaized.net | udp |
| GB | 23.200.147.25:443 | epicgames-download1.akamaized.net | tcp |
| US | 8.8.8.8:53 | 127.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.154.173.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.147.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.206.78.251:443 | cxcs.microsoft.net | tcp |
| GB | 184.28.176.74:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 74.176.28.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.78.206.23.in-addr.arpa | udp |
Files
\??\pipe\crashpad_6012_TDEQPRHEQTIVQTJB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f85cd79cfcc9c6efd77595e36ac67137 |
| SHA1 | 0e3030685a701007ebd2feeba851ea718144b136 |
| SHA256 | b5d4c0fb7e153266843024e074303cb22fe426abf3823ae97cb45c9cf5aed124 |
| SHA512 | 2a21b90350bcb0ee8acb3ffb1668954f161c08f8f9a198d93340f91e743c5705a028cdf8c1a29cea2426d1cc5ba0a437fc6f7166cecd6b334bed235d9ff43acb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c41cbe2d994ffffd4d2c22e56ee0942 |
| SHA1 | 4815b95376ddfa15e63297ce9d75c2632647bc04 |
| SHA256 | 2038df7fb1f8352ef8d62576b3b2095baa24fa98df1daa2d1fb9b7047cc8851d |
| SHA512 | 5d759db963660087a1cdecb3d95204cdb8e26674a7365817c23e952f4d016f3df7f40c1647dd9b5dc80e9574e4db635c01a0e4189a13db0285be708b8068b63f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1823f733864ce6f08da2d1e478afe8ef |
| SHA1 | 9e594366c434e6829aefd7521b75636d0489b23b |
| SHA256 | 68e3a3cef8a736b0d7b9bf7123f40c22fe2579cdc752d46a1a69abf11d3dd315 |
| SHA512 | 741fa3ce4724d5c2710c58eb5d434bb31d8141eb6002c32852368d0cbcfb84dc5af1a1c050cb8088d67c450683cfa681447faf697b3e11a0ab704e24d8084a2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 089a050d0ca2210757d973524874ace4 |
| SHA1 | 23d5886440e73152e199c7b9867696ac877cf051 |
| SHA256 | e4d6cff2461b788557efd5067d545e31354534ae25470ec5dbe93ee0d7f8e565 |
| SHA512 | 4c0e4cb050340a47e0ea8b1e002f00af007ad3f73dcad8483fddb6686f736acbabbfe8dbcfcd3873b2f7c46eefb0eddf5cdb43c3aa13ca2feb93ac0133c7b509 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5b9b42dffe2b86aea64f17974406fe85 |
| SHA1 | 26931c0bd5aeadf0fd2299cc5653fadd9ae80d35 |
| SHA256 | 6df80b6f04dc098482227670a2f3af9e3125b933ad9c3e03c42060c60c7af036 |
| SHA512 | c7cf15cc2e2e5b57d71c8c3b0fb134eaec688ac9f135418883bc9eea21b07d92a200326f50fb1689f58174e0a90db1b2d59059b221f840470fb09e9f89410a5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a704b677ab75177dacc5ef5d5e8b598d |
| SHA1 | a14f759842f13b42c2b5720209b8dd39774177a0 |
| SHA256 | ae268e22c506bdf2f80199a00002482d4626b484c2ffeab898f243227abf772b |
| SHA512 | 1ab81b48683b24ad2ca1a9a919c9031b09917fcc1844603ed5875bd4bfc0ad20838f17a71ed34db895034fcc19b7f25be9e92d0f6ce64bc776449e1ab4517b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\62865988-022d-4301-a6fb-12b51d2d8c67.tmp
| MD5 | 5c678d0ff2fe68e1a1e371f3647185cb |
| SHA1 | f09e1072f10ae8b14b75246b6c9fc128497a1872 |
| SHA256 | afdd4367439b1923311c7ce22088c5b2d1b84f6fc9135d43bbd85292bdc5aaac |
| SHA512 | 397090ac3789cc35cf4a6a73cdda52cdcb62872663795236a866418e47381fd2be6525f4604b6637316229cdb918cf4932dc69fe74cfd97a5dad2c16e620beb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 80671457b06f28b59982a5074236ae01 |
| SHA1 | 43c346387c1efb4a62098f2d5daf6a0eb4eb111c |
| SHA256 | f42f34dba839dfffb62eb3d88055a52cb98036bac9f852a6382abe23a9a4a221 |
| SHA512 | d9fc300a76a58da72eab54072f066ba54a4128573e126b9f03f44b43e1ef30faca3a43c8c4fd4eb697e8e629bc48ec5c401c1c13bcca682da43e85937c6e6d7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | c8d920beed1440d9aa2ac01aab22cd5c |
| SHA1 | 210bfda44edcbcccd2b9ef1e4b13132710cec786 |
| SHA256 | e2b40be841a8ceca505b1491507bcadf4f7a393c10b927dabc15dd2f5882b9ad |
| SHA512 | d6790aaee04af703bb2027239391cbc7669b2689fccbfdf421dd78e4194f8201e3bb176a62772188f8232e733fd8e797b87638980f6fbcc5063f0ce1816af746 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d9fa722f98bfeabb6089b8adcd1f46f |
| SHA1 | 41977cb3b71866ea908eaa67c05958821d6789cf |
| SHA256 | 299ae6ee52677f6e3eb19ae2417a9fbd2781573ee43fa04f29d9bbc63e781d07 |
| SHA512 | 845439822feb1c9528e44a55d5ec938aa2834a2ebd768810cf2856362e6d12d74945fdda1068c76e07a0cc9a54793fb8b02aa71ed968133ceed6ad85414152a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a51456caeef20eb4b9c8f8acc176c524 |
| SHA1 | a39b4c22638a182b85cdec1388f208539a6f3430 |
| SHA256 | cc39169086cd9e6025d713fa7e025cf23afecf9fb5f389b35de4352208df79f3 |
| SHA512 | 31d8ddc0e83a1941b5e92f6293e73aeb8b6230e392ee307527cd11a92df3c6a5a1c9caf6a40c5afe1c03ea25e6e49389adee1a19c470e7de9b29c00f28857fb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ccf7929f51ef4450c6cfb574045ba0d1 |
| SHA1 | c98f812ee57fc9142f456066260066064d415ee8 |
| SHA256 | 3767053a5c66c761cf297ffb68ef46e4eaab4367efe927fb41b18fe1b803b6d5 |
| SHA512 | 8d197e6b4651e915032bca30850cafeaedf3cdc8d9818338d2600eee4f7dab6114ccbc02f69c6078b842180f1d337278cf052df9231f40662c2cf1a73f2c4383 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt
| MD5 | d63bc09816b19a1f442903e6f2f7c9d3 |
| SHA1 | 725f8623ca9b961f6d5e1f1496cf5bba30b398d7 |
| SHA256 | 2c14de0e9f45ea853fd743413abb27f3bb99519322a2d262a07d79cf4c12e5b8 |
| SHA512 | dffa55a5f99e5568f7b6d9d0aefe240e2fcace97fa03d8129a89ba92ca77bcf828bad6d3e5823d807ac29641a88115e3206ba8bef056bdfad9e7d0cdd0fc7ab2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt~RFe58dc51.TMP
| MD5 | f0fc7a331365fe2355874f89c756863d |
| SHA1 | 45ecb62bf9ab345f8c9eebcf8561bc636a0c5423 |
| SHA256 | 442b37196c48954326a4f9a5735c7bcdf133264b77463819318e0451ab8680fd |
| SHA512 | 535b5e997685a2772b1f241dd6134c8d352344132b519240e27e6bf9b060ba71dbd238a413d7c5eb4534746ac7343ff7e68d767182986cf799f25e3cb6519298 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43164e3e84ce90ed4cb79ea9a72f7a6b |
| SHA1 | 42aae8e3b3a6c3573442ab3b1cdd999d76f985d2 |
| SHA256 | 6899a2ff400f8eab9c801f9a74ad830d41cde1560163281b17d5196fc7794a8c |
| SHA512 | 0f0aa4885bdcd99e4c831ba2eab3828722b7bcc5a1bde3bceb55fb9c87754ea690603a896265c573e8140181d9698a970d1beaee5e461c607f88f24f6559737e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3906c55363d2956c8bf72e971fdca52c |
| SHA1 | c748c3af7b80d096cf23e50efca7ea1adddea107 |
| SHA256 | c813216dec3fea83f1e29cdf7a8f5f4a25da164b84655bb7c74c22eb0b11b8b6 |
| SHA512 | d7f7ef5fff7639d426953bfdf754816ed89fb96807dff548f71833ffbc034a383470d2cda4f594555f73f0998355e13855d855af273b9358d3ddcf1e120fc365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58f8b3.TMP
| MD5 | dcf71caa2d21159f8fb86ca5413f2dca |
| SHA1 | 540b269616e6b2243807df64d0e71224eb2e6585 |
| SHA256 | dbdc1cf3aa9fa6cb6b6c3ab27cb1f8c83d81d4f9dea879321c54a62d45f492cb |
| SHA512 | 7b07a1641ef178f8c1eee3262b487ea8bf267eea0769b93587c82f126d6dd8f84e18a0ae59c70ac9d8e7446622d3cdf658139c01098265141a03599a0249857a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | feb5a12400f5918449266dc0553c21ff |
| SHA1 | 02d9f7b1b2e2e8143ff2563c471a4808754db4d2 |
| SHA256 | c439c161fcc64fd147c1f80529a535962b105b61ec200fc82004725f57f29ea3 |
| SHA512 | 2514b9cfc653f684235253001f135626dca1fc89e0dab66896531136b7c6de98f24fee9de908a54b86c2e921fd3c053bdca49d8947d68f5f326c3c5c4e7f8127 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 264628a0624bdcfda2fe5b56740acdba |
| SHA1 | 02d74f469e50d554d2b58fe0e2a88ea23312aa01 |
| SHA256 | 4437d27de81d9185c159c07f5356b1786dcc971bf772a396f84f0961901e7714 |
| SHA512 | 42b5a27cee8e11659c5ade310509759ea26ead7a69e641dc7d722027f2bfce793c0f76d7e3975e0b1f113fd00bd1a2dbeb5b5cb89e36dba0479cecd11e2c5296 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 189634a029acbf515493e3ddfe9548d6 |
| SHA1 | a8ef1c7d17e2ac3c69b3483a14cda9e033a79437 |
| SHA256 | a8ce9456ee8cb33e4e77201be21f46daa6aa055856bc0c548976fdb109cc5cdd |
| SHA512 | 1d5b614d2a712a7e5f90b72eaaff08c5af9e1c6e56bd8f1ca20e829262dd6836a1f1689a6b38c6031cb56606f48a5af3deea623598f12fff9e3eb8e37e83b79f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | efdb54aae9f65defff2e675714001346 |
| SHA1 | 14d1df249f1b73c8a718dc70c2a5d38d3add8618 |
| SHA256 | c5ce198445907c7fa318fee919b356cc0c7e4ba0fe040d1257a265c09c3205dc |
| SHA512 | c16bd6fea8fd644e83fb401ecb33ec5172f545ee27d59b430985281ef505eaec93f38cd26d3aab6528b8fbc32740938413ac5213bee069c3b701fe2449166c27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe592a81.TMP
| MD5 | a1d56b3b9a3d805dd2af50a5200c3522 |
| SHA1 | de6512c5a005007c8f49b5955c90c398a4829616 |
| SHA256 | 5e696a1593931b98415baf15829faf322747b343dfab02d5cec50e36c66a7dcd |
| SHA512 | bb734c4a36f0242aa4089eac76ee4ffaf40a651516b0eb2a4c603a75f3512fce579b698d4062f056917b5d45bdae00d537ec218e90960669b4dd1c2f5563a5c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\a0b10f76-7f37-4a75-bb0e-da9f9fc2ecd6\index-dir\the-real-index
| MD5 | dc242484818b7f092e7c80f8a489316a |
| SHA1 | 254245fb3bd919c4bfcfb497c8132052e339a7f9 |
| SHA256 | cd199da763022e5f69bf88980e8cc404c0d6c9317272f9a39d8555def75d9db2 |
| SHA512 | fba6ffe71f12fdf8fa1dd9d38705bad6e110aa6361d97c8aaa651d9a29a68913c36cbfa3912bf7f2f9031b1858a10740dc170531e220690b23cd1dc2a26516b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\a0b10f76-7f37-4a75-bb0e-da9f9fc2ecd6\index-dir\the-real-index~RFe592c56.TMP
| MD5 | 6c4f274d922cbabc5078932628d73d50 |
| SHA1 | 7d120240443b4a6b32d2146448c5ece086d269f2 |
| SHA256 | 56655148b843e0b0cfd86d99844a676058ef7e465d86a5413009c2e0534140e3 |
| SHA512 | 38762d83f36665c612d65e572fb741ec7d9f58cc199af8ad3535f65f5d682005263cc240e55bb023afc8c2626edd1236cc668b2055afe5a02084930e3cbdcded |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e4373be655db9447d6fc31c00553c1e2 |
| SHA1 | 456e507172717acc843bf5213470b96035ecfebb |
| SHA256 | d4b3fb5dc4b16010be71d04627f6b1bc27e36de31d258f2e9fd9e08fc68e64a1 |
| SHA512 | e429aac978c2abdcf6d83a02a9dd3ea812e250d9f45f03f7290c4e4d9e2a5bd4aafb74ea3dd1c16f93e091a533a4345fd136141eeb72d2f8c44b51d0eee9637a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\f7cb182b-77f1-4eb3-8bcf-579ca9b92386\index-dir\the-real-index
| MD5 | d31a30546015c9a28e9363b41277f9d8 |
| SHA1 | bf290d6206f2081af32ec7095c594ddba31de84d |
| SHA256 | 8a6fb0fbaf24bcf075ae630e5385a7e9ea30dc7243b98ae77449b2234a46edf0 |
| SHA512 | b9c5c26d8e3da2dbe2e0031e17351ffc3651f740c28f20e4147e677af8b4ca0615a4b94979fbd8e675f0946f04942f5641c97db45e03d7e7e33ec5c0399141d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\f7cb182b-77f1-4eb3-8bcf-579ca9b92386\index-dir\the-real-index~RFe5941c2.TMP
| MD5 | 1427324a7666c20e115f8523c6e29bc9 |
| SHA1 | 5692b8ec6e932977ad215a87ceeca390d16d0769 |
| SHA256 | b244d2237dcb3df52231cf8752e28f4696686680980995f6510d5539bf33ed31 |
| SHA512 | 21df35caecbea087fe8119cc7b412961ce6193ea0277a085cb95943bfafe91b9d282a0f33d8ec74c6a6bf7783bd8ebddd7ea3e3033c0a729e762f7a4b0d4e10a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\1182b646fe1b7c2fb535f6df1b863e7a17f43db5\index.txt
| MD5 | 1452a099593fad192bba8a2fcb99b757 |
| SHA1 | a1441f7765b4b2334dac287f0576f2ce3a7598c0 |
| SHA256 | 74b4754ff0d77fa8b0fc1c2276bacbb740624d4486174cee1ef46c27096ff86a |
| SHA512 | 49bdc627043418764e899ec7ceb871276c13f2690a4cba1a6008669c21d2a619f1ea3fa5b43c770abc9c6624904e23c3a7dde19b215a0a7101f79d6a7bfa8a11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\1fcc8c92-1011-49ca-883b-240b9c30ce52.tmp
| MD5 | 4266472e6e998bd910e213286d24c10a |
| SHA1 | c752dc3eeff839efcfbf8d12e34d957eaeb82b03 |
| SHA256 | e073bb4663f2efe7f5aaacc1ec586bda8bdf6bec5e6942109097e0fbeca90954 |
| SHA512 | 167dccc9441abf0780000dbfa35206772890aebf14764efdf507498a0db5adc9c5f6e7b58e68f60675d143c9798acbd2d84ed04f14124d72275eb9c682e4b352 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 91e5c317d94b58367b444bce76a3974d |
| SHA1 | 81cfb20e022b5d092b867b7e57d2d8e95c2fae25 |
| SHA256 | 14d095c6db90d9c06169b04ac47c0f81a6220a98df0ebe923668e96766e9a90c |
| SHA512 | ecbf53e49d79e8c3a9196abef1b451a5eec5bad5d7c95b1a16701b3da059573d89c61cf5a8a699864699fda35b64564d885d54926fe1bb2a11f979aa9cf8a64b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4fce7fa6891e532d8de284135c2c10f7 |
| SHA1 | ec53aa1d60226ef6a253e44f53d6b7093d72989c |
| SHA256 | 13081ffe467eb42a5825f450f8915a11875cb9b534fe0e1e46402dba5c51021a |
| SHA512 | 7379e9c930117a6d27d817f84642e9dbd724bcb218ed2da8b1acb3ef724f4808dfa87efd240090e29cf822e9b3a534b188401dfce8155a5ea1fb887da53311fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8e93b635e4a90cd7f35ecc583d630a87 |
| SHA1 | 377557f42040c5911ea2af188b51ec6f15628899 |
| SHA256 | 0cc51ef2b5c655f07ebf1a1da26928d3453fb5a446ee5c6881024238357c4b21 |
| SHA512 | 17b8b1ad65258981990fe94a8a06d155720ad8469ecd6d7afa5fd8f483003a481d0990b8d1409e6a060ad5b96480dfbb38fc30a60944984b771b4f9caa525e30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 7f41afa8d178293927361959ea26723d |
| SHA1 | d7dd464d38d712c60548701254352f40cdfb4b6c |
| SHA256 | 2a43d23160aa9e165c0e63c6c23737b7de192f823afd5bcef4bdd6c887d32df3 |
| SHA512 | 3adbd6447edaefdfba3e18942d8deed11ca8ba8a39f0fcc502f68a2b9e5897c3956f1911f56fcfd05b520093b0870474c8595e0684d0660b9983d9b53214b2fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9655a085-ab24-4a5d-9e0e-2552623c7aa8.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | f8aaba4f89a0de93141f4a017d98dfa4 |
| SHA1 | 4d9097cab9792d5be356f6e2cb096bb089af0134 |
| SHA256 | 9e7d919da9235de5d37da743877a49440fe2cc708776cff001d601d0676d80ec |
| SHA512 | 20bc20d20d8c4d6eb1ad9a85b1a734d396fee2d1a361d9bbd28bf0a1828a3e071dda08aabdd74821029ec5d309df0808ab52913a38b7afa62421262a2fb87e78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 6dde68c0d5e6ea41f19aa61e2fe70dc8 |
| SHA1 | f5bfab1f6bb24a48ca6a4b9c99d680e939ce7a6e |
| SHA256 | 279f150edb9a0b25fd2172c61b96ef2a72843ace24ca0ddc4241d6f3132c83f8 |
| SHA512 | 4ec993a12609474aefd663cebb9b8557812385e1a5c14f66b57652ddee00d4814907022b6c4c64b2d410979a9a435c19c80f1cf9b6c766649b4ce3a6760485dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 9a2a6b2a983be7b8c1e1049011e083f2 |
| SHA1 | a6eeb2da7a698d201c62154efb1ffeb800cc8a25 |
| SHA256 | 344e10d0652929a9335731390db5f3b42f6c1c957e69335deaf54c8296994493 |
| SHA512 | 4bea5424ca76f316dc5cb43534d8dfef122c5e59701eeaca6c02979cf948e2890e4a2ba85ee4897b9d26986310f76b4303401de6c0f661e2e73dfebb52102fce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 7e66eb437d343a02eb451055f356352a |
| SHA1 | f07ac98b1c58c535be73e10e3e25779dcfafc083 |
| SHA256 | 0eb2b0b4106f8db0035b5b3b4e02051885d1d7b26595ef17f5abbe86c4d0a39c |
| SHA512 | 2f1289350ae7b111fe17dac07509e61eb745c43afcd6407bcaa27e0e32256f9aebd039999e8a30a951c9620d3cd20113416152e502e5d5a46d640afeb9752055 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | cec9c641f00e4f12a7fe0f08ba1b0530 |
| SHA1 | 5c5306f5f90d7ab86cda0d77af6f11ff5b9adb72 |
| SHA256 | a3c90f2ef95f9bc9fcdfea55baebd802654c5b5a41c0c6687d944cae8f4f54f5 |
| SHA512 | 8c0cf89488970c6a2c401c22d50e62ddcece7da43c79ed83b953d26c2748e44ec55a36c77b1886954db700f9372b46ea275a84ba8f4f482d370187d7ebf42834 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 592fb5bf34c4622486f87bddbfae1490 |
| SHA1 | 687e18e10009485fb1a0f1a5a030cd7e7564f61c |
| SHA256 | 6104a24b0db5ed0d58d75835bdb699444c216a035980c123f2de5b21ddf9cf31 |
| SHA512 | c44410e54ef053c02e6ad3b7cd83b47eec3b54bb8e23855416e32b4218ea042494662d7b673c65f9903b418b8953a2daf001cad941a58f7be6d8b6283f9b11c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | f31b947f9427d29e3ca868bf73297212 |
| SHA1 | 3a465610e05a92f883bda6d6f00b6bb5f895786b |
| SHA256 | 6a0e36429cc20de406306813ce546bf76038d8f6d10549fdd7b993c9d56521da |
| SHA512 | af5c647a9e3d3ff8eb102f530ce2dd4527706fa31a00f7c6993bbe69ea99b3bf9ff5c942663d6e57234c56b91c129a85e5cd4a33b403205539021baad435fb46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log
| MD5 | 0395d755878fec800d3599627a06ce6e |
| SHA1 | 25e39cd9be60679c4d4e87788188b1bf3ddbef56 |
| SHA256 | 26465811a11708884f2793dba570610fedb368dc57dc35001f95058b060c5742 |
| SHA512 | a2bd5ab7832c601ce76c38b5b2f41181007073d9294f85b171da0c22b3d12b94967d409b33683e366eb3fde001c2e8fc5550c0f124bdbb258f4f704f7a8e3a8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
| MD5 | 9498e513eed8a10e07bbe7a2d0f1b7ae |
| SHA1 | 5e57ea5b5a934022bb1cb1c244337ae2dfc14e50 |
| SHA256 | d61491e60a807befff169c5f5372aabc2af8d4793ba581955989a2f96f77551d |
| SHA512 | df637f6235906de3b1f3d49ab5854e191235c8e79588550dc2f275551659d4b6c79575a3d7fafa35a7a8cf7c28e8a3823a53afb44093bc3e1dedb5fc5220e87b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
| MD5 | 196c38a8bef338ac67282dd066f81023 |
| SHA1 | fa2b488079d4f943dcdb118d30f60fd93917a6b5 |
| SHA256 | 9d492402de3c70876afb253c7e832dea027f5ad12d3af6c498305793251d723b |
| SHA512 | e549ac147135f5724b121f460d999cd3f854c93d3862ca70286a7e8bc24b96ef44d4679ec899294f1fbcdf7ea3e1c27db900ecb0a61488b35d9cdc3d07e683a3 |