Malware Analysis Report

2025-08-10 22:35

Sample ID 240803-tk67jsycll
Target http://google.com
Tags
discovery
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

discovery

Downloads MZ/PE file

Legitimate hosting services abused for malware hosting/C2

Browser Information Discovery

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-03 16:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-03 16:08

Reported

2024-08-03 16:11

Platform

win10v2004-20240802-en

Max time kernel

149s

Max time network

145s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Downloads MZ/PE file

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1302416131-1437503476-2806442725-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 747242.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 26964.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1152 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4044 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 3112 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 2064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1152 wrote to memory of 4944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc370446f8,0x7ffc37044708,0x7ffc37044718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2724 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3428 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5776 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2cc 0x31c

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6860 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6876 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7076 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,3451896327823874931,5898785557932892893,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6480 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
NL 142.250.102.138:80 google.com tcp
NL 142.250.102.138:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.147:80 www.google.com tcp
NL 142.250.27.147:443 www.google.com tcp
US 8.8.8.8:53 support.google.com udp
US 8.8.8.8:53 138.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
NL 142.250.27.147:443 www.google.com udp
US 8.8.8.8:53 147.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 88.221.135.42:443 www.bing.com tcp
US 8.8.8.8:53 42.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
NL 142.250.27.190:80 www.youtube.com tcp
NL 142.250.27.190:80 www.youtube.com tcp
NL 142.250.27.190:443 www.youtube.com tcp
NL 142.250.27.190:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.27.119:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.102.84:443 accounts.google.com tcp
NL 142.250.102.84:443 accounts.google.com udp
US 8.8.8.8:53 190.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 119.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 84.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 142.250.102.101:443 play.google.com tcp
NL 142.250.102.101:443 play.google.com udp
US 8.8.8.8:53 101.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
NL 142.250.102.95:443 jnn-pa.googleapis.com tcp
NL 142.250.102.95:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 consent.youtube.com udp
NL 142.250.27.113:443 consent.youtube.com tcp
NL 142.250.27.119:443 i.ytimg.com udp
US 8.8.8.8:53 113.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.102.155:443 googleads.g.doubleclick.net tcp
NL 142.250.102.155:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
NL 142.250.27.148:443 static.doubleclick.net tcp
US 8.8.8.8:53 155.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 148.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
NL 142.250.102.100:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 100.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
NL 142.250.27.91:443 youtube.com tcp
US 8.8.8.8:53 91.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 yt3.ggpht.com udp
NL 142.250.102.132:443 yt3.ggpht.com tcp
US 8.8.8.8:53 132.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 37.56.20.217.in-addr.arpa udp
NL 142.250.102.132:443 yt3.ggpht.com udp
US 8.8.8.8:53 rr2---sn-aigzrnld.googlevideo.com udp
GB 74.125.97.71:443 rr2---sn-aigzrnld.googlevideo.com tcp
GB 74.125.97.71:443 rr2---sn-aigzrnld.googlevideo.com tcp
GB 74.125.97.71:443 rr2---sn-aigzrnld.googlevideo.com udp
US 8.8.8.8:53 71.97.125.74.in-addr.arpa udp
NL 142.250.102.155:443 googleads.g.doubleclick.net udp
NL 142.250.102.101:443 suggestqueries-clients6.youtube.com udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
NL 142.250.27.190:443 youtube.com udp
NL 142.250.102.155:443 googleads.g.doubleclick.net udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 847d47008dbea51cb1732d54861ba9c9
SHA1 f2099242027dccb88d6f05760b57f7c89d926c0d
SHA256 10292fa05d896a2952c1d602a72d761d34bc776b44d6a7df87e49b5b613a8ac1
SHA512 bd1526aa1cc1c016d95dfcc53a78b45b09dde4ce67357fc275ab835dbe1bb5b053ca386239f50cde95ad243a9c1bbb12f7505818577589beecc6084f7b94e83f

\??\pipe\LOCAL\crashpad_1152_QQOZXDMCIRWAGOCX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f9664c896e19205022c094d725f820b6
SHA1 f8f1baf648df755ba64b412d512446baf88c0184
SHA256 7121d84202a850791c2320385eb59eda4d697310dc51b1fcd4d51264aba2434e
SHA512 3fa5d2c68a9e70e4a25eaac2095171d87c741eec2624c314c6a56f4fa390d6319633bf4c48b1a4af7e9a0451f346beced9693da88cfc7bcba8dfe209cbd1b3ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 94d6d7533fce802294f49904fde62ee7
SHA1 3cf96f7dd4b7b6e318b9e41239ecc972a3ad930b
SHA256 2e182a1b560728061bc19575077dbdc8d5cc8cd9793170ee860cbfb9ed374e7d
SHA512 ecd1588b0d82e23ef1900116f8c2c9c38b623566b66d7e189578a608dab9ccadc25dd37cf779ac7dccd5be2395c41a2453bbd77213924b30ff88bbbad53e7fff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 08ef01e751368a4e547e318db1fab835
SHA1 2ced0fc564a6c4ee0440df309c9b0200172213e0
SHA256 be1f8eb73fefb79eb5ecf3de4145a83b322e155bbc059043110a2e672450f284
SHA512 f58262e35f8738d9b5e4e53b946e65c221ff874982dfc9c4d1bee7c4e1cbd9858ac789254b8cdf3261243138e1c8fc5e70826c9335bde480a4426241cca88676

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e0a985758fcbe5085ef49f19e5290477
SHA1 7b5e6dca69c85ab475a00f2dd1f0c805a15dfa1d
SHA256 65047744dd7beeeb998fcec427e56104ea8f1b3d9154e2b52bf05a68344f9ffc
SHA512 097715ed04ca7dcfc430a9c34e310e4179c4cf52a6c0dd0da65ab6b0550b3e49c8d1c07248ec63de920bed65a0b40bc2606413be36f1016733bf90bdeff1ba21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 dcccf9ef3b194de61bd307bbefddb6c7
SHA1 c3fa6940a83ac4bb7eaa63ec5ae5213250109291
SHA256 b3c3bc4f82a5bddc5df0e8aef89dd1726a0cd752f19604c4596626ad8eb4edeb
SHA512 5bc65a22046e3e4b86ac009f795ece70cde7bdd28a61820665db402fd85fa834e0ef05adbe2791ce401e9f6a87de782adf4f06076a751486df23e7b3bf439767

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e42a527c4ec0a598a55fa2da6e52842b
SHA1 09a28e9e05213c809cdf4eb076e96d4eda0956ed
SHA256 aed61f2f3adea920615356ebee573208be4a48f7168bb647cbf759005b7af40b
SHA512 976fbfa7ee0198939f8d616e3d53d8da2174c912591e942900f59d3dd60983123988eaa58dec72fd1721b37cc534f6448fe994c899f0511da4ff11208c12fc14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b12657aeccd205a5e4123cc3f1fec53c
SHA1 67cb6cc1617b5cf4a1e9d7e24b2930c2b0468cf8
SHA256 3a5e10406a604216634c32d7cc0e3d35640c18d5e4dee37696da1d5981718ea9
SHA512 75f92867d4c4b09eeff93637c2ffa7c0aef499755ff00f26c91fe9a5659d621b901af7dba7c044359f06ff550e2d033da5dcc09178551bbf92a572de4d3734aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4560c87-9430-40c5-86cd-a700a14158a5\index-dir\the-real-index

MD5 3ee2ee337061936f6cf390b067f0bacc
SHA1 efbd84e2555b9b5cface0d952e679a76dd2ea862
SHA256 5c6900689ddaf1077314336e14a7f198d408b38220e1f9686e69337fda582aaf
SHA512 bc1da4b6f8f6072c1b0b502e01e1fbc3778b1be3ef27c152bf2e6a6c108a86295fac54c741535c006babf6b485004b12d619b4158dbf1b9934b5b5b30b66a6b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4560c87-9430-40c5-86cd-a700a14158a5\index-dir\the-real-index~RFe57c66d.TMP

MD5 799f3e131cea7723a2414331848959df
SHA1 dd5af58c114edb8c5e780339a939f212192b9cc4
SHA256 985d504d5974abb8f4b5944659a243dd9f856ba19069ac816100cdb4575bbc95
SHA512 7a24adbbdb7f6ba2fd63630e288ab25e2af25c4c3070cfc7e02eba922ab38cd7a06198122af426de71a08d82ea08cba35e2fe96eb60ac91b9367957fbf5dc00e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d3789ef8ce9cb3a4ec397a966dc97e3b
SHA1 678e1edb802536cf42e523234ffd960e47d846fd
SHA256 64cbc3a457f4a441ac85726a4680c1af3d62136cafdde0ec1ba35cd48e7f1901
SHA512 a4fa2b63c788b0fa4d8c85ec93eb6aae7fe2c9b1d11f2fd0c95b326edb5660c23870e7ff7c88759cfefc22760583e9378e99d181ceb2b4e0465df8f7bdbffe96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c6209aba-65a0-4a0a-adc6-daea36fcdea4\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a094ee90722bed7bdfd1b72d9ec87374
SHA1 b56a435b7ab966b8122d2decb3b38035a313ba06
SHA256 cdf3575ecc9fc22d5615756dcd1cf348fab477242d1aa1fad11ff443016aa965
SHA512 3bccf17b10301d6604f154ca6b739ba6b8e07eafa66bc3973aa37fcd008c8497e010fee18f3d8f340fc2f8dfbb6948e134c72a14e40ddabea8f3bd7195607bb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6615c765969c42d18ec4343701f7cb24
SHA1 6f351f8f04cfa407184cc0ab038ec950187729e0
SHA256 bbd567a6c9eb3e77975104e86c47a36ba60475096cb49dc38d3b2893756badb6
SHA512 7804582c3b2df44a1c71d84526f668c7992cb252bf6edaa482af4b5a41f15e7436e5b2c21b34d0ea27181ae74c9324f4fece9462f1779caf3b003516f7cfee47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 b81ace3b4244eb24aa6f719dcb7fba9f
SHA1 32d47f92d659ca2d8cb6676f1e49e8eb60ce5607
SHA256 d0b39a681e75b724c42d10cc205349f04adc2dbea71c41e2825bb7cbf62ca539
SHA512 f5f997d82c37195e7f5256133f8d00b3532cb91b7be850d702ba2f40f76a7b7e36671b73ab1ed9fc0f5fe97055a15008ffbbc61c34ebb0d84f0e44e632b0f366

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 57c541221efeb823a27c684f30a80469
SHA1 e957951d9c55c4d94f40f6bd9cd392b4f8c11688
SHA256 eb469eb2741dcddefd9bf7e33fa3027a4d1a25f8ecbc267eee7f40667f526ce0
SHA512 e4fb117cb65026cbd7a5567d018f3dedaca06dc47321b2d91ce7359fc0e0e9704de9b59a4a2caac491ff1680ed88fe4431960af5b01c0f395fbb1900101ccc5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 644f2b0ee81b56ac7303031ab3ca10e4
SHA1 7ca67423f0ded5ff534f0a0d42df416b44d36805
SHA256 dda33f363084c0f939d6daf5e648ede370fe5be24bd408a6ea0e6bfa1042e6cc
SHA512 461b910c1c3d43d5e62ca18d8a2ec7c9a3db196d649c08ca56d92a8a5e39a991fa5dc53ee20572ecb93b3315b0ba2e2a0ba9f5644c61b2d2c81ef74c05abc39d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 610293cf4ea82a578cd1887889626ad0
SHA1 8f505a4584e51bac66f9b6a623a1675e5cc10cd9
SHA256 66753c185ee3c839fa84adad3e2809f4419fa87be1a4910d05997ff33a783324
SHA512 80103e0a65015af0f79c7c37f63fa9ad7bd0290cb7d1f2324ce17811b3a125af27f02958fa4d55590f4f8d29e444245066127dcdf201c9f522e00b79f82e2e33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 1b41de287931f25dcfdb32b449b62dce
SHA1 e457bbc7784ceacbb11cfa3ff65571de5c0ff227
SHA256 c1fe59b2b1995ef9709e1dcc147a96774f04c95374ca1c4df0c41e1cfbaeb8e0
SHA512 4d1de63bd0e1d61375a72252f41be91a61d766b3b204a0e72bf6530195a3f26d89c8aecd75e175281287b3b3b56a71f964ced207a0037641ba8c893d2ef75c78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 9d01eb0a17ab073b23578fa43d8cb8ff
SHA1 9494cff21da72d4c633827d4316b5b3295e837f0
SHA256 c262b68986387896023519db8825e3ed1e080d5307b72474bac05ec98185c530
SHA512 6c78a5cc939506d590dd63dd2a630e92ce68de84e4055e093bbd3a2f233243da12e315f5ca2d221948e39d5fbc951b1e958da851d31b41b9a86d29a133e3b3b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 109c8f2c7a05a1d86969b76c397bc1d8
SHA1 e8f71a1be5f2c645ef541fa1e65127825042e37b
SHA256 152511643ed90451edce12a5a9a945212ee066efd945f2ba6f9f9b231dd38b24
SHA512 e80c38e50e85485d6682063214a3d30aeb88dabb9ca07dd2c5663e71f68023fe32f0c5144d1b58591c3bddc8e879fb23d24785578d1aeaf2f1110f227985ff08

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a600847888f02c09ed5922e01a17f836
SHA1 4ad8962fad140dacedadb94f7235249a89536b19
SHA256 4bae0b35f1d344510e27a726bc265223d5c2a0b7345f67d29871640465ee207a
SHA512 b3a73653c0a26efffddb5a775f8eed77c6305df07d944f3e33b563f8984c41417a26ea0f0126d6b46c3eb8b3df66369bb39055d886899f7ea84c928ebb54b62f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5804dd.TMP

MD5 8d2ff02f272e90675fc0907cadadab7e
SHA1 6b1ca8e2470c1f6f5acf87777fc03153899fbaf0
SHA256 d5207f936ee30b3eaa5dc5db95bd7c07284fd1204a67f8de07b5068b38bcba38
SHA512 9bb2e3cc2cc888b83caca3c2d9952bae02b5d1d8f7b9cde5d3ccf1fc27c652489ac55dcffb222b0ca02cc3c2baf12e12f0e0bbfe72eaae3c75cb20dd1e376944

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 522d3ec59e19d8bf205783d85684960e
SHA1 d61c28fb275f3b8ea86872dde325f9d85e435ddb
SHA256 5b905ac8e414e55ac0c748cd58b0cba5e92b01988fe12d819e587fe572de1dfa
SHA512 90ac364f0997f50ccb8cb7278329f252e17836b444cf5db44bc14c07ffdb6fc76a6a1d9a61025549563f11764dacdc48cd1c608a4bcbc2d3c76c8dc484e5f4cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe581911.TMP

MD5 fb90253f2bc368771dff24d9e143782a
SHA1 505f200a6cd64d9fc55d1d05bd27b2c3983d6d10
SHA256 445dd632fce720503bb3eea25d402d02ddd5fe4e8ea2388354074e21c6321256
SHA512 ca16bf6d142506f9ca1166f8bafb9f50b1488d87742d9c0df07d6011859e05e7d39dc55cb1cde97694e0da8fed4792a2daa47be4e3bb37447505242b8311a0eb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fec623c3e9d209e8dfe2ff52c5e8d6ea
SHA1 f50dfec1017209b6a34e7efea5dc20ad31d76bba
SHA256 47bedd9336f934c6104df3461561d1551e1b89be8fdbd5a768906f432da4cca1
SHA512 29a81a448d08bcc7ae92fa7f93bec66d34453eb99c2961a15c5db86d379ebbbbe5eff37c90e7efab2ba817dfdd86468b8d7445798ccb3a8ac50903dcd8088973

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ce59e98b-4b9e-411d-aee4-79af60aab633\index-dir\the-real-index~RFe5820c2.TMP

MD5 4c0f51a4fb5c8be81a11ae4580395016
SHA1 0b8064da04cb87962bede37f6c3deeaa03f83248
SHA256 989c2c6b292c6878147ae160a1dc5fd306dd1bcb582e19299b3ef5f0bc821735
SHA512 5c9bb15258c5d7ef9a811806a3b72e570aac83ccb2d1233ce2625e706d832b04537337f1c741ea54015bf0576c3b1b887da01db951f1c3af15437cae4207c1a0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ce59e98b-4b9e-411d-aee4-79af60aab633\index-dir\the-real-index

MD5 1001f35225bffbc479ff5dcc4958edca
SHA1 c4d20e444916e38bd86122bbadee64bf63da3e9e
SHA256 b573eaff1bba3abbdc32f8a748d0ff983c469aeef4223f5ebc81cc212d83dd4c
SHA512 794f6929fb05a1821f730a2fffd1a17c21a75de75b298a27dd9e358a77856823803781a493f014c81f505763a22a143dbfa686fb276f10df1f3b30799cde754b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7f8ffb9b55d06a839cc856664306abbb
SHA1 88650dbddc6cde90f2f0f9b1b5fea5d4fa923028
SHA256 2399ffad41fded348d9d4539bad78264413b8c25b9ae27f1fb5935c0fbd2f458
SHA512 afb1039535f8dbaed07a24d1d3bd08f5687e7a750bdf6cd5c768d9a123c5783463e143c3aecc6a9f65d76284d3f4993408325069ce672d785c2de0c3b7487e31

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 aa81539beb159679c3f270626684144d
SHA1 dafe6e545c2573e3ead3f6a90277de79ecd983bf
SHA256 916730312ec253815db3771470674164507ce2b3900456ba13865fc52b255125
SHA512 2706e9c431bb2209fdd8db79aee9eb112fd218c748ef11481e20bac3ae6bf471a4d125bd1a3178ccaa38f9e86f3493e2de7c627814042fda409e64701449cb4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fbb61eb38a2f75501fde7a4d8db0b61f
SHA1 6eced4a587d6d1d67836906790b445520eddbe19
SHA256 fa9dda6b4099cd606f7e6a28489eeb96e30566cf37db9ea700fd957463b3dd68
SHA512 dce65ca73930349fe06089eddac74b0b451279cbfb1d2212daae462df209855b895eefcadfaf2d728f149ef0265fa54b388c73482a78693eaddb476916713cd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 d135c6833e95bea967be35a97ba08c53
SHA1 1e0cfc0897a4a81cee66573c978f976edfa62f4e
SHA256 503ee91ffe5ccf03095587f1e46855752f5308e450aab6b8a3961f337e0fa923
SHA512 1716908c50405b64989e000016286d7ce64f2cf521df82a4ba9b338e41f0401710c5bdbc69686a98082cd291c01893f8f560b3f18e17fc996ddd6d50e74a86e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a4560c87-9430-40c5-86cd-a700a14158a5\index-dir\the-real-index

MD5 898f2d612fb343ee077f2437c21c583d
SHA1 d79169cba1bc4f8244aeeda1338ceb84ada6be76
SHA256 d3d18b3dfd39c0a95e25695a0f2a644e7accbdec5e0eea39fab2463c874d4704
SHA512 bc73c051629f29a9f8fc0e6f594103583d3f5022a06b8f53cb873c9ca423b45bc7980d91f04f143313cae2698e2f78d445ad6af8b3da184667396093f5b855af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2cf5ece66a9cacbabc9be0da1c35d6b9
SHA1 1d00a00b4628a05fa3b163f1b135624d81c5ae46
SHA256 f0e3eecfaaba407e115a6fcd35aef7914236bee1af6e00669c67e4ff6a356a19
SHA512 dbc0c05a0294452072b35b5b94dd35debfa20e7319f3ea03e96ffa0c804b100bc5065b54f60af7fc82b23f50f6dcec9b1bcaaddd6d7c4d10d0b3d769046148a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ff6db92dc6235d38bd58083d1b88dbec
SHA1 8078a0ac7939ebdb9ae3294a3c33435c2510a8ed
SHA256 e0ead73d485af07d45658afc1a02dcbb9a108fbfd18b8a59375c36f5e103a91f
SHA512 e6a2b0cb92027b4ab6fbaa7687872200ef56edddab0c9f109c4266576088d1e9b7d28496e137f274087a224b2a829e6ad717751f812d0ff2b81ec9159702c16d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 09b910f8f586f100959fadd9d584ab10
SHA1 dbce9ff54ef0e40ad900b5843c7e4d7f25ec0791
SHA256 db96bdaf44e8499d863bf8a42b06c378addb9a56f7dda2b9b8bdc9749e6eb56b
SHA512 1ab2f7470d30644eae8012034e983dd2f3592bd24c40caa9a09677c9ddd80695a35eb26dcf3d15246bd9ff3de935b6176f91319346fc636adf4408bb6b3c921a

C:\Users\Admin\Downloads\Unconfirmed 747242.crdownload

MD5 0d4976522407f50c76aa2c7ac748f48d
SHA1 019b5f475c2fae6ecd4b2130dad973622c048a21
SHA256 6cc00ebdf812aba5656a41235d3b7098d92434ee7468880ff5c919683f451cd8
SHA512 0833000caeb54ee39912c4ed44b49167fefe7af80dcd21a76a176c299af99f1082336d37ba184ef01c1893f7922b09650c91137c2b985733f3d602adfcff8745

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2b91d0b2bd7467312e230dbd62d7fc72
SHA1 a69a11e2b5a6f2ac72b9ab421e5d10826931a733
SHA256 3f36d668d51108a8983be264d073360d6921dc40b51a74bb1b68dacd4ceedfe0
SHA512 a76b7e5d79509806901fd868f779f42aafdde22d8d7a0f99b0a31cb310efce03f03b8a39f5c6a7a80439fa2429a95f3c63b3227458548fc5b20425c8e362ed46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ab8404cf44af9bd7df837e0fd0bc3ead
SHA1 d52351aa11796b2591bbbc55335f20bb89d6970e
SHA256 0cb1f5aeda89692d9b969d9fc968f331eb3eee22a57a7a61e454ad12fc9613c9
SHA512 db041dfa5269a2e15da6fea10c86ed6f2459332a0c3ab0cbb2cbd3ddac6f98afcc866362a1d9c0d1865a00b658717c114715ddc6cc8dbaf05ae46b7fa953a963

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5b51c57c1ce5f7b0739726c67a46735e
SHA1 4432057624aceb8271e64f017a912065bb3399d2
SHA256 2a3a9f637741f00390132c0d9913e760633b9e084dc1bdf87b6b23f772d17840
SHA512 7a61f0603debf6be97b2c63b9774cb09824e71ecfef6b56d58ec5ec3df3966b3d5d2274dd20207d1d77a79ebffa1b209f54236fc075d7d5fab00462f46bae285

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6c9e6954-86af-47fd-be3e-7dc3ef4baf4f.tmp

MD5 0bbe90e6b9ad9df82fbd318b40cfe5b3
SHA1 ddd93daa9b1f9ede24bad9d5cb4ed57991248962
SHA256 7890b0871dbc59dfcb7aadf68bcfdf3fc12aa4a2a459b62ce0665ddc451fe9cb
SHA512 c3d9c5568d3ce46dc2bd4ab88835571e0ac95296fb21ecc401b5450379429ee2d7722228eaecab2868adff97f83086b8fa929c13c378da2d2ea674426b4b634c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2578814edf03bdb108924e065fb22bef
SHA1 dd97f98ac2d5d9105a0de01b12c94ccf2c0ee916
SHA256 d9148bd5920686334c1add2ab71f1005e2231fde3dda177923444e4debede2f7
SHA512 2bea5d86790e40c05e3fcdb98dc5aade099989289f717afc75f5ee7a6495c5aee42e25a503ffb470bd0fbfdb5ff0e11e6625281a1ec85dc308c6c75d47c9f89c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 8c398190b602c7e08c4095be49d9d4b4
SHA1 a30146159afba975cb84c3a74c81a3d52c35270e
SHA256 ce71a1bb36469dce4e98277cb358d888eca41e09e707a43419ab6e5ed55ab992
SHA512 ac8b5c0b883115647166f605f22f5b3f5e4282a12316d531bbc6ab1daa0413d2cce77a03316d3bafa1d3eb4ce499c3188bd67a0c275212ffb4fcc43a1ea4062c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 439f3d71d3ab4087e3b170ba10101eeb
SHA1 63edfa9687ed9b02cf7ddac4e2d0fcfcb7f114f7
SHA256 96e73bef4026733d81ef71a6fd8f31b503882c3e291d95fd43b366791140663e
SHA512 fa0f6fbd73331063e3cb0c449a9f3aa1eddaeeb9fcf012a98d9dcc68d202de62ba865b7068e9ab53cf7748e810d89f67d80d6e8448ddaf048ca307e077d0173a