Analysis Overview
Threat Level: Likely benign
The file https://crom.cl/ginery/index.html?utm_source=faceook&utm_medium=all+ways&utm_campaign=nah+we+wdey&utm_term=7iol986o&utm_content=87h88k8&cmc_adid=ms_%7BAdId%7D_%7BCampaignId%7D was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Detected phishing page
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-07 14:59
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-07 14:59
Reported
2024-08-07 15:00
Platform
win10v2004-20240802-en
Max time kernel
72s
Max time network
75s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Detected phishing page
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://crom.cl/ginery/index.html?utm_source=faceook&utm_medium=all+ways&utm_campaign=nah+we+wdey&utm_term=7iol986o&utm_content=87h88k8&cmc_adid=ms_%7BAdId%7D_%7BCampaignId%7D
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8841246f8,0x7ff884124708,0x7ff884124718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2008 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2936 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,8506476693087492231,3105452544299675662,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2760 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | crom.cl | udp |
| CL | 138.117.148.157:443 | crom.cl | tcp |
| CL | 138.117.148.157:443 | crom.cl | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.148.117.138.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| CL | 138.117.148.157:443 | crom.cl | tcp |
| US | 8.8.8.8:53 | hcaptcha.com | udp |
| US | 104.19.230.21:443 | hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 104.19.230.21:443 | api.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | f252224b.c6f9967d7898240d8ae29e1e.workers.dev | udp |
| US | 172.67.129.162:443 | f252224b.c6f9967d7898240d8ae29e1e.workers.dev | tcp |
| US | 172.67.129.162:443 | f252224b.c6f9967d7898240d8ae29e1e.workers.dev | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 2.18.190.81:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.129.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hfstzynlve.info | udp |
| US | 92.118.112.217:443 | hfstzynlve.info | tcp |
| US | 8.8.8.8:53 | r10.i.lencr.org | udp |
| US | 8.8.8.8:53 | 217.112.118.92.in-addr.arpa | udp |
| NL | 95.101.74.26:80 | r10.i.lencr.org | tcp |
| US | 8.8.8.8:53 | hfstbgwvlve.info | udp |
| US | 92.118.112.217:443 | hfstbgwvlve.info | tcp |
| US | 92.118.112.217:443 | hfstbgwvlve.info | tcp |
| US | 8.8.8.8:53 | r11.i.lencr.org | udp |
| NL | 95.101.74.26:80 | r11.i.lencr.org | tcp |
| US | 8.8.8.8:53 | 26.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 92.118.112.217:443 | hfstbgwvlve.info | tcp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| GB | 2.18.190.132:443 | identity.nel.measure.office.net | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 13.107.253.64:443 | acctcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | 132.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| FR | 40.79.141.153:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 153.141.79.40.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2783c40400a8912a79cfd383da731086 |
| SHA1 | 001a131fe399c30973089e18358818090ca81789 |
| SHA256 | 331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5 |
| SHA512 | b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ff63763eedb406987ced076e36ec9acf |
| SHA1 | 16365aa97cd1a115412f8ae436d5d4e9be5f7b5d |
| SHA256 | 8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c |
| SHA512 | ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f |
\??\pipe\LOCAL\crashpad_3452_PZZFLFKSEBGLUNQA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4e553febbe25221c0d8ce5126ce2da5 |
| SHA1 | 2996449aca46a1516f500746c0a0779e494a3efa |
| SHA256 | 087bfe3af68a6d99d518b13086786ef2e8220f17478b7f6e0e7442a31add994e |
| SHA512 | 4f024c10786609cc5892b617fb774012cbaaab92d20486a40cd16e61fcf72901bd312006904b4f3a103956b2c9c156802e88bb465edc9c7cfd643593652ed873 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 69b7e6ae1c0cf84c6ec918808da2fe81 |
| SHA1 | 71447e30c85cbb7fda4df4f7050c5093bc349340 |
| SHA256 | 762fb81595919bfa6418af790055818257510371695b034728166f150e535989 |
| SHA512 | bbd914c97330aa7175236583f153bdb9bdc668382e6770449a8274ec9403822ea8bf068a0fe68ada4a77ccc70a9e8790f388c6770ec0182ea3354541d8271ed0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 86b27074e70f7a7629afda3bf29c4275 |
| SHA1 | ff7a32722caf5dd27720d8e6d6db3c3b0e664f24 |
| SHA256 | 15cde9c430550dcc6fc70e93bb10a543a045e862dd7b609a46723192158d4899 |
| SHA512 | 0bf9273b3d707784bfff95ae5bb32ce9c9936f8900ca8c435243d4dc5978531bda68a5c373dac312f155b35eb3aa68ad1b9f5664b3fa3a92e8e003bc83a5489c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4a4231a3491f2249ae760ee8a3ed8b77 |
| SHA1 | d2351591b36aedce42d9ad145b3662f849031433 |
| SHA256 | 70e5f412bfce64345b75d01f2905d28a40b1226dd6fc6cff25e3d002a2dd8c0b |
| SHA512 | bdbe4b2c1893eae7d8b39a3d31560f5177e5be0d27158f2bad8918177113cbc62ae6b1750268fdeb598e1e72566863bb109ea5a4e74ecbc14d43cab3b47936ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5837c4.TMP
| MD5 | d6938858e4665cd5bd26e386d5018849 |
| SHA1 | f8328c492d1c459f4e6b387be96b36a42d7a68a8 |
| SHA256 | 52f3a9c260dcc888df13d4c159869c9f51da688c4d4a2d554054753f51a718e2 |
| SHA512 | 9fd52d4dfb19686105a99dd3a1bf2411cb46b788368c69ba18e2eae31d555a8f68783fb8115dc0037975ffb2345927fa2b8057570bdf77a627d4c7abcb28cd66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 741f710e17a8fed1c14082688a9dbe9e |
| SHA1 | c6e76635c547eab26be43f9aeab078587f7dd6d7 |
| SHA256 | bc2393c51dca58f282a3703c38c7cb6b04e34f94311aa641a5da4e44a64144be |
| SHA512 | 73f92920c4b83b6eba5743fd8a154e214c3eed978345639b5728d080b0e277b8cbcf1831bc368d20904ed9331deb4234eacb92a3d90ed627dd5b5b21c73ecddc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0e8a6ba508d1e22f861fd28dd8e38197 |
| SHA1 | e4962470e8ff7231046f5662fc23bfd0654f6e1c |
| SHA256 | 3587c4ab63c9dc551ad63b9fc7321fefeba2a29e48ec8dd550dfd65c9d36a74c |
| SHA512 | bffb69ba164e97ec5a0cf9cfa0b905ffd0b57845ae56c771e27cf4095828d6d91547758a70b69ece5ddcaca841549a592bc6546596d237dfaeb829c3aabf2a3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2cfd44ab82f652758c7987ddb93ace2d |
| SHA1 | dd9b9d21d636b1879e7c88062128883389c9fe6f |
| SHA256 | 5ee2bbf6d53d2754e2a3dffcbd069e35e2d4e627e681110d9bf142000114db96 |
| SHA512 | c6af7e434cbf3ffae28450b82cf768c6c7b2c14092cdb72a0ec2eaac56da158b02bb44c52381249449cb38eb3f25b14a6cb1d64d6e3ad0e29a77f3d47d2e2c03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43cdb72017bcd64dec75e20ec84de2d1 |
| SHA1 | 2ff929489d5b8f887c31e17b9550199d1d196b32 |
| SHA256 | 8028a40eb8cade4b5123aede9ccbc302f281737805b47c5337fdf1a90f55e0e4 |
| SHA512 | 83fc290d971a095d587900dd5778a74da94b7887a8343bd83774a01f97d5c3379c13c5f8e466d1e711b3712dabd7f33026946786101876f1d76d49010ed7f4d6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0d7fad4abad05ad04c2facc4509ff74c |
| SHA1 | c0611c2de4962ce91c72055edeb64881039b6683 |
| SHA256 | 48b1ae793482597d5ece286d1f4c37034fbb4ef0622db6e2b357e639cd17d8c4 |
| SHA512 | 999087705295088a1546ed3db00af25802d5e1eeea8a2bb1491edb030cc6e7d235b6743eee4c7118c5a2683089645ae676391cdd55abb9864543b889c1df3fbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3b0654d0577e7ccd359fe4f978e74e9f |
| SHA1 | 0f3aeba433c3d72e744f1c184bd31588f8ea93c0 |
| SHA256 | 5bae6a5f187d4588988e7b12e65da90c66669e6bf702b17661c3103205441904 |
| SHA512 | 37e90bd4f64693f532f4aa05916abfff41d3c4e7128ce2054e70ac3351f08c76802d57bf5d60f52d3dcf0902e50cd52f343388635c1369bffe5df31f483d7890 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad27e1342ee75b37284bda402f9eb431 |
| SHA1 | e359ce7b8e834490c8cb02f1007bb8b79c71aa29 |
| SHA256 | b4686220a9343a25abd58d25e47c2458f70b2efa3ba5b530af58070adfbe8550 |
| SHA512 | e22d6ec7d7110c1462e820d8eb86e331b0cb9ba4999a88d2f228836fd17f7317ff429f59be2930f193360a62ace57d0f0dad4c6afa6808701a0647dd6a265941 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f2a0388e1417d1deb18631cf046333f9 |
| SHA1 | a0281a55e76e312696690e679554a8c370689d69 |
| SHA256 | 9e6d5c0b693b0982752cb74bfb4ee66a1e68cdf954775b236278744c4b4d3eed |
| SHA512 | 80cd2b106925511fe7c569eb6ca0799489d906660e3882dbef878d49ad83e5ad338e3dc8253b0cc56c82faf82cd4b7b1e67fe7fb73118de2c23266afb2fdbeb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f3d64ecdb225ac1717fe408ac98062e6 |
| SHA1 | e252b2559e8214ee2b68555460d4b96839f2af7e |
| SHA256 | cfe2457ac2042e37c9b811e31281d712c27476b440d7505689ef31702cdb2209 |
| SHA512 | a5940a0aabbbe783f7a20bd83be8e90eb4effaf405fab04a8a1861afc94837c440cbb11fb26ffe57ea8b72cd47cc39b6deda7784d62babfd3c3ad5415752c440 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c917569b08d8fa61bd0166aed9b1e0f7 |
| SHA1 | b7235ec3aa0b99e28cda48b8534fbd77248a0364 |
| SHA256 | 9647f6aa296c48fb3a65911f05ed9c6e0dc3ee097345659c5ae6d25def4a5c36 |
| SHA512 | 54fa058c145615712e4e5b6a28d0dd21ffd3b10e59b0cecd36e37e6e83c9845642f26e88d236a48ffa139e54dde3c3faf07be63ae2137eead4d71ea5b48b408c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 183212ca1eeafa657d5f5b2757c4b417 |
| SHA1 | d99ac269f5b081d5a407869b8b4508f4e0973593 |
| SHA256 | ec827cc48677a4eb3ae4e1f0fa46692eec160907d7c235d0d10882fc2f6c9d13 |
| SHA512 | fb9038c27c47f89bee95f706657817bca3a68d3349c62e12548a5e965ad2f19a32deb09b10ee9b7e1d0e019a990d6ef15b53ae06b7d57be16bfd29a39fc04ffa |