Analysis Overview
Threat Level: Likely malicious
The file http://mendeley.com was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
NTFS ADS
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-07 15:10
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-07 15:10
Reported
2024-08-07 15:13
Platform
win10v2004-20240802-en
Max time kernel
146s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 5878.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://mendeley.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdfa9946f8,0x7ffdfa994708,0x7ffdfa994718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2352 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5512 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2240,11021909685513997207,10129226947413011100,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2100 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | mendeley.com | udp |
| GB | 18.245.218.86:80 | mendeley.com | tcp |
| GB | 18.245.218.86:80 | mendeley.com | tcp |
| US | 8.8.8.8:53 | www.mendeley.com | udp |
| US | 162.159.133.86:443 | www.mendeley.com | tcp |
| US | 8.8.8.8:53 | static.mendeley.com | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 162.159.133.86:443 | static.mendeley.com | tcp |
| US | 162.159.133.86:443 | static.mendeley.com | tcp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| GB | 2.21.41.16:443 | assets.adobedtm.com | tcp |
| US | 162.159.133.86:443 | static.mendeley.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.218.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.41.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.29.127:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 104.18.29.127:443 | privacyportal.onetrust.com | tcp |
| IE | 52.210.47.85:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | smetrics.elsevier.com | udp |
| IE | 66.235.152.225:443 | smetrics.elsevier.com | tcp |
| US | 8.8.8.8:53 | elsevier.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| IE | 54.217.13.79:443 | elsevier.demdex.net | tcp |
| IE | 52.48.198.240:443 | cm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 85.47.210.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.13.217.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.198.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | elsevierlimited.tt.omtrdc.net | udp |
| US | 8.8.8.8:53 | cdn.pendo.io | udp |
| US | 34.36.213.229:443 | cdn.pendo.io | tcp |
| IE | 66.235.152.156:443 | elsevierlimited.tt.omtrdc.net | tcp |
| US | 8.8.8.8:53 | 229.213.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | appsource.microsoft.com | udp |
| US | 13.107.253.64:443 | appsource.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 23.43.32.148:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.32.43.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | logs.appsource.microsoft.com | udp |
| GB | 23.43.32.148:443 | www.microsoft.com | tcp |
| US | 13.107.253.64:443 | logs.appsource.microsoft.com | tcp |
| US | 13.107.253.64:443 | logs.appsource.microsoft.com | tcp |
| US | 13.107.253.64:443 | logs.appsource.microsoft.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | main.prod.marketplacereviews.azure.com | udp |
| US | 13.107.246.64:443 | main.prod.marketplacereviews.azure.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 216.106.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 13.107.253.64:443 | logs.appsource.microsoft.com | tcp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.34.43.23.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 13.107.246.64:443 | aadcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | 85.177.190.20.in-addr.arpa | udp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| US | 8.8.8.8:53 | eu-mobile.events.data.microsoft.com | udp |
| IE | 20.50.73.13:443 | eu-mobile.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 13.73.50.20.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | signup.microsoft.com | udp |
| US | 13.107.246.64:443 | signup.microsoft.com | tcp |
| US | 13.107.246.64:443 | signup.microsoft.com | tcp |
| US | 8.8.8.8:53 | cdn.signup.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 13.107.253.64:443 | js.monitor.azure.com | tcp |
| US | 13.107.246.64:443 | cdn.signup.microsoft.com | tcp |
| US | 13.107.246.64:443 | cdn.signup.microsoft.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 52.168.117.170:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
| US | 52.168.117.170:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | consentreceiverfd-prod.azurefd.net | udp |
| US | 13.107.253.64:443 | consentreceiverfd-prod.azurefd.net | tcp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | appsource.microsoft.com | udp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 2.17.106.216:443 | res.cdn.office.net | tcp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | elsevierlimited.tt.omtrdc.net | udp |
| IE | 66.235.152.225:443 | elsevierlimited.tt.omtrdc.net | tcp |
| IE | 66.235.152.225:443 | elsevierlimited.tt.omtrdc.net | tcp |
| US | 8.8.8.8:53 | data.mendeley.com | udp |
| US | 8.8.8.8:53 | static.data.mendeley.com | udp |
| US | 8.8.8.8:53 | cdn.pendo.io | udp |
| US | 34.36.213.229:443 | cdn.pendo.io | udp |
| US | 8.8.8.8:53 | js-agent.newrelic.com | udp |
| US | 162.247.243.39:443 | js-agent.newrelic.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | bam.nr-data.net | udp |
| US | 162.247.243.29:443 | bam.nr-data.net | tcp |
| IE | 63.34.38.168:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | elsevier.demdex.net | udp |
| IE | 46.137.55.157:443 | elsevier.demdex.net | tcp |
| US | 8.8.8.8:53 | 39.243.247.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.38.34.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.55.137.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.247.162.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e765f3d75e6b0e4a7119c8b14d47d8da |
| SHA1 | cc9f7c7826c2e1a129e7d98884926076c3714fc0 |
| SHA256 | 986443556d3878258b710d9d9efbf4f25f0d764c3f83dc54217f2b12a6eccd89 |
| SHA512 | a1872a849f27da78ebe9adb9beb260cb49ed5f4ca2d403f23379112bdfcd2482446a6708188100496e45db1517cdb43aba8bb93a75e605713c3f97cd716b1079 |
\??\pipe\LOCAL\crashpad_684_HUWFDFDCEZXPVFRW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53bc70ecb115bdbabe67620c416fe9b3 |
| SHA1 | af66ec51a13a59639eaf54d62ff3b4f092bb2fc1 |
| SHA256 | b36cad5c1f7bc7d07c7eaa2f3cad2959ddb5447d4d3adcb46eb6a99808e22771 |
| SHA512 | cad44933b94e17908c0eb8ac5feeb53d03a7720d97e7ccc8724a1ed3021a5bece09e1f9f3cec56ce0739176ebbbeb20729e650f8bca04e5060c986b75d8e4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | db9ec33cd06481a63797cbe0563137cb |
| SHA1 | 311ba752da13f6c29606256cd78f6b0915841582 |
| SHA256 | 26983795d7680ddbd549f00207c5cf863036a2e785bcecbfa72765fd2d1a3606 |
| SHA512 | 0038d667ee350fd06961b129e521ae79737cbeae8fd5d887f5517acd53f21b2260bb4545addf6c70e88953ca852c6f4e163f4d18caa0f35998a55e3652f821dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 30a6cd5dbac929181d49697bfe16d891 |
| SHA1 | f0861a268aee05219131790ba97cc7dae6d60533 |
| SHA256 | 6ef1f2f83b7a8143c6178d736a521843106ecd1fdb8b1f1ccf5570dfbed382be |
| SHA512 | 08bda85edd072cd930c147bb4d9994415ad2a265e99f7aa8f8221f37572c6064a1541aead87917c136431058bf6537fd2ef52c7d5706c6c41c9a535f1acb439e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a20ef0c291093918b91b281b4c5312a0 |
| SHA1 | cff23de44c0acdc138f549d4ddd300b83a4d8ed6 |
| SHA256 | d7ec6e8646912893eacea9db539db8e4994015f8ed886ef97afde351e1de8aaa |
| SHA512 | 0e8021dc255fc72bca3b9ad3500723b6c089525d52ad82773b9b191aeb5ac392cb319286b6a95237ade96463789637eb11ae38d94d92e579f8794de9575c4471 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7b6fa2b7776bccab6e117a4fe01c99d1 |
| SHA1 | 1d4face92809fb501a3a1f5898b1fe9d6e9a4957 |
| SHA256 | 4acb527176d99f5b8b7b76e08e9e93b0da293e6eff5ed027e060db34ebc1ac69 |
| SHA512 | 8f6f6442d9611f82283e0510fdf32df1106a849fa521961a20380468c99f32b87950503405162d8f41098322719315d37e9eb51eefa5283d7cbbb93c4674421b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ccd5.TMP
| MD5 | 73074dcc6f423e45501d490b8b3361d9 |
| SHA1 | aa86e6f1ac26dc85574dc14fd2a6560d08d2598d |
| SHA256 | 52a524af695ed8abf3ccc0d341605386fb866c7ceaafda0321620efec95b0455 |
| SHA512 | fe121aa673cbece2760f5888101d896eab3b54d6702a1a6ac7c40029763037d61f515727967edc2021f2316d4f705612a89e139d59bcbddc39503445b49998df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 514349812cb18ad6f32e5f4c230b6999 |
| SHA1 | 9ca007cb6178970d093131335d38f30051040bdd |
| SHA256 | 72d85f715dc1cfc7ad1c4763136a2a5ed23b9ab3a148586ecfca5bb8b8c9f302 |
| SHA512 | 82a19c5b72ada8e2d941286a4d3a17b38b2565511eb3e970930ab1f2f1f099d507c1a075ebc96a78fb410800681b9056093851b38bc50189e9c9b117098020ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f4a9f15f9510522cf7ad9a79c276a8b |
| SHA1 | cad2fd2fd9e4bace35fc6967129a0e44fc5eb7bf |
| SHA256 | db0be8ea9992b15c23665078b6199dcfa3dd1d65ae69b3d3389849b18b443d10 |
| SHA512 | f208bdfa09e6ae3ceb6e3e96c7ca995316e663414153f7633036b5d72a55e0e97597b419b4fa4bde96e738e0f65080434ace85841c8d1b8a6852b404f802f816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 5f05f1fd6c4c67e5092790a69194467d |
| SHA1 | ec6c8862d778b80ff4d22f95af599cb27c586ce6 |
| SHA256 | cc11ceb70864a58a931c7ff1c6c85d4d5cb9e9c457c1157c5cbba23f9b4c79d2 |
| SHA512 | df2781c264c147c734170b5f06f1b4dd07a4528375a66ba8b9216eb453524d35149883f3826c9e0845f5cf0913b9e8c437b0165495bd66143488b81747be12fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 7a68c1b2c72f67b2c7ceb40f268e8aee |
| SHA1 | d89704e00594ccdf7caa417576115c72aef6e2ea |
| SHA256 | dd394e326704de8c03664d42ac93c0f4ca0e5407c5c1e6f02934e4e167abeb86 |
| SHA512 | 9c3bae872d85659097ec27beb7a0e4c935936e613b1f07487a1b2f408ec92a949d4cd3b6a0a695f446c9554e6b9a0a8aa5eb3d5f27fbc93a7298c99f0936b173 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | e73def5ad2d1382d9304b84abf38d889 |
| SHA1 | 6cf59c178e1d221d7c6975125246c54f81db56b5 |
| SHA256 | 23be2f56c7062fb4401963625d7320c5aaa9fd9592d4fe978a944b2fd8d9f7f0 |
| SHA512 | 33890bc402be9bb864eed82f556aca1b742673105ef5af1e6d7e8d384222785ba8ff55f9b0cef40240b089fc227f4b22150be69e417f82b7a12aec014803037d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9220f4cf7ce916ffd3d82c6bb3425e22 |
| SHA1 | 626a16f10f510c44d684b3cdb52fd9d56bda920f |
| SHA256 | 6a20debc31362d5ffb1ec8f4a55a8ad6ee22b815bec6ff3c1724004b4405885f |
| SHA512 | cdeb645f3b0cf4376343fee12ee173001670a09ba02541c359e9e44c0a1bc3c7442114ab33b20e1fcb3ee5c5e2107f26d3cd979133413c2c376a7831bb081507 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ad3f1f90cb5e88ab3de8e1cff3dbc794 |
| SHA1 | e1f34db54effdefe369d55f69c66eee75feca756 |
| SHA256 | e239f7d96b99ee448e1a5b74a7e0ac6a60b00e3fe93c69d9631bc06ca68fe89e |
| SHA512 | 1299314c4db5b34f14a6ae25c1cd6d37198fce4f9ba2f36df88882cde0497ef1d6089a93f80156fb669e9ec5cd781ab31c4bb4291ce05ca37c7e215311190df9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0f8d49d2fabf47b2ebabaa90061fa678 |
| SHA1 | 0e595016045c1c095116ed7f2a751a63b2aa6b59 |
| SHA256 | 15748a34e8ce7b44f2bd2c17d8345b3655393d0f0d6a724f387df71cc8c3d09f |
| SHA512 | 23ed4de3a8d4bed99903716aa5fef60b737b1223e57360e1d6d4b99efdb23fcafa2092a7c060e6b277a6b0ca0b02c408a49707675e851ceb68f40249ee619901 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a9774db9bfb69fb22c528d28fb540362 |
| SHA1 | 24bff369cca6901303215ea94fcae1e53ff5e12c |
| SHA256 | 9ed6c2e2f5f35d643d465ca70240a7425d6e3b0434d67cec79d5cff12e217215 |
| SHA512 | ada11b174950f2d40f25b147fa94e5ecd97c103b0333bbe719060c2d6428d43429b3d35c3d1cb53b69ffd1836d4fdfb02289af9350239e1afbac2955bedeb667 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 2a28be9d475a30eaddad569a8533ed9a |
| SHA1 | 27ebc1b40e905fa248cf6621eb41298a2ea7b503 |
| SHA256 | ff56e17e4f2ee57f2770cb6335dce6434c664a8678c396a75e2afbdff432aecb |
| SHA512 | fd0580fc4ff0e8a7f28837ad760129c1fb550e644bdb2fae101d43d479cf15ea929ee685020f96004c946fc635df528b1dd5dfe22cea3abf1649f702c39d70c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6501e05d75eafc4591614188500619ed |
| SHA1 | 6ee0f15e18510be766a839b15a494881f3003002 |
| SHA256 | 42d395cae29df8886fffe67f8d81fa358ae485db23d49a0075e81d9ead34e7f2 |
| SHA512 | 0953d98fdaead883c3a8d96f35da8ef76afe8a45542d698105937b2e8da7ccb60cb5aa7bb87be49d2352e3c877741089e48249a7e248f1547d3862576e42469b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 622d40b8525176ef70d22ff2d4c5401f |
| SHA1 | af46c70145cfe5532b2fa5af4ba3acbffb424ff4 |
| SHA256 | 4201559b09dc3e31b39043c3a2dd88e0162455d0ee015a8832623913534fc96e |
| SHA512 | 8733125000978411ba41b754e8874e0a095f61d3e9d470b9da984bedf91ae86f7fe63b22fcce65e713295b4b2658a2812c733bafa355ee1f00a41d9093223a22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f3b14452783eb0dd87dea0eab610ef2c |
| SHA1 | c94631a08a302c9f40fccc3bd7f03fff9bee8e78 |
| SHA256 | 28288d8e253646d1a601d8867a67245de5537725377bcfffad5c792103368b5b |
| SHA512 | a45f300b9bf6282a434ccc50fc449b781c10a216bddd17ddcd982f8674ed54f7c34a53ac3f530097b18641e2278df9ce1d624de00c3b69bc8a545b1ac5535588 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | e51f388b62281af5b4a9193cce419941 |
| SHA1 | 364f3d737462b7fd063107fe2c580fdb9781a45a |
| SHA256 | 348404a68791474349e35bd7d1980abcbf06db85132286e45ad4f204d10b5f2c |
| SHA512 | 1755816c26d013d7b610bab515200b0f1f2bd2be0c4a8a099c3f8aff2d898882fd3bcf1163d0378916f4c5c24222df5dd7b18df0c8e5bf2a0ebef891215f148e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 12e3dac858061d088023b2bd48e2fa96 |
| SHA1 | e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 |
| SHA256 | 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 |
| SHA512 | c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f37cd54eb916e8f9e12cde7e063bd90 |
| SHA1 | 935bb28cdc240fa0f2811c68b0610aa17e855190 |
| SHA256 | 6da6119970a773dc4a3ff4a2448e1f9ba9ce3aff6e20d7e3003f0b6f4ebd7352 |
| SHA512 | bcd8cf61f4c9df6c6e9779b2c57d0dca9d98a28ba00d10c3cb266657db5af92661ccc64edda20ee6e615b60d959a0617c0c08042cffb185a68d62816ceb02474 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06d744c7a7becbc6d259d8ec66453a52 |
| SHA1 | f4e5ef2a1193ac40e1f5b6da5b13ac44965b653b |
| SHA256 | de2cf48cd5859ad670c03dffef60d38fd3c4d0092a501f0a2dd0e6ab13e16752 |
| SHA512 | 5e13dbb0f33f64254637eb86621236fdfd7c04db376d1f2eee00b35dc4c06809c1ca730644df21d9519f749b431e68399a47af2ea172172d787eb9167e687118 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9c26934533cefee9071c37e0f19c9184 |
| SHA1 | 9f875b29d0eb6400f0c81feeccf460b1e17df443 |
| SHA256 | 7e646a3aa3b68a313571caf694b20e64e6c2c57245eed3865288264f0c7cf3f9 |
| SHA512 | e4a10cc31b08a629bac52bd6ada4cb211361cc7b139c7f15d230f96c6e2ba0043bed4ed1542e6acab1597eeec26088c40e7b9f7e228263da6bf21385edf126af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0ddbb35c221f1812eff3b7a0ee830dda |
| SHA1 | 6c7427c89596850ed79210ee17c2d4815a526ba2 |
| SHA256 | ace82af43894cd0757a5dcd46a6228f1be2f19d91b6e712777067fd2fb0aed99 |
| SHA512 | 6ca662e1b84b1a2330b8ae5bbd1491aaf244839685e11251e731ba87333dcae9277381a70f240624e8e99555999af4e98b146db970aa9a4db57b961302f03a43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 46eddb3406106817925aecde805c6577 |
| SHA1 | 9c581b4a674a931521f89974c454febd38e6369e |
| SHA256 | 4ffd1cf06c40b6827be73f7c59814e5d1de814a7da78883903bb9253f2f53997 |
| SHA512 | 11c811a836c58f3bd1917bf0a18a6ecc1887f0c4d4dce43e7dce1022fd642d4f24535abc43dab4f31cb5b28635ab25fee66ee6b2261213f7cd45862f22d2d857 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4fda71bf552e9afe656dd2081221579d |
| SHA1 | 76080adfe6951b8c042a192d589d2cd3ccb80319 |
| SHA256 | a378db85455bdb3f7c84d4f838d8cfbf22139eac79c14430c49b3071dbf6f508 |
| SHA512 | 27c006b27ced73b921fcb50e17687df3cd7c2f26fd51bc18396046f7e6d48cb6aa308144787bd0dba3b0d11d0d57bf00458116e4f43d4020b65a5ca573b6c60a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 7af9c425ad0beebc06b3b523a909498c |
| SHA1 | 1ab58a5e6d4279c0aa3e0562b4846796ea67e91a |
| SHA256 | ec80f1fba5d93c1108f30679301b3c514f2c0a6afce1ed4f20c9edb2154de177 |
| SHA512 | 81b0f06fdc03e2e4c63be625764f320df5fb4ae801cad63d7858d21aec82382e0a4807f7756704da3a727bcf47670e81999cec5148197d535ed80f1a08b36bb8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 665b01669144b454289b0dd8efab86a3 |
| SHA1 | a4ab0dc23643cb570b6cf3e8159fc1811695ab5b |
| SHA256 | 7c47d0ff2d5261ce2675de1fef402b99889d4a58e5a2492cd7fcc8afbfb81264 |
| SHA512 | 8b45401695926f0d6fbaa4ba8e434e58154d435a92d2271e7f52360555355c540b8da7e5df7491da41ee70a0bc2ffc7b2dd9731cad7141304fa96ef89385862d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | af15d9e7d0de7ff5799043af45003c04 |
| SHA1 | 9689710ce0b42aa8762758be4631b45dbdd8e19f |
| SHA256 | 59ae29cf572a10772f5fec30e502101f9261a5ca70a55f5b1043d6d206dc9d63 |
| SHA512 | a8cd76ccc11e273faaae23a02c30b2edec0cefd968034e666efadc45ca005c0765e0f079bdaed110a3ee63bcfbb7573a9d67037e446ff3ede11b17bec8a2092e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 2fbabef8f19f727c6705f4c6c9f307f9 |
| SHA1 | a9480bc221c45a93e0f83b2cff93a734e1f49737 |
| SHA256 | 7509d882a24c9937c8c99cbdba47b0e1ef1887400afdb26de465048193b2e16a |
| SHA512 | 583da03d1acf01658e2d55bcf6e9fb5f25fe8dee17f79b61f95f53b05458930adf01d5c27e247279036fe75e567581dfc523d207487bdba4fd29a4a782674cec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | d8fe7f001e4a7c95c5b1d9e084a3f268 |
| SHA1 | 1645e107da40e320679277d0c7ac48e7b3be3d41 |
| SHA256 | 885f32366d4a3b530275314e60992d09da8ae037323db6d6ba55ea8c468301b5 |
| SHA512 | bf22306f3f00053c5ee022c722fba9f4045848dd7011feaf129daa8b2955e8b3a18d03636b52c4c705c28277c14ae66c29963e0d14c6d0b0c79a4653823846aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | fa9abbf50c80c2936497b9538c97e9b7 |
| SHA1 | d821b95fcb08009c176eedf726d38eb0b3349ed1 |
| SHA256 | 515b7cad0fb2a5f7f1e47c633002044ea7d9a6bfb1449a8ab5cf5f6b8984fcd5 |
| SHA512 | 1b05dd1866ea6239969703add46e916f324e413a767bb5b6c6913a9834198effe20702c7b8d85915e7fed891b6f6e3371cd0e6c21c2011e708248c2b0033ec06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 45a301589eb57905354d927dbb980efc |
| SHA1 | b404babccde07f8cf83332856a65e3d0375896fa |
| SHA256 | ed27c35b3ec7c1aaf0eeebceb001d7b24f198eacb03b68c35088a05477c968c8 |
| SHA512 | 6c14734897c7464f3e595a292df0bbd8bd2cabe926fd1191dec2bc6b4208707f204b1cb51904bf83623814f27e59ec440763f760cbe12eeded6090d65ad248d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | d0263dc03be4c393a90bda733c57d6db |
| SHA1 | 8a032b6deab53a33234c735133b48518f8643b92 |
| SHA256 | 22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12 |
| SHA512 | 9511bef269ae0797addf4cd6f2fec4ad0c4a4e06b3e5bf6138c7678a203022ac4818c7d446d154594504c947da3061030e82472d2708149c0709b1a070fdd0e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 4ccace433f8c1a0bc69f6191d99199f3 |
| SHA1 | 016d9457288825d7749e1cd019e53aefc17f8e18 |
| SHA256 | 960a414594df0d055ec13faa36b47525b05eb07c08744989d8bcd7f798803203 |
| SHA512 | 8326f3fac3536193ade710195f4278d5d84130a822a80afc1aa1ae079ea1ff8345a90ca90e549b8db37e955ed401870b777b4a72b437b0b9d2e7871c6210d9b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 42e84ebcf5470237abd1f9e322b751fe |
| SHA1 | a828a45804554507d9e8521c36109e8bc3d5eca2 |
| SHA256 | a9fc7baee3689f0331e46617f60d6e7c3ed631209b7211e7dd09cf20d22a64c1 |
| SHA512 | 36606d42aee5689819dedf221af3c6c0da06aeb9997b9ce84b42db42ab80a0926352219f1e47f2287dcc850fcc96e4eefd5e487e09e1f1228102eced11271e25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | e731a7ef6cadeaa3626513bd696a564d |
| SHA1 | 87656e89fc33abbd51728dbdb83291584b6adb2a |
| SHA256 | f90f7d05aa59fb28e08b8e485933863664248f67a34206825a9b99c62ff15244 |
| SHA512 | 96a97028b39dec3fd6dcfa7e75444d486d77c49db3ae1998b22bdfd6a8457e588f768ed43a7fdeac2a552e0468d766d68658dafd56d4011cbd3148e2c328a699 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 94621b812ed9dd7e7a9a93975e1a846e |
| SHA1 | 31185053e75578f04dd1ac9aed151b673cafc464 |
| SHA256 | bb76db18bb3adf500689029189a2f742e86b6e47427f8e9cd899d9e48b3b263d |
| SHA512 | 4282e622d976e8c2ac1a8ef6ce62fd6979b7526878d60d5087b6ff41eaf9a355f190a6993b995ff75e1081c4c55914a99fae36ecd4a4f62aba72e96a5c20c6df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | f4807010c4ba033949810d2b6b05f6a6 |
| SHA1 | b333f20599cffab4f29c3157d615dcc347b5e270 |
| SHA256 | 8e4f394e7a9fb72a75813d00ae8528df8c3691448a673d15f7ce201e185869f1 |
| SHA512 | cb915bc31c58a126aacf0475a40cca9466140d1fac91cfd1dc8ff9a4087d039cb6cd566f70c850a39b705ca63726c8cb8b9addd20fa1165a108fbdbf3b4b23dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c24e78b03e350e24776d7a5d4cc36eab |
| SHA1 | 62d03c0c5953a5d074f9ac904cd79a507479d706 |
| SHA256 | 5d93172722ac779cbb6f52542f1fed5c0bfd3bb5856a2a40a732c07525aefda0 |
| SHA512 | 8ebf8d354d3c10cb55797de99bf376476b80379472f04dfe4cfba7ccae171cdefbc5620e51c5731939438e6d4bc2c46508a5e5e2560ca0dcf76d995956e1d697 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 164ec96efa0b936536ab2111f5cd02c2 |
| SHA1 | 138a55c114960bbb48181ae4c5139e9688e1bba8 |
| SHA256 | dac3f04522d218f1e42d9e1cdc362112d2be672a7220340cb233aa134003f321 |
| SHA512 | a2c3006fd1a8e96014a523a0e354a37c10019f01f3f154a4cfa6235960718cdfcb8a2fd4e198e4deedee1b5450b7a776318c9cac13590790fec30767059e8315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 3bf91e6105edb80d761a7bfcd5b4454b |
| SHA1 | 9555f68d374fffd87f4f4c64049068b5e9f90f1c |
| SHA256 | 0374a84ae0d30925486f5fe1fe00e906ec39a366b3cc7d05e8a34e91a94337db |
| SHA512 | bf8e6736f0dfac6edb28bde6c350cd21243b3aee3a9ee0bc895d46de634c543d3e682f397a7261c06285ae1b8491868430d6935aeca0c44f595bbd8796f6b6ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e99dc6238124ab053a93cf7194c0ffeb |
| SHA1 | 7c1dceb448aef736a66d694917aef977c274c92c |
| SHA256 | ce562c816020e91c319f291752a3220b7bd0eed7c1ac0fe3f71bf06cbec8e51b |
| SHA512 | afeb70bd08693f124653f0bd3b89f583fcfea4f8d64df9e5c998d21f378d50eaa6c6c754399710368a4254e8c08bf8e18c19e6d50ff434191f46ffa5de7ed1ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5372881b2a4572ef0b3585a5a0aaf485 |
| SHA1 | 33287836ba539765579ae597756c2de00b5cd540 |
| SHA256 | dadfe3a3f79b57d97f1c3e4ba0fd454acdb8718a4ee5e22daa1c6adf531e59dc |
| SHA512 | 5ee344b1f1da5520f15db92f049781a7b456e93fb523b344e758956eef95d3e48a4377fe02aef6ff89fb7889c26ff8c132b03ea07ce9e25cb2fd53443d724b8d |