Analysis Overview
Threat Level: Known bad
The file https://api-wpsnsftonline.api-loqin-run.workers.dev/ was found to be: Known bad.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-12 19:40
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-12 19:40
Reported
2024-08-12 19:52
Platform
win10v2004-20240802-en
Max time kernel
689s
Max time network
679s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://api-wpsnsftonline.api-loqin-run.workers.dev/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff82fc046f8,0x7ff82fc04708,0x7ff82fc04718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2460 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2468 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2452 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,1531306389008780770,13452998399757283444,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api-wpsnsftonline.api-loqin-run.workers.dev | udp |
| US | 172.67.164.238:443 | api-wpsnsftonline.api-loqin-run.workers.dev | tcp |
| US | 172.67.164.238:443 | api-wpsnsftonline.api-loqin-run.workers.dev | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | 238.164.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.58.20.217.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 14.173.189.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | api-wpsnsftonline.api-loqin-run.workers.dev | udp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | signup.live.com | udp |
| US | 13.107.42.22:443 | signup.live.com | tcp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | logincdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.42.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 152.199.21.175:443 | lgincdnvzeuno.azureedge.net | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | fpt.live.com | udp |
| US | 8.8.8.8:53 | msft.hsprotect.net | udp |
| GB | 23.48.165.20:443 | msft.hsprotect.net | tcp |
| US | 52.167.30.171:443 | fpt.live.com | tcp |
| US | 8.8.8.8:53 | 20.165.48.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | client.hsprotect.net | udp |
| GB | 23.48.165.25:443 | client.hsprotect.net | tcp |
| GB | 23.48.165.25:443 | client.hsprotect.net | tcp |
| US | 8.8.8.8:53 | collector-pxzc5j78di.hsprotect.net | udp |
| US | 8.8.8.8:53 | stk.hsprotect.net | udp |
| US | 35.190.10.96:443 | collector-pxzc5j78di.hsprotect.net | tcp |
| US | 34.107.199.61:443 | stk.hsprotect.net | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.165.48.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 35.190.10.96:443 | collector-pxzc5j78di.hsprotect.net | udp |
| US | 8.8.8.8:53 | 61.199.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.10.190.35.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 719923124ee00fb57378e0ebcbe894f7 |
| SHA1 | cc356a7d27b8b27dc33f21bd4990f286ee13a9f9 |
| SHA256 | aa22ab845fa08c786bd3366ec39f733d5be80e9ac933ed115ff048ff30090808 |
| SHA512 | a207b6646500d0d504cf70ee10f57948e58dab7f214ad2e7c4af0e7ca23ce1d37c8c745873137e6c55bdcf0f527031a66d9cc54805a0eac3678be6dd497a5bbc |
\??\pipe\LOCAL\crashpad_3092_SWZEUFMTKLFLNGZO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d7114a6cd851f9bf56cf771c37d664a2 |
| SHA1 | 769c5d04fd83e583f15ab1ef659de8f883ecab8a |
| SHA256 | d2c75c7d68c474d4b8847b4ba6cfd09fe90717f46dd398c86483d825a66e977e |
| SHA512 | 33bdae2305ae98e7c0de576de5a6600bd70a425e7b891d745cba9de992036df1b3d1df9572edb0f89f320e50962d06532dae9491985b6b57fd37d5f46f7a2ff8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 711ab3cea8f7c0db903794af48da2fdf |
| SHA1 | 5959fce89ee97a2898dfe732c6fa13e9c6f80c7b |
| SHA256 | 66160b315a88279fb0a738204b2ce094f6404e7b5b496c2d5906d045deba71e8 |
| SHA512 | eea5ef0a4462bf9973da7b32963c2dd5fd75dfed4e345cfca7427810a8b33dec0f61cbd3a08fd6337d6e70d95ae7dc820267781f8b2432cb41e5f79df4d550e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6b1c3eac2fce3d114f6f1262266813f7 |
| SHA1 | 7b487645ed1c63408534eaa4b43e8233d8275e49 |
| SHA256 | c5bcae230c74d1cbcc81073473d3c826469fa7ec46f69dcf95eebcf4c3b9fdad |
| SHA512 | 5850807bcbb9e7642e521c3c7b806b8057d50b99f8a3e260ddc59b20fd04e591e7cc32bfb50cc98aac407ca3ca76e9eb251746194a60cb5840c153e53a10f550 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7ce25cb16bae0f2897ffb2c404048d81 |
| SHA1 | c4b85ccfc768352997a8a298411b39ecc73d22c5 |
| SHA256 | 36123fb107870160cbdee73184bfca23cd3d00886b28fe428e58a5f578a9546d |
| SHA512 | 40b245929bb496d51f464f8807eccf5d7b3731b4b43d0bbfe40e793ad66e92829ff8326182292a57293d29af7003ce6c78aae4c4eb114d7465f000f3925160ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | edcccab433012b61c525774ea9ce7879 |
| SHA1 | 02a794803a6d1e0148e0ca86f724c5f18cc66a83 |
| SHA256 | 82b645335ce2adbb31174eebf211221f2594920a369803ca01823180c666a9d5 |
| SHA512 | 7ecf809c090a1e58718534c0aa444715c9d5779de70d58e48a43abf38a813760263b8c5a49663050e336f82b3c9c31b1e5abfc5445bb84018eb3c9f82f2c7782 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d49594a27b70b8578a6a25c96f0e2abf |
| SHA1 | 425effda6d9adabc284f5344d9dba046f13e43af |
| SHA256 | 47c0c3323b19ef5467e1af4696cfb09583335313d52850db6e6f57dc630eb130 |
| SHA512 | a58239b2aa7b551a4071e90e5c1a2139ef5c28de572769547ca858761d6ee6ea51c8122e9e3923199540cf55bd8e0955726e869300fc65170397056de274c6ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4449eab05f13449d15b51403f0702052 |
| SHA1 | 26af6f5efabadf318d1513bd47d817236ad48a2c |
| SHA256 | 9a454cd2a3465ebf9a640d64435da702b2426320ac267631eeffc2202e850a03 |
| SHA512 | 889eb7ebbbca7e73b44e4e81e58bc64a5ecf3d0c7d1f532658c339640e972768ae25964a0a526aedb972af15f1ec3e061fbc131dd486b8cd4769cca19ae5296e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 53cd1b8b3ae1e2511aa37782be1071b6 |
| SHA1 | 695d1c729eada1e12d841274f38f8893d7510e84 |
| SHA256 | 17127f128c76049dce47ccbd48b6bcc55d70810551db036d6232e82b8f6cd59b |
| SHA512 | 45b31a37776ff957d44ac6b78bad6c6f733a4be15e4fe6470f119e17bbe23f7c90dab514873a396dd68f7ee1def2001e3df7525899fefa2f0f41c2a9ec856a03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e2c6202697601094e10a68eb409c9c32 |
| SHA1 | 72167ddad5f79720873efe034360dce27bce5121 |
| SHA256 | c87fb1771427a5b2624708587f24ce8f5fc4e9129af5ac124e9416b5e9409a1d |
| SHA512 | 983d75dd07765bfbc976066f20de6083e8bf6b7ced884e9eb2dd1a90b5bed2f9e392834b8ffcf2b543873c928f3b5c37f5e339aca5cf2c43f1dc5578e6add467 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 356982dca205a1707259768a6631e766 |
| SHA1 | 0e448c7cdfc230c896e034753edd1b6532a07a38 |
| SHA256 | cf4273be2c8f89b43e68a3ef6305a313c818f41af1bc22c47efe2d18e3ee5955 |
| SHA512 | b1b306fa4ed7b57301c43d68da5b0c6d8dc9092a29d5309753795d1adebb42a88633a828702f63dea0111fde915ab83b79ae7246d7ec57c01ee1f7c3714e83c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 07b7a15b51256b39fc0a95ce528492a3 |
| SHA1 | f57a19f8fb3fa408fec357aa7129c863d69c335a |
| SHA256 | b75ab8a8c391dd9b57721836047fa9d29bf72578042ab04804793d739688af0a |
| SHA512 | a2ed5bc18790108a72097e14b719fedc7c086ceaf030514d01fd00bb144154815f172b5972e71b8fc96cf9006c74cba6ba94d2e7bd42b6249589ec2637a3a4b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ab40273166b52d51b34424700091ee1 |
| SHA1 | 93bfeab206aa5087e643e46205a659af1534d267 |
| SHA256 | 16e6c5a028965975d110386630c4c90f93190133af858145d6cb1851d4eef1c3 |
| SHA512 | d0c477d80543ec08c6d335f4d86900448b1e1cc94d1ee5dd41d9305b867518e50c5cb9a8498afc04d75430d997ea5944215b69df9c0dd93022dcffc7d24a25fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c8dffd4edcfcc55e30a75a8d05311de1 |
| SHA1 | a84debdf8664130edd56f65451769b97dbee8ba9 |
| SHA256 | 3577a9a61d484e1b52cf87ddd78e8ca17c12819325ec4a63e0054e081c27768a |
| SHA512 | 85ddea42e9faec306f903aa7cb877ab6478fa449724651ffef06b34885941c439d601c9426c2251c6e3db6908f31fbff962767d298f8f0c57629e9b0bf27738f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | 48981d3cf57e7c58ca7e3e851ef9354e |
| SHA1 | 73593de7633b10f9ffd0ef0e46280fa40ff433ff |
| SHA256 | 8a5e756923cc5c3f013862427b7622f58a52501c5a6017fff2fdb2afd94a10c2 |
| SHA512 | 4e2b6ea222ce77e6ec12e059362dddea13758cdc77259ff5cf449bed5a1677e112cf49cd7ed7b1378f96ffd7c5e21be66d2ca7eb2a9cd8026732f867fb5ae8b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | 264fde4f7c4ae3549e7a5db9918ec70b |
| SHA1 | 3e44966dea801452fcdd044293dbc1b588cb76f0 |
| SHA256 | ed107531469f162f90e1846e46eb9b0ee47d9b35387e5ab05e77248aa1b1691d |
| SHA512 | bab0bdfec6afddf56721a06f404e941fc6c4cccf94ee6db0d3de05e86fd7a3f169deadaececc012ef5140c3b979ab31ff58a2b6f17b88628a2a1f7a93d28996e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | bf12d3e26e9c72d73e362cc8addc713c |
| SHA1 | 1897b82a601d435fc73bb8b7673959bc3f6b60c5 |
| SHA256 | 678ffb2c76bfb0bad0c1741b5de65af3785cfcdf0ef0a9d9d54e1d8a85a66352 |
| SHA512 | c1e7ce8d4bb0789d3cac8b5c26c1366a7acabb2c69218d83c42ae1ba4a0b96a0fa6050a134fab2bac2ec422d8644f140af8b46fa670926875ad572764b3b3a70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dd37e078b136a63aaa1b6a101f0f0f3d |
| SHA1 | 45dda51f9e925cdeb3dc1ea3f1e25789006e3fe7 |
| SHA256 | 9daf88394f7f07c5e853932aa2b2b573c32007fd231444d7daf7292c86528b25 |
| SHA512 | 51a3f84d9e546851098bdb4d874457cb6724c0cb172eac7d5d938d971a953f7848d6e851084dc1164f022f69a1cf9b2ac5a9da1684f22f06c70b753f4917e181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cccb264f302114fc0a302362d0b5b388 |
| SHA1 | 476b60d1fcd8ac7b3cea17ef31cc04515b2ee059 |
| SHA256 | 38ac5dfe6fc965890f1b3348621981a9de24b09bcb6d4d312d1acdf7b543a73c |
| SHA512 | 9fa7e442ba7718f78b7c55c192d0f5c37840560fb028059a9614ec90d0aacff86e954c403a79afa70140bc9de7eb0dbb83e64bfd0f9ac62306d081e0652a4eb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | d87710c92a9169314374e7ecc57fd636 |
| SHA1 | 00c6a3145676841eb11dfe5b6ee7ec80779dec38 |
| SHA256 | feae2b24f332cd10d372e643a59fe5c8b66f078a42534f20c1b0ccb6547fd37e |
| SHA512 | e5d33657284ef75d250c64fbec89d7bde3bc7ff86c7dde341442a8350f23d9166b67a83f1d02231f19d566aacb93a1c8580ee5bfa8fed706064af416e0d99458 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 598ad90ca39e2c2d9e20549055bced49 |
| SHA1 | 124d68ff8a7e78f97c70dc41c2072b7f8d7e8ce7 |
| SHA256 | 0ef925c11051552eb9d811f83019e186a2fc87702a1185f6e9f7230583838b0f |
| SHA512 | 92ff6d68a1686d2fff657be9c600b408b78f96d813fcf7171415b9c6c6066cfeb3f3763bcc9562948728cbc08591adc493623d65207713af336b3c2f3b93d823 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c5b77b9480411198eccf68bead2a4e2 |
| SHA1 | d1ee925305324cb2649fde4907c35740bb9ab283 |
| SHA256 | f50ffda0739094da580c2d0b83d7f3af76a41fa457b106b7c1d6623656fddff7 |
| SHA512 | 98011bff484c90fff4c0f273d42eac3582b092af6456420a6a7898d2059f0fc438d615149387a39444b8d2928d77c67cf2867060a16d15e47465aaf460889d0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bcf57aebc4a56ad352752843d0043735 |
| SHA1 | 8010afe234cd28732b222befd9ea7805ce487046 |
| SHA256 | 7888d01e4ec081ab3ae54447959c396fc787c5cefcea68b7b1c64371affcb52a |
| SHA512 | 7d3238788aa5347bd6b081f66b9ddef38df4ba3eac0458a25ce067245ad56d465df2c80e980a31fbb833b8fc31606746a4adce0176cdf256b153990fc12de3cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b5d09beb43a27f9ea287b867db64c844 |
| SHA1 | 1b78d7608fe4e870b3a7a88b2f3f4400157e4531 |
| SHA256 | 52c03fbbc7b3a6362dda11272bed1fb03340656e362d6bbfc765a76949471686 |
| SHA512 | b4bf4b8ab3ad84a40e90651f81fc5227434ee988295187522e328afef128802a9f4f6e252aeb28181830725ecf1d0f137b50a35400bfbc2f58b5d32c7cf8a59e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | fedafbac6d003c0d0dca6f46fc3305c2 |
| SHA1 | 19a766d07f77fb5a37435fb94001e6170382df36 |
| SHA256 | 15d89cd4219307695e0c0e02d0a852bce5f1549dc1c48d0116ed05eea0747461 |
| SHA512 | e7175f8e39f1ab98b8419fac92619f1776f93225cefdde1a5e4629073677add25b2ea77ae113e64eb03a4cf7e58347872d81892dd31bdd0403d2c2deba421f19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 12e3dac858061d088023b2bd48e2fa96 |
| SHA1 | e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 |
| SHA256 | 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 |
| SHA512 | c5030c55a855e7a9e20e22f4c70bf1e0f3c558a9b7d501cfab6992ac2656ae5e41b050ccac541efa55f9603e0d349b247eb4912ee169d44044271789c719cd01 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b0c1e4d1b10f91e768d37e590995e0cf |
| SHA1 | d14fd1bc6f459940f80bc9a746e5dc7096274475 |
| SHA256 | 076f59a31f6972471fa007ebff9d231c3c9357873d36beb9b729026c42fbc221 |
| SHA512 | 9b978ae1da466bb909a53c1dd321372b2f98f06a9e481808e230c4aa0acd782cd9832fe684ba93f0a9428227d8c4ed5ad00f80ead997c2eacc8e360e0f38c5bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 18df4728992fa990dcd4442b9e720e8c |
| SHA1 | 1887c1ae6dd03d4fbf631f744c3e5fb4a7bfa858 |
| SHA256 | 6086c7009fbe1442759f69f7364a26a9bebdadb8dc90ae36d640e77c2b3b08cc |
| SHA512 | 6ec2012fdcc49006c63c3357a72eacae5d177103f7ef00c2c6ef1b344520f011b8efa7d60532b0e36acc171d9a5cf5790e34c772c7971f4f8b02a8e6a5802686 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 157cd264060ec0aa768c58fa5e3bcd45 |
| SHA1 | c11f015567c602806d9b2faa5fb5c36ed15d2bf2 |
| SHA256 | 5aa014aa67ddc6e040e1f60bbe3b7e810809759b561e391a9b8f84a93827e07b |
| SHA512 | 556c196743a9cf18d0f5ee8557acbd4867da253bbbfefb9539e6c6ccf983351a9fdc3ce5209018771b72a2616afb643da914298fa5ec57ee1d5d871c27a68c21 |
C:\Users\Admin\AppData\Local\Temp\84c199b0-3627-450b-8de1-4998e1bf4fa4.tmp
| MD5 | 06f857281571d50dbb52ceeaf2820154 |
| SHA1 | 0e4700b12a919c6ec082da90bd90827e5faf8ebd |
| SHA256 | e812aa197f6640caa41c8ff33c4cc35f47d9ace32d29d3538917dd78d8a3c7f5 |
| SHA512 | 7348f9d122036aaaea0f411d30cf78eda6f15fb0df8c89b9624c970b216fb6a888fe4d5a614ee276360edbfa7bd8fe2dc6fa51d6eace5ee45ee51ae9f641fbda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4cc7c6bcc5f45bfec8a4baa2da2c71e8 |
| SHA1 | b039bc564e270e8529eb6cd3e09eabdebc433916 |
| SHA256 | 6ed521f1c24dd596d1b4aefe2963097d2708ccc07cf2f4b3fbd37657151b96d2 |
| SHA512 | 86a0d23a05b0667fc4f5ddbc3b5a310565467c756dcf786fea5fbb2c91e612bdcba2f30dd2ab297a470a508b41df34ca0c7e2e8e0f7ea7cea6ed375c76e21a0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a819ea114c8f466e8000071f0ea7e1de |
| SHA1 | baa00ef19ea27c2bcb630f8f5021d3a496fcc081 |
| SHA256 | 392bad4da302316f03e6e27ba845136f5912d55290d574e5865c542778860f98 |
| SHA512 | de97165cd2c9c6dcca2c02970497892806d5e89eb0b1cb8ed2ea82dfefc15056a5cc1e34e732a1bb6bf9b3300dcb1ddd6972e25e8626f88ce6827075cf6fd503 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 87ac1b28c71d7e418ff325c7b66e38ec |
| SHA1 | 4b905fc24693ce230e8b128cf135f9b7b5f95cdc |
| SHA256 | e30b44ad3dc1db689177ee3b0a0bb4c3d62486d068b6e7a5143fb68d96800869 |
| SHA512 | 4be8336dc22f561f0d99ec97e2aa5e43e5135665de52532db85719d941a8631d558c0cafde4ccd779432567c83e2e6713914a38abecbad6988df2500fe40caac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f75d05defe288d8bdf3e9b4edc0e0d1d |
| SHA1 | 448dd1499f41fb550fa246b80bdaf04282233703 |
| SHA256 | 9b187639b6e37628dd49ba03dcef4c98d9ee26bf9d921b9c9ab2113fceaa1d75 |
| SHA512 | 33458e910c4cb706650ad9d60123aa1620c4daad2d19ee5cddc3e1c5662f779e188abdf963946f39e80b8afc2ece33593bdec315fb64bbfae30b69db8ca28e13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8ca4eeb89bcbd579e5e0c009b3f76ee2 |
| SHA1 | e1d21d25c738c01c6227cbfb779867379e4aad15 |
| SHA256 | 3a83de9cbf5d02e252a063a6a9c63ddfe5c91bf3c25373e80f119de243af5f44 |
| SHA512 | 0e8f58c9e90ef58afb7e485e18966259f3bc9a2a2b54998df7e2b9b12812fe926a829ba4f150746538674bfae3b26bfd321a6295e74218f947495b1d7dbc19fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c75f674408b342f3e1e85fb429a9051f |
| SHA1 | 00fe92378c6995f5f8876125761474bd79190fc1 |
| SHA256 | b22dcc5c580fba3a7ff028c5ff1ba51e96cd6708b37b9d961b08d43789f553a2 |
| SHA512 | 6be6a2b293eb6bfdeae8f759f2d4c76c28bb9cf33e0dbf7dc3fae8482f49c07708ddf76f6e2b2536471d9f11e76bd7a8d73083f11b0644ec08923464c7b9162a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 600546b7bf6582b58ddb3b59e740bc8c |
| SHA1 | 253e14eed244c9d2ddbe7eaae0cd6fcbb7f41d36 |
| SHA256 | fb3cc038778072c3202c2416fb62b20133dff98b7a87ca4243a084b45509c878 |
| SHA512 | af83d9882cdefc3afef352c53b06f9e6880aa7cc606749f20f2656d7558b079bc3eba64ea9282aeb794d673d8d84b3ffced010c7943434f2ddcfe1dec4a43d89 |
C:\Users\Admin\AppData\Local\Temp\eb2e85fc-b267-4daf-b0ad-ffa8382cb8da.tmp
| MD5 | 17a604c8e956c553f33b07f1be3dc978 |
| SHA1 | 5614cd41e1ea12b4f1a58dd1506e60be62d06c36 |
| SHA256 | f73b0c8dcb40256a4b58f0aab55bbd93cf2568c2217dc51464dc1ca8e2c6e861 |
| SHA512 | f8778c6bb2f8ffa51b77e18eb6c3ab1224ac0ede937e372e66212754453cffa22d569023edf7569a88a319f1b9cdc1859df7f420d13f90dcd965578c92d365d1 |
C:\Users\Admin\AppData\Local\Temp\14883d15-cab7-4d98-8f85-d259aff13891.tmp
| MD5 | 46831f0a37595b690e1dbb904a3825a3 |
| SHA1 | 867ed1c3e4d848a374de88e63cfa2772294d2b18 |
| SHA256 | 7ea56f08e04f1626789d2b792e2e93ada4759efeaf17498e1f7ed4dc8759ceed |
| SHA512 | d42420d1ee00cbd3429fb14cc1122984b92e26c6730227bf681513054987ddc7c2f673086f24dc562e08d11159805cb23184c8a385d3a78e6ffaf43f407a7d0f |
C:\Users\Admin\AppData\Local\Temp\b88a9848-f827-4b3d-8f2e-667816182aa0.tmp
| MD5 | 65147ed1c0e19f015282721726964db3 |
| SHA1 | 30fee90b52926765621a8844345eccaf59b8249c |
| SHA256 | b61dfbb8328af86fbed51b0a7c1bdaf3170f0ca50c81a6be78314ff99e7715cf |
| SHA512 | 9ccee35143d24d3dd95c2c02720595a71f9952166a23ffffa665deb9e24e91b1792f94d076695c81faaf4c227f2270b4331733ea63d0cf8a38397db229fe2687 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b67ed229aff73f143262b1f77b21196e |
| SHA1 | 37de2ef9c8b01986e94989c51cf7fb4b660b02b2 |
| SHA256 | 6715d88760602cace3e09bdced18635d58f9f4e70b99a634f2d9204054a76fc0 |
| SHA512 | f82586b46db94ca39cb66ccd40f5c8bec83c943cbb509f22f8803fc2ab4b6a866b2e7df7fad5cf6579eceb606c1ede302a56259f266ef1de45ac4b0449b9ce74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eea086a91416377d07c7b733ee0f4150 |
| SHA1 | 565773eb878b7c7858c155fd80c94d4bb84d97e8 |
| SHA256 | 5bfc9daf855cc1a36fd53c30fcc0d6dc8e63a887fd40f12f761bc04611af813d |
| SHA512 | 11293c7a10720f20d33a0277dfb18cc6cc04311f4f7466c28c3faad66ec4ba1fb2e98c56bd9703b35a30079a3e9b2de11bf79cfd008a1889e40602c28e67ed89 |