Analysis Overview
Threat Level: Likely benign
The file https://aka.ms/AAb9ysg was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-13 09:33
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-13 09:33
Reported
2024-08-13 09:36
Platform
win10v2004-20240802-en
Max time kernel
148s
Max time network
150s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://aka.ms/AAb9ysg
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc36446f8,0x7ffbc3644708,0x7ffbc3644718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3612 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,6057528473423729996,8919210871637443923,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5140 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aka.ms | udp |
| GB | 2.17.6.114:443 | aka.ms | tcp |
| US | 8.8.8.8:53 | krs.microsoft.com | udp |
| US | 13.107.253.64:443 | krs.microsoft.com | tcp |
| US | 8.8.8.8:53 | 114.6.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| GB | 184.25.193.234:443 | www.microsoft.com | tcp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 184.25.193.234:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 184.26.57.234:443 | c.s-microsoft.com | tcp |
| US | 8.8.8.8:53 | 64.253.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.57.26.184.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 216.58.214.14:443 | play.google.com | tcp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | udp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | payments.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 142.250.102.92:443 | payments.google.com | tcp |
| NL | 142.251.36.14:443 | apis.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.36.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 92.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.102.250.142.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
| NL | 172.217.168.246:443 | play-lh.googleusercontent.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 45.19.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| NL | 216.58.214.14:443 | play.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dc1a9f2f3f8c3cfe51bb29b078166c5 |
| SHA1 | eaf3c3dad3c8dc6f18dc3e055b415da78b704402 |
| SHA256 | dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa |
| SHA512 | 682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25 |
\??\pipe\LOCAL\crashpad_4204_WULYLULJXZSNZVRB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e4f80e7950cbd3bb11257d2000cb885e |
| SHA1 | 10ac643904d539042d8f7aa4a312b13ec2106035 |
| SHA256 | 1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124 |
| SHA512 | 2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\3538a4ec-a472-4d77-b690-938310af39f1.tmp
| MD5 | 1a356909b42a154a8a26afb507186ae8 |
| SHA1 | eab7fb1575848c8164276a1dbd6c38518437a8b3 |
| SHA256 | 5ff19a02605553eee2cbc243195f510cc1aa369f1838240df4b54e3c31534b1d |
| SHA512 | 01c53cdf3989632d88a71c34f79005c1e3f6cd1b5ca5e9064aacd808d274094b5abfe5987fb0f3c143924e52bbc7d8d09c1e98431b750ef006164502bfe1e5cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 04e1f8ec7124596556bfe331de294373 |
| SHA1 | e8dbd1ac525ca52a0eb1655c254ccd42ff16ed1e |
| SHA256 | 7d304c7006f220e6a25213fd6f86f1660881c8b1727d2663818c16df580f51c2 |
| SHA512 | 94350286850e90be5d6effdffae3ba0af1732b203384368953cd3c0046119f2c20be0a15089aec0cd0a950c85a4182a472991854c9400d57e6052bd4aa1e814f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 39a8c5c0cf31872ec1822e714606ab83 |
| SHA1 | ff13ce749f038c227420ab14c3b0511bda8aee77 |
| SHA256 | 6333d6ffcf6f7481d471050e50d3da79ed0cc3b25273a5a1661578301b17ac78 |
| SHA512 | 8beb43dd8af5f478272db14cc75b3c4fa3b267e816e3bde03b168f68bdc8191359cf8c5bef2aee565a49a63e6da1d3b3c6c3826f72681c00113d263ee76bcdaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63d51525e419a6168697531a922f5012 |
| SHA1 | b526ddb9833acdea43c6869bd8b11f282a96564f |
| SHA256 | 2afafd91ad8059ffdc23a3728fe627261bb4f4a5b03d6f64ba5caeb53ff06601 |
| SHA512 | 87a67c777a3f363c94f5352636946d73a1289ef39ca1251a4540ca9c1ffcac1129eefbfef607e8485cf936f43e154fbdb717f730c80e4c690859cff62dccfadb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6211b4036d139aabdca0e1ea1886699 |
| SHA1 | e22651cbbae2b6d6f34372c60eab50b9b57c8b45 |
| SHA256 | afe78a86dfb53e62f7556e00891a01ec0b7756fcb0e84abf6dcc5378a62001f8 |
| SHA512 | a856da530816cc16a28cc76910cf4b4873c44531c2da1a182f97e4792295a8e34762eb93a338021a0d62118b70ce778b2f45232bc26e83b64fd5071b0f1f84ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5828b1.TMP
| MD5 | b2c4a1c268031a31b9655d79497994ed |
| SHA1 | cc80b390b45e7ebe64950997d025c75b059e061b |
| SHA256 | c0be5244d3c8b151804347d233bf15a1df2237cc394f3e7ef5cdfc3aaeaa4477 |
| SHA512 | 9b2bdee0148f2d115755156ab5e894864092df8e5519cef74aeb6a860b4997361c87ba5fcc1e3f7c6d3bf7a84e0cc7859458d4e4ffd68a6f67d4bcbb53281a89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 39d8c53f5256399e1dc2b9c404c98d30 |
| SHA1 | 8daeac4a2093621ef93c19f12a6680ace547af2c |
| SHA256 | 37ddfdf786550a7584aa84fbe5f12c17b96e0b6d0826e752cd57ad53f31ac205 |
| SHA512 | 2b39af396e279357ab45901146d5a3cf20e9299f6bcd9718c3a9d71b97e3e5cecb30f38851894da66a7682b217a2305eba01a779039fcee0f681f956e7bccc90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 99c2042976a455028298684cf4ecb164 |
| SHA1 | 28606b53f6dd88ec85da41ade186d251d1b399b9 |
| SHA256 | e3d7aa3cd11ea9aa8b401a9251952cfa0df95dc55bbc0acc979f76ad36efd6ab |
| SHA512 | 168d14b8024e07714abe3f77f3ae307958a91329c5a5054a2b5ef8f06772c8406978c229c35d4c243513c53eb30099f76adbe5d092ce5e4903ecc64e274a823c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fc5fb50d50d3209b14d9e0e8a1595856 |
| SHA1 | a9cbdb16d2cf373990973e3bb4fc354228db5b77 |
| SHA256 | 52c9cf9ef16230aa34647c1b6208954e4eaefe93c68a94b9cca38d947b6f9020 |
| SHA512 | e90c3bd3d3afbdedbe48c3e02ac77b848bfd6aa79640f1b1c587c54e1fbf51cfb80122b88835e39a13b5a70d5513c81fc10cd8d511a26c057d8197173cb9ad05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 581f15fa9325375ea6066c5bd89902ef |
| SHA1 | 6b2a96afa3f218773ff00f54b11d242053847f5c |
| SHA256 | dbcf99780825125b28902813ba5301e034636432e57d3a915ad63c91e908587f |
| SHA512 | c3789995357720668d40cb19017ef4d90e47e89f7c802642168bcc5070b7fcd360a356b4775dbe69e05465d502913380fc8a8847e261f0469c862e2036f5e2c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 7f2e1b48b71ec58fda4539018a2f56cc |
| SHA1 | 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 |
| SHA256 | 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35 |
| SHA512 | dd7b52119d1179332147984f6c7d8cdcb3388aeb1e8af708ef9036acdde6e7b3900acc965221f4e4864dad89797072e19e5b308cf065a65dda7656be884cdd77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c15d33a9508923be839d315a999ab9c7 |
| SHA1 | d17f6e786a1464e13d4ec8e842f4eb121b103842 |
| SHA256 | 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 |
| SHA512 | 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 40bae2e96b69fe58b121d7e6938ca0ef |
| SHA1 | 865ad4d08f7ce3e6b64906b9f12d5d2dd3fc1d61 |
| SHA256 | def24518b45222080c6cac48429194bbf6769acaa8d5d046d184f6800d4e6154 |
| SHA512 | 9bdbb6b5bf9daae21130bc8bf052ac705cbdbef198482adf7ad3ab3a8042d577cb60b5d0116eca3174469dd067ab91afac7b3567271de21ccba7ddc3733b966b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | c971c780267d5b469120b497db586452 |
| SHA1 | 531f1aaa2fda20ccc72e359f9c60fff68a74868b |
| SHA256 | 14d2f0860ea6336ee9dcb02d274e18b0a0fb05fe76c40d4a0be9f6732821300f |
| SHA512 | 3f504d40867774bc4f62357a1a991224d6138bddf54f89db9f14186f133e959349f66200c7896a392c4c366fb2a3dfc3b4237e81943177ffbf090f918e762404 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 61961c768851ca32a9cf38e8f30c7277 |
| SHA1 | 5e0a7018de235bc07ab09aab70056fb7edf23136 |
| SHA256 | 51dc07699694a66ad46960c186aa00fd12dd8b4e55f209839f85c173b436984a |
| SHA512 | 45a98eac5f87b2df41b3d0a261c48fbd11b7200411aa29dd565ba4395c80c613f6831b2515eafe5f7b778cb6c060e68dc310f8cab144251759155154f5e8574a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | c76df204f7cfb4c5a61052b1b497e802 |
| SHA1 | 86218cfe21888918cdcba444152bc2276302fe6f |
| SHA256 | d149a6f793a3e06be999b9625b885507312ac454e59699f8a41403cabd88e136 |
| SHA512 | 8413a194e72803c4a0921a2e933c094206ac91c7ac8ff9de8723aa9ec89937d2163fdfbaf3366d4699495f5fd039b2e7c41d789fcebbf33e21749c139cfe66e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 35bc5a79bcad7afe5f11fede9447b784 |
| SHA1 | fe5be320827f27490393126067470bebaddcc836 |
| SHA256 | 2bdd685ae4f92d871cc525437eb3606d7f40162caf2e1adf8f620127648c5aaf |
| SHA512 | 62e76dfd6be19d290fa0320e04f8b1a48d9ef2d33fd252d6da50a6231f5469510ec48bbc5aca745087ffcf7dc30950b50aa87d8c5be4fb14235997cd6daf1e5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 2bf44080957e5d7552e6e4f36dd55652 |
| SHA1 | f413af4b336b19710bd76168cd2d1f39be0a653e |
| SHA256 | 8621574f773a70374d42fade3865ad3afa33d31c2256a9935de61fa1eff65f9d |
| SHA512 | b47201404e19fe2a314dad8788ed6d2e28ee79b50bff1d0dd805356a969d4b2b7902be73822881627698a3b8fcbfebe733358172c23a8f225a642e1764952857 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 4df004d4f2d2f7921ee1ab1e16eec7b7 |
| SHA1 | 39489b65493b9fe9883f359e5fab5170c9d9e1f2 |
| SHA256 | ecf16ba0ebf68546464b4d0e8e47a95b961423e47413c25e5a5ba73dded2ffd2 |
| SHA512 | 09563045bae58061067227f649ebfa4a334659b1a4bdb9164377b2d6bb85274afb57d260609528e089533bfcb9ffde4ebe8e945323d77ebda5662e7cf7acb83c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | c2ef0b7fc3c86ff987368bc05e66511f |
| SHA1 | 0ae925fb913d4a07d3b5259b88182f83d210750a |
| SHA256 | 5194a1ea73958a6dff29a73d5f583b3d689b4cfbdbb4484842ed77b204409813 |
| SHA512 | 835a7a424469b428cc390f97c36e423ac6f05304bf25045dd84034b6a2b42489ddeed9e24f9c1eecd19e893c6eb021d8a782f07b27e1c67781d74e1835ed94db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 89d3b9bf317c62e45422276b387d3c2f |
| SHA1 | becb39f56997fed9bb9d08228762629275c608e3 |
| SHA256 | ab99996e1b0942c3412330becdc643bdcc019b495455349a1d1034fc5d4b4c42 |
| SHA512 | 8965a87a6d42895e0f5ced0526dae8d3eb61baf3fc8b45350fd4c91f3200235b4a2aacba5f5c0340c66080ddae23fe794680d11cbc7d2cd5371054bedc387ef7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 510b859fd9599d6f9e77958bba751977 |
| SHA1 | 00b322f9fa7b2b1cf25d884cf64d8e50cc0d890e |
| SHA256 | f176b522ff863ec61c824b484704b5f9caea0b0552bb84343daa3959535f7cd8 |
| SHA512 | f230f49c3c66e6d79bcdb2e030c098bb14daab004373403cf78cd991fbb158a9dfa6b817152c5114b99db65c75127758ce8f06d378088894be3605d70c7f1a9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 2b26777a8125eb2007c83aee56382e27 |
| SHA1 | 6ccad750f1c516344251a39b3b4247cc4f47cdee |
| SHA256 | 049f5d82892f617ab1bdbd5b986a7265207cbb86b999ca2951703481701c4102 |
| SHA512 | 919b45676fe93124eec9841caa86cbcb36560948d02ab5f1c581e3ec4f83ea15644c6547d822036237fb0f5816047ad32aa115571b6bac17d742b2aee7c1bbe5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | b0451c915027f111a53a45e51117576e |
| SHA1 | c2745cdf6098b55b7d337fe735043a1daad6d013 |
| SHA256 | 2aa869c5a534f80e58a48de1c171554872e09f18282fe5c9af152a9595e88f30 |
| SHA512 | 19de22bfc1bfeaf70cb8276bdca8c036031566bb646acb772cded0cb4b73c931d0d58052ac1cf50ed0f55760840080e109707201e146c7567f03f0de60eb54c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 9e86f9a5c200c437116892f5f9cccbaa |
| SHA1 | e5f43db18659e7688646407aea7c1823624adb68 |
| SHA256 | 1aafda47b03b956fee00933e870311dc4f6ef0953711bf00759d145df85b16b7 |
| SHA512 | f9a926f93445877adb1800b98c47b657606bd62ed30a829c589ff0988c298045647cc2c77c5fad27e62ff9cdaecd88d02d37d097fa1681a35bd4033382bf9edb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 385133e1f17d2ba4851136b4482263ff |
| SHA1 | 15944d8c1a1fa09a185f5c53794529bff54e05ed |
| SHA256 | 46869d499b3e6e3d4518aa8d4859a9c14296d5635b170a542d717a40d44d7cdd |
| SHA512 | 474afffd994b7d2c7e2d92bf2043ffbca92d462a479fc2b6688e22d2bf22ca5cc432cc41342d22219daccb4f50a1a6ebc5b67e6542f791628df2274ee0bf742e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 461450657eba8fa11fcaeaa763403374 |
| SHA1 | 610e911515d51365286beb3be81022ecd7849caf |
| SHA256 | b13f8e38b446438af04a483764ac72495c6a44b85a2257555b156d8395aa4fc1 |
| SHA512 | f303bba6553c90c5bd9f9a02148b987d0131f5b9190219a8f2ebeda6a268d716f9e8133c0671530b604de90e3e7d7aaffa7a2c2d38465de3f624266eb508dfe8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a0ea33f2de516f4a58c85f8b21ecc0ad |
| SHA1 | d412f04de09084ff2e38528972b4541cbc5eb8d2 |
| SHA256 | 4d7b695ac2d11dcb61d943afb97abe2e3a1ede8d20f173f80089a6fc22ac1710 |
| SHA512 | ff3d3f6b022fa0a546f58b00d6e3d68e07e973df7acd966aa472150c3a9fdca8d5f45d1e3a996a6ddb5fac873c0f438505c075a1cf83dad863020007c4ea8777 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f0a2e0ba8a422e4c4d8f4b8d900df936 |
| SHA1 | 94478ce8d31cafb77f1e639e2815b56b0e6c0d03 |
| SHA256 | bc3ac8b753a029b5184e6a6f64489fc4780b981b73ecaca27079b7b59e41fac2 |
| SHA512 | 8865d62a0f07391d7f19af7d0ee07396b4ea8985eff91d9c527a899ede78ac437268edc8c5034e38ab04aeb736286538d2c39a7f53216d5d8d94cf532e785970 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8a97bdc5363c9496e4c39814f583bffb |
| SHA1 | 3651416747422e30eddc2e408aee11541ea8328b |
| SHA256 | ffc71864735b3c6429b2bc11096b6089c57a93e700b25a22aea0ddb585348951 |
| SHA512 | f9369f1906ca24015a35be3fa8559c5a93a6ae489777b9c10ab57dc888df490bc5d2eb2d1aafcdad07cb2f147b7251ef9ef7ce51f1d294717e99622322fde78a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 882aebca2ccd143e35d9e2307bf827d0 |
| SHA1 | ea36264e551d7f057707cd1749ceda6a501bee4a |
| SHA256 | 11ca768ba50af7e0bf7ba6e981020d647a457059d6ca6a5ec048bdbe3941170a |
| SHA512 | 777584d7060bc885107600e91b3014e5e63888bdee393f22e58a50cf923ab8a35efe84dd8457915a3c296e7017da4a7729401c408387f413dcd9f8535efdb887 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a317af69522b6e1c20ce8a5f27dda92a |
| SHA1 | 1b1c7b43454b05accd03ca36033a82cb67c59407 |
| SHA256 | e03248d1a75655228bd91ecddb3743ffdca568231c0e926905d61be2961efe9d |
| SHA512 | 9f3eab507d7a5c2375081818530b19d3521942178342657853d6835f5620aea00932d9266d7673c2a7ba52cdafec2a3bb621c266fed98e09ed6c154a6b5a1439 |