Analysis Overview
Threat Level: Likely benign
The file http://wetransfer.com/downloads/42271682e2302a379561e3d3ecda5dd220240813105129/e1496b9d6dee610bfd5416975b77d29020240813105152/5df22d was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand microsoft.
HTTP links in PDF interactive object
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-13 12:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-13 12:22
Reported
2024-08-13 12:25
Platform
win10v2004-20240802-en
Max time kernel
150s
Max time network
149s
Command Line
Signatures
Detected potential entity reuse from brand microsoft.
HTTP links in PDF interactive object
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://wetransfer.com/downloads/42271682e2302a379561e3d3ecda5dd220240813105129/e1496b9d6dee610bfd5416975b77d29020240813105152/5df22d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa159846f8,0x7ffa15984708,0x7ffa15984718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5248 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5248 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5632 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x454 0x3d4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=6816 /prefetch:6
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,8754689980084640110,1492696914726380101,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6860 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | wetransfer.com | udp |
| GB | 18.244.140.9:80 | wetransfer.com | tcp |
| GB | 18.244.140.9:80 | wetransfer.com | tcp |
| GB | 18.244.140.9:443 | wetransfer.com | tcp |
| GB | 18.244.140.9:443 | wetransfer.com | tcp |
| US | 8.8.8.8:53 | 9.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.wetransfer.com | udp |
| US | 8.8.8.8:53 | tagging.wetransfer.com | udp |
| GB | 18.244.114.61:443 | tagging.wetransfer.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.114.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| GB | 18.244.140.9:443 | cdn.wetransfer.com | tcp |
| GB | 18.244.140.9:443 | cdn.wetransfer.com | tcp |
| US | 8.8.8.8:53 | public.profitwell.com | udp |
| US | 8.8.8.8:53 | ekstrom.wetransfer.net | udp |
| IE | 3.248.146.247:443 | ekstrom.wetransfer.net | tcp |
| IE | 3.248.146.247:443 | ekstrom.wetransfer.net | tcp |
| FR | 18.155.129.102:443 | public.profitwell.com | tcp |
| US | 8.8.8.8:53 | 102.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.146.248.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | auth-session-caching.wetransfer.net | udp |
| IE | 3.248.146.247:443 | auth-session-caching.wetransfer.net | tcp |
| US | 8.8.8.8:53 | privacy.wetransfer.com | udp |
| GB | 18.165.227.43:443 | privacy.wetransfer.com | tcp |
| GB | 18.165.227.43:443 | privacy.wetransfer.com | tcp |
| US | 8.8.8.8:53 | experiments.wetransfer.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 43.227.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics-v2.wetransfer.com | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| GB | 18.165.242.5:443 | analytics-v2.wetransfer.com | tcp |
| GB | 18.165.242.5:443 | analytics-v2.wetransfer.com | tcp |
| GB | 13.224.222.4:443 | experiments.wetransfer.com | tcp |
| US | 8.8.8.8:53 | help.wetransfer.com | udp |
| US | 8.8.8.8:53 | wepresent.wetransfer.com | udp |
| US | 8.8.8.8:53 | 5.242.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.222.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacy.basis.net | udp |
| US | 8.8.8.8:53 | privacy.audienceproject.com | udp |
| US | 8.8.8.8:53 | collector.brandmetrics.com | udp |
| US | 8.8.8.8:53 | site.adform.com | udp |
| US | 8.8.8.8:53 | www.adobe.com | udp |
| US | 8.8.8.8:53 | www.amazon.co.uk | udp |
| US | 8.8.8.8:53 | www.beeswax.com | udp |
| US | 8.8.8.8:53 | www.captifytechnologies.com | udp |
| US | 8.8.8.8:53 | www.celtra.com | udp |
| US | 8.8.8.8:53 | www.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | checkout.wetransfer.com | udp |
| US | 8.8.8.8:53 | safety.wetransfer.com | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | e-10220.adzerk.net | udp |
| US | 35.171.96.86:443 | e-10220.adzerk.net | tcp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.96.171.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nolan.wetransfer.net | udp |
| GB | 18.245.162.93:443 | nolan.wetransfer.net | tcp |
| GB | 18.245.162.93:443 | nolan.wetransfer.net | tcp |
| US | 8.8.8.8:53 | download.wetransfer.com | udp |
| GB | 108.156.39.45:443 | download.wetransfer.com | tcp |
| GB | 108.156.39.45:443 | download.wetransfer.com | tcp |
| US | 8.8.8.8:53 | 45.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lebowski.wetransfer.com | udp |
| US | 8.8.8.8:53 | cdn.brandmetrics.com | udp |
| IE | 34.240.119.244:443 | lebowski.wetransfer.com | tcp |
| US | 104.26.0.90:443 | cdn.brandmetrics.com | tcp |
| NL | 20.50.2.28:443 | collector.brandmetrics.com | tcp |
| IE | 34.240.119.244:443 | lebowski.wetransfer.com | tcp |
| GB | 18.245.162.93:443 | nolan.wetransfer.net | tcp |
| GB | 18.245.162.93:443 | nolan.wetransfer.net | tcp |
| US | 8.8.8.8:53 | 90.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.119.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.datadoghq-browser-agent.com | udp |
| GB | 18.172.148.233:443 | www.datadoghq-browser-agent.com | tcp |
| US | 8.8.8.8:53 | backgrounds.wetransfer.net | udp |
| GB | 18.245.143.47:443 | backgrounds.wetransfer.net | tcp |
| US | 8.8.8.8:53 | 233.148.172.18.in-addr.arpa | udp |
| GB | 18.245.143.47:443 | backgrounds.wetransfer.net | tcp |
| US | 8.8.8.8:53 | prod-cdn.wetransfer.net | udp |
| US | 8.8.8.8:53 | 47.143.245.18.in-addr.arpa | udp |
| GB | 18.245.162.40:443 | prod-cdn.wetransfer.net | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | donny.wetransfer.com | udp |
| IE | 34.240.119.244:443 | donny.wetransfer.com | tcp |
| US | 8.8.8.8:53 | 40.162.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nichorme.com | udp |
| US | 172.67.162.30:443 | nichorme.com | tcp |
| US | 172.67.162.30:443 | nichorme.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 30.162.67.172.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | greenrmachine.com | udp |
| FR | 194.164.76.123:443 | greenrmachine.com | tcp |
| FR | 194.164.76.123:443 | greenrmachine.com | tcp |
| US | 8.8.8.8:53 | r11.i.lencr.org | udp |
| GB | 2.16.153.218:80 | r11.i.lencr.org | tcp |
| US | 8.8.8.8:53 | 123.76.164.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 218.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.179.17.96.in-addr.arpa | udp |
| FR | 194.164.76.123:443 | greenrmachine.com | tcp |
| US | 8.8.8.8:53 | novinnox.com | udp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | udp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| GB | 52.97.219.210:443 | outlook.office365.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | r4.res.office365.com | udp |
| GB | 104.91.71.202:443 | r4.res.office365.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | autologon.microsoftazuread-sso.com | udp |
| IE | 20.190.159.75:443 | autologon.microsoftazuread-sso.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | 210.219.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | passwordreset.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | di.rlcdn.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| ES | 157.240.243.2:443 | connect.facebook.net | tcp |
| US | 151.101.129.140:443 | www.redditstatic.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | s.pinimg.com | udp |
| US | 151.101.129.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | pixel-config.reddit.com | udp |
| US | 8.8.8.8:53 | js.adsrvr.org | udp |
| FR | 199.232.168.84:443 | s.pinimg.com | tcp |
| US | 151.101.1.140:443 | pixel-config.reddit.com | tcp |
| GB | 99.86.116.119:443 | js.adsrvr.org | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 35.244.174.68:443 | di.rlcdn.com | tcp |
| US | 8.8.8.8:53 | wetransfer.com | udp |
| US | 8.8.8.8:53 | insight.adsrvr.org | udp |
| FR | 3.165.118.121:443 | c.amazon-adsystem.com | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 35.71.131.137:443 | insight.adsrvr.org | tcp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | ct.pinterest.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| GB | 173.222.8.231:443 | ct.pinterest.com | tcp |
| GB | 173.222.8.231:443 | ct.pinterest.com | tcp |
| GB | 173.222.8.231:443 | ct.pinterest.com | tcp |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.243.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.168.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.116.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.118.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| ES | 157.240.243.35:443 | www.facebook.com | tcp |
| ES | 157.240.243.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.243.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.8.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rum.browser-intake-datadoghq.eu | udp |
| US | 34.149.169.145:443 | rum.browser-intake-datadoghq.eu | tcp |
| US | 8.8.8.8:53 | w3-reporting-nel.reddit.com | udp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 2.21.34.129:443 | identity.nel.measure.office.net | tcp |
| US | 8.8.8.8:53 | 129.34.21.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.169.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| GB | 52.97.165.146:443 | outlook.office365.com | udp |
| FR | 194.164.76.123:443 | novinnox.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | privacy.microsoft.com | udp |
| US | 8.8.8.8:53 | passwordreset.microsoftonline.com | udp |
| US | 8.8.8.8:53 | 146.165.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nolan.wetransfer.net | udp |
| US | 8.8.8.8:53 | backgrounds.wetransfer.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_3840_ORMEPMBFLPRVQWPJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a2ec4ec1d8729b77ef78021827eb75b7 |
| SHA1 | 120d738002035718cbba3c339588b7e9c4f2ea7b |
| SHA256 | bc9848f87a4e4ea2baebc443115b15da2af9231e60fb0eaa3aeb70fb191c1fdc |
| SHA512 | 0d3721ef9b32d6197f2d1a66af202d8a2c5979df73e34612bbb0b509e3a8ddef1de591b04570fd0e70e71c4b04bb9a36c6905646164ef6db2d3aa2ffdb28ae7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 55a0855b438826927ead577b270627b9 |
| SHA1 | 1188fd1f7d218ebafece5e3840b2fd567be7ee0e |
| SHA256 | a6e144c873fd32064bec289230786f2762378361903fec8081e490ecb5bb7d8c |
| SHA512 | 7d1da19a6fccee5f39972a8b1641802dd3800118d653e3bbf8b9a515aa67e6838c606b9ecc25c8ee4173e424e06fa23a5e790f01cceec2b6fb4241a028bcec2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 079ce6f99575629aaefd90dbb529a734 |
| SHA1 | c57f49342ff9a4d8cc0822ec3989580b1d85e8c6 |
| SHA256 | f87471ede279cc442fae3aa50ae93ef42ce31a09f2af15248554954d5e633139 |
| SHA512 | c85d328917258d0436251d343c4521f9627566de4ef55c41d74f4a06f939270ebd34a184b00e29bbcda1c19584f6cc441dfa5adac164b9688549b0acca8755fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8cf5ac7efb4d206606685d3669418c50 |
| SHA1 | cc9d14f7eb60d7626763347a2222a95eb3402adc |
| SHA256 | 755add72d3b753ce016deff71f1d13f20b83b374e669ff78f4a0a6a8dda17710 |
| SHA512 | 44a473b719b060a0e5c7d3a9b1ed0fe5811c5d8f223d48bbb5118eb5b1b69c5677c06b3b1ef7bd4ebdc3efc76485d9669e3815f00958970a5ce261fa9b12024b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d716.TMP
| MD5 | 82271d8300e573807827271166b42142 |
| SHA1 | 2619f13b65d1c88776576b2dcb725806a896bea0 |
| SHA256 | 57d0d40e877fc030fdaedca5f0b5fcfbe662d036b5db774d5b227650e6759cf1 |
| SHA512 | 3803a7f17430c713f889393274514e9667e7033d228b090db3e6405a2cf8efa1d82c7675495ce8668cfb908938587f280993c2fcb98a605c12f35ffd5962bdbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c2ef4bebfaa39ab48f3f40ac9441c1ea |
| SHA1 | 9b81f959b47d21649be7e5ecdf00f69c424e3b74 |
| SHA256 | 0ef2705a7e83a8d4ef33b1b3b28c7b2fcc0d4d0ea219124d1d91974e152158cf |
| SHA512 | 09a735072d6c4081fdb0759b82f950a60ebf2f77949fbb66faa1ba455ee7bd357c04e7ae50cdabb7adfd77b2a260477d0e9f5dde5e78ef7f34e652320c9a8974 |
C:\Users\Admin\Downloads\PRODUCT PHOTOS AND SPECIFICATIONS.pdf
| MD5 | 700959de35ba43312837c4cb01076019 |
| SHA1 | 4c3d4a46d9a2c6e34101574ce92992ac58e8d6f0 |
| SHA256 | 6140512a0eb9f7449ba234b69c4b4ca38c9cf6e179e8ce312a84cefced9063cd |
| SHA512 | bb59f87085178791c2c0600dc16ce5280527b770a1bdcb908dd324c14270127ff6fd20354fc72c1a4c4924cbbca11079a06ed765db50fdb4b4dbfbb895088c8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3faa524d6bdbdf4ccb69dfd999b75755 |
| SHA1 | f445417a51cfe54cef51834de7ef0c79f6d243e1 |
| SHA256 | d9bb71d00a89a2abd65798c51d83fc7657857b6bd733288421e4f2ece36328a5 |
| SHA512 | 32cf24cf904bab8ddabf587e6507e8a8ea9707d50fbe5f71479ae1f31647e4dd5069f9e1f950e2e8fbcb5f5cd130b4a61e55f22f9c0f790e85e17b074c09f489 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 618a6d84f6c8ae758e37ea0ca0f41d52 |
| SHA1 | c8e5ad4fc882e35852b44ebba7448038a53f9ecd |
| SHA256 | 4a8e12b584fb71baf3b714303b677c9f3ffe06e3698e2ba65ef5c91e0db854fb |
| SHA512 | 8427b75a3c84e585dc2f63b1fec9003bc20499ec58c0e85d05ca83542d458b7592f3b33a2aada678ab9194cec40410658a27f85931654f9ab68aa08540bf5cad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 227f27c89310be03eb84b79225b55b17 |
| SHA1 | 6197d7a64a8fa8b4a17b58139d52287f7283d3e5 |
| SHA256 | f70662fae5248c015b0a56f7f867c50f34c39a73ed508cda9c3e3cd0c37fdf43 |
| SHA512 | 6b6df1635b9280bdd27c85e03a95150aa7e0d8b939b2d4c993af1c46b68ae6a0d8c9d96e989973fcb212154a25cd0e51ab364ec779e709745a12dffa0c9c627e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f47260c52c80b17afad1441d0acdddcf |
| SHA1 | 24e534d3ab66437d9892c89bcc6dfaaee1b0367e |
| SHA256 | fa6333107aff29a4473ca26ef65b1b1fd51001733620985ca84c5400880c325c |
| SHA512 | d0be2fbca7e5d5824c3d616ba799b208a1b6e491f45ea53f74bb770cf0b7ac4b61bb805d7becbef5ff3968d0042d7bdcb7a620c6edc98790a480ff42cf5d419e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 89782ea4d223f1e713e0eef740edde5e |
| SHA1 | fb8024153d7ab0ef5fbb294701466273fc5db9f6 |
| SHA256 | df6d9074ad7edc9157e75a1ed3ef8f8504e238d1ea396c163f75133f62145b21 |
| SHA512 | 9730abe5a1693ddb9d8d7e8706f2a3f363cabc2c08f38ad9d33ea9d74c2406f9c06506c76824cbfc899e279c54ee4bed94db905dbca00788f0acb1a7a8f4cfac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bb76dc8bd68e65cd8f0a0f505c611c11 |
| SHA1 | dcfb277d5bfe0fe53a32648d3e217e601aba1150 |
| SHA256 | e3f6c46b6bb5313139f3f8dd37d4d0ab6e18d6bd529dcaf66b7a5908e7895e0a |
| SHA512 | 556ea1cb503c72495e462d2c143c9535b714e1ba5023645635f2417de90bf7a4e8ef266d26175ec6934c2cc6ba72373483bfe529f4e75656f306aa2839ab3fac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 07d13e027cab36eeb0be2e4821e151ba |
| SHA1 | a3bba620970d11247d1b1d0c08da7280a55faca9 |
| SHA256 | b5a7551b35f87997275126561da211d6b2c2693ef52c798d08993e7cdd08b84b |
| SHA512 | 54fb02c2b6fb18204c3d7f1d47d88ebaeb7700c770577a2ac8873fde1c9b5d1e8087e1c622d6348e90e40ebb4f18ef1fe5391915fbda30ba58da2456d3c5dafc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e5808b061aa821d3995df8c31df7f8d3 |
| SHA1 | 88c09e4f55ecab5eca8dae1d64f3b4909c9e36dc |
| SHA256 | a58c5645adbb93e6f5b9fa73452782b67f5353c8c1bd31b2acb068427266e881 |
| SHA512 | 5a36b89541697d4a1ce1b430f3c54fdb91304cdfb110efe140441a964844f79ac660350eefb75f8e301cb88aecfd65c4949781a72a2e56fdbdbbe714b3c3d7ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bf2e893ae85651e08f3b05f734184811 |
| SHA1 | b720bcb3e753343e36986ac5a935f1f06d6f4c5b |
| SHA256 | 93bf3e2c5038f90b669689eb195650cf76263af8307dab5fe97f70f63d4f53a4 |
| SHA512 | 844a81dc627055f8e697636a833b21c6f169c25900c1aa0cf59cd5d387d7c2c68b55b29a50c9b273e55c86b11706130a05d01e14715595417540e314305462a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3eb111ba87a8278f48bf5a9771908dd1 |
| SHA1 | 72be58b079d02534609fb8e0d282b439906916ed |
| SHA256 | c78a60eb6f461b4ff28eeecf7599e3cf8ea98286f0142f27a243cde39a4de103 |
| SHA512 | 115cc5c907a3c88694d57a789d2ea379dd59e3b7eb9afb8cd4a2c808961c71fe36296d2c28ce8fb0fd400ff5d5d33dd88c88585e1a5c61bc3eddea57d16faafb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | bd2e2e36c3e54c28d1fd4280bb5df098 |
| SHA1 | e69e861aa766a0e228fc9ad415d073ba299ecc43 |
| SHA256 | 277d4985a83fe04079de37ed87d26ea71b270d4953146d8c247e60af532b271b |
| SHA512 | 8c4dca5da11efb3437e14f4a54285da6b00377a28a890a4cc8d8165dea82782b6dbb3b36c368ea80fdd820c20dae7c1d636dd9c978553260c6adf8e782c4a1a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a588173cdd7ca1fa2ba7039e88a3f413 |
| SHA1 | 617fb56228b569c0be2d8455b8f9e0d47d548443 |
| SHA256 | 5aaff40713e5c5c904acc0d893eed7a2223f05df7236c599928c187d04d0baf1 |
| SHA512 | 956385a70ac474188a23e08e1ad0c185d1a9614e26644ddb107eec4cde82c121d54dc4970501de221fe74f60db27e53c76f62e668e157af2bc454ca9c81c50d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6158afbee0db4833760ad14a26406fee |
| SHA1 | 7970aa23b1ab568a7f644b5adc393f6433e6d7a6 |
| SHA256 | aa3cfc119f940c4064848216b934eb320638eb69823afb3c852e6f7849951737 |
| SHA512 | 61f83c373cdb6c58fb33247b6ac5651e9abd7121367e23c7cb16b9074443ece13fefeab726620b5a6b2c90e033951325f528626031cb6e158154eaaace5cd44b |