Analysis

  • max time kernel
    184s
  • max time network
    189s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/08/2024, 10:46

General

  • Target

    http://google.com

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies data under HKEY_USERS 3 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 30 IoCs
  • Suspicious use of FindShellTrayWindow 27 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
    1⤵
      PID:5488
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4392,i,2904906934812054273,11716976550456127484,262144 --variations-seed-version --mojo-platform-channel-handle=4400 /prefetch:1
      1⤵
        PID:6084
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4644,i,2904906934812054273,11716976550456127484,262144 --variations-seed-version --mojo-platform-channel-handle=4368 /prefetch:1
        1⤵
          PID:1228
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5432,i,2904906934812054273,11716976550456127484,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:8
          1⤵
            PID:1348
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5468,i,2904906934812054273,11716976550456127484,262144 --variations-seed-version --mojo-platform-channel-handle=5508 /prefetch:8
            1⤵
              PID:5356
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --field-trial-handle=5844,i,2904906934812054273,11716976550456127484,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:1
              1⤵
                PID:2576
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
                1⤵
                • Enumerates system info in registry
                • Modifies data under HKEY_USERS
                • Modifies registry class
                • Suspicious behavior: EnumeratesProcesses
                • Suspicious use of WriteProcessMemory
                PID:2028
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.89 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.86 --initial-client-data=0x238,0x23c,0x240,0x234,0x264,0x7ff9c6eed198,0x7ff9c6eed1a4,0x7ff9c6eed1b0
                  2⤵
                    PID:4620
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2184,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:2
                    2⤵
                      PID:5824
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1868,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:3
                      2⤵
                        PID:876
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2452,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=2464 /prefetch:8
                        2⤵
                          PID:5752
                        • C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4512,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:8
                          2⤵
                            PID:5380
                          • C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4512,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=4540 /prefetch:8
                            2⤵
                              PID:5724
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=560,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=3924 /prefetch:8
                              2⤵
                                PID:4844
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --field-trial-handle=4624,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=3928 /prefetch:8
                                2⤵
                                  PID:5772
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --field-trial-handle=3440,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=3464 /prefetch:8
                                  2⤵
                                    PID:924
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4424,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=4372 /prefetch:8
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:1332
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --field-trial-handle=4740,i,8720808838451893558,7014363340223714487,262144 --variations-seed-version --mojo-platform-channel-handle=3848 /prefetch:8
                                    2⤵
                                      PID:1036
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\elevation_service.exe"
                                    1⤵
                                      PID:3156
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                      1⤵
                                      • Enumerates system info in registry
                                      • Modifies data under HKEY_USERS
                                      • Suspicious behavior: EnumeratesProcesses
                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                      • Suspicious use of AdjustPrivilegeToken
                                      • Suspicious use of FindShellTrayWindow
                                      • Suspicious use of SendNotifyMessage
                                      PID:4508
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff9ca8acc40,0x7ff9ca8acc4c,0x7ff9ca8acc58
                                        2⤵
                                          PID:6108
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1884 /prefetch:2
                                          2⤵
                                            PID:1368
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2196,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2232 /prefetch:3
                                            2⤵
                                              PID:4364
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2272 /prefetch:8
                                              2⤵
                                                PID:1468
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3192 /prefetch:1
                                                2⤵
                                                  PID:5036
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3436,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3336 /prefetch:1
                                                  2⤵
                                                    PID:2360
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4564,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:1
                                                    2⤵
                                                      PID:2056
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4848,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4856 /prefetch:8
                                                      2⤵
                                                        PID:4584
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5016,i,18400447610116160611,11728427872743804441,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4876 /prefetch:8
                                                        2⤵
                                                          PID:3816
                                                      • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                        "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                        1⤵
                                                          PID:5812
                                                        • C:\Windows\system32\svchost.exe
                                                          C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                          1⤵
                                                            PID:796

                                                          Network

                                                                MITRE ATT&CK Enterprise v15

                                                                Replay Monitor

                                                                Loading Replay Monitor...

                                                                Downloads

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                                  Filesize

                                                                  649B

                                                                  MD5

                                                                  573a3de6c6fcee10f543ec9bdf919dfd

                                                                  SHA1

                                                                  0451dae7a5ac1d3383e7c4806d812896f7c66d2e

                                                                  SHA256

                                                                  0cee98f6aef6e25945e2b6db116f29541180786b27588682f93cac4b144cbe4c

                                                                  SHA512

                                                                  fc5766e2853619c2c16e8ea036530ab4bfb2d118b60d4750e49394732bad2681892104569335f7688135ef34cb459b2605cf3819719f9e08a0010ba70c64e876

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                  Filesize

                                                                  1KB

                                                                  MD5

                                                                  1913eec7410bff10d205d8fcc8c5f8f2

                                                                  SHA1

                                                                  12b47dbab57df4e20bbda8bbc1badfdd6f7c4d2e

                                                                  SHA256

                                                                  3a0e6f5e2e93fb748126d178158a296780279337d1786a61db75ddd697236e78

                                                                  SHA512

                                                                  93b12b7d26d773bd9ab3271392442deb1eacac3317742f589f8d05fadfc20eefbaacabae62652ce08cc49de550fd64ee0f515c449219b1e1ddaab957108501ae

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                  Filesize

                                                                  356B

                                                                  MD5

                                                                  620a2fa3eb7f8f258544f605bc98e5c2

                                                                  SHA1

                                                                  74afae621bb14a5fcb600a847eb8802ed6be6088

                                                                  SHA256

                                                                  b63e341237d34701e158d6abbe9957de13d4e7e37377c7b42b8ce3b1b1b05d17

                                                                  SHA512

                                                                  f5253bfbeeb8e2554c9117dc6e21968f8d7c360412199540d3297eb4d101bc45d6ffa6bc390428d02d05c55fd46ff0c3a5ff36b10f22392f18b2a9f38acc0c79

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  9KB

                                                                  MD5

                                                                  49d70641f87aa5d7fbf5fce50dc46647

                                                                  SHA1

                                                                  deff86b6a0e6fe7786d32bbc7f0cc3980ab75f77

                                                                  SHA256

                                                                  f4da11275e75b2b3c9ed3e04c1237f8fe18f96aaeaf5d00c44a1cbb219fd3825

                                                                  SHA512

                                                                  df9b19dfafe6af808d1c238757e285a224d3f595ba42a1efa6fb0d8487a48e56fe30869d670f6a0f45eae38feb0e056292569d7b486ab434070dfb6726097514

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                  Filesize

                                                                  9KB

                                                                  MD5

                                                                  c38f26c07c252080e181816181bb4f36

                                                                  SHA1

                                                                  963ebebc655a83e4daf348f13704bdc7ed27087a

                                                                  SHA256

                                                                  88ec3b7029a7fe22ef58be1c2150c7362aa1a32415fec7bbeb361e2500a06145

                                                                  SHA512

                                                                  5d71e9896a2b163c89bd414c6eb4f8abf43232f27d7d72a4e97771d47e85a675bdda2a98be903273498a37c89b8906871a7b73ae01fa6de9310e644ea6857ed4

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                  Filesize

                                                                  15KB

                                                                  MD5

                                                                  cf8fc715a9764b7645d3dd7477b653d3

                                                                  SHA1

                                                                  6a817fbaf33910545be9564edff73231126a3af2

                                                                  SHA256

                                                                  04283d5c78e76c6dd7d092ebf8e1fdec4cae9a210b827c7a87c508347c0180fb

                                                                  SHA512

                                                                  cdfd708b2db286ffa9bdd083ed47b327d387d312f5c801e7e173b9a23a470950853d05be46c71e509915c30a20399e6af6cbd1ee97966c885d617713e47a4ad3

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d683ddf7-56cf-4f1b-b0b9-122b4e183f17.tmp

                                                                  Filesize

                                                                  1B

                                                                  MD5

                                                                  5058f1af8388633f609cadb75a75dc9d

                                                                  SHA1

                                                                  3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                  SHA256

                                                                  cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                  SHA512

                                                                  0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                  Filesize

                                                                  196KB

                                                                  MD5

                                                                  c4384106dc3a4e7da207ff49ee661723

                                                                  SHA1

                                                                  9138f32e176ee9dd50000c528f339c35eae3939a

                                                                  SHA256

                                                                  27e66d3da9b3e5a5dbbc0bfcf2a979300c86a7b9d9f5f32d62407fc18df57fcb

                                                                  SHA512

                                                                  9ce82eca410a806c9fabaf471413feae17ef101d5f82153dff714a97eb5d3fe1fba9b1531d1afde7d7578396c920e694eea2d01ba5afd3bfe8aeffa0e2638543

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                                                                  Filesize

                                                                  264KB

                                                                  MD5

                                                                  f50f89a0a91564d0b8a211f8921aa7de

                                                                  SHA1

                                                                  112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                  SHA256

                                                                  b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                  SHA512

                                                                  bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\c8e8ac2e-d024-4b7d-967a-f76a67a420fe.tmp

                                                                  Filesize

                                                                  196KB

                                                                  MD5

                                                                  0b687c2e95c1447d6274764ee85ff03a

                                                                  SHA1

                                                                  82bcf6290f34f6ffdcc0943b1eeef0eca9e273f9

                                                                  SHA256

                                                                  5c59d49156c6d90bcb2822ea624bac5305588466376b673d5af6096273bcbfa3

                                                                  SHA512

                                                                  e628ea116554c9415a55daadb4b94507f7ae48acdc2e50d5ea6297f21ac37ba62c2f61c82badeded46f4bbbc5a7deb93130584b1202974a8927ca603aa854717

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

                                                                  Filesize

                                                                  2B

                                                                  MD5

                                                                  99914b932bd37a50b983c5e7c90ae93b

                                                                  SHA1

                                                                  bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                  SHA256

                                                                  44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                  SHA512

                                                                  27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                  Filesize

                                                                  2KB

                                                                  MD5

                                                                  cd9f183c02198a93372fe74ca7e9dcbb

                                                                  SHA1

                                                                  37172e72a746277da86d7dcbd3aabd06abfe7eb6

                                                                  SHA256

                                                                  ce6a0a58338f0b3c116df5da348f2cf497050c2fb99223981f87ed3d0a9cd5ae

                                                                  SHA512

                                                                  fe31c943d2a26fb36c1a3fcfdd00324af526681b6c6603f0a684626db37d1a1bc43f59253d3a82456d5abcb6d4be66c8f107b68ac21eb28064bc67e8d8d404f9

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

                                                                  Filesize

                                                                  2B

                                                                  MD5

                                                                  d751713988987e9331980363e24189ce

                                                                  SHA1

                                                                  97d170e1550eee4afc0af065b78cda302a97674c

                                                                  SHA256

                                                                  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                  SHA512

                                                                  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

                                                                  Filesize

                                                                  40B

                                                                  MD5

                                                                  20d4b8fa017a12a108c87f540836e250

                                                                  SHA1

                                                                  1ac617fac131262b6d3ce1f52f5907e31d5f6f00

                                                                  SHA256

                                                                  6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

                                                                  SHA512

                                                                  507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                  Filesize

                                                                  11KB

                                                                  MD5

                                                                  711299b0b3fc14f351b790145b08cab0

                                                                  SHA1

                                                                  00f3c190301b6bcf9c38fd644517cf036fcf876c

                                                                  SHA256

                                                                  1678afdf90b9700b686e046219ac451371ecc43d0780a3ae4be6f0be70601fc5

                                                                  SHA512

                                                                  643a5e8c9cdcb18ef38bd4ce0e4e70d18c8179aaaf50623b8e9b7756a82929ed05f1957e2cd23a591eb81d788fcfa0b6a6484bb49d15a1e0bbb6c88c1e7e0a1a

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                  Filesize

                                                                  30KB

                                                                  MD5

                                                                  0699bbe7237963ed1941e554f1ad35dd

                                                                  SHA1

                                                                  1fd8ef4bae44298a8ba67baf280209582fb8778d

                                                                  SHA256

                                                                  fe4a48454b13c22af0aff0d24b15afeba076e3dc3dd809a354cbb950f09ea1b2

                                                                  SHA512

                                                                  8cf4c57d844f02e32bc3e175a78f8046abac11bce5a49902ad223dcb7b0e9ba7ed456a866a00ef012e9376be84e825ea07fc3de8be58252414330a2328a7103e

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                  Filesize

                                                                  38KB

                                                                  MD5

                                                                  96e2d02e2c3c5ca505b675bef3ab812d

                                                                  SHA1

                                                                  911b460afa18ec160fe88d0ec30479963b1bc08b

                                                                  SHA256

                                                                  99f4da620b32c9fc2816772798c195f3184a83bbd71a5b83095fbf13916627c4

                                                                  SHA512

                                                                  5879bda1166613a5d863dc209c5a53d73fb89e706cd59a8a43d97c55d11c2e78ed601598673cd50d80570f5ef76c812dab38493f367d7adbbcb03c2d64ea3a99

                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                  Filesize

                                                                  46KB

                                                                  MD5

                                                                  583baadbb4808962d865b0d02ded9351

                                                                  SHA1

                                                                  4fd107fafa80d0e998ac6aca6a43d74a66a86518

                                                                  SHA256

                                                                  b49e89e907a534a1f2a0238801525966d0d35aed4c8949c271da051d8cd5bc0d

                                                                  SHA512

                                                                  97f1ea8854805ec51839075a396aa0ea72b1f0fd8776a9dea4e9bc46d17db4c3f5f40de64972998006dc527d3050d650ce2e30a6796071168888a528581e1d16