Analysis Overview
SHA256
92ccceb6670c47fee7e90337031245140194ee33759a552cf5cf689f5cb03027
Threat Level: Likely benign
The file sample was found to be: Likely benign.
Malicious Activity Summary
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-23 23:06
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-23 23:06
Reported
2024-08-23 23:23
Platform
win7-20240704-en
Max time kernel
837s
Max time network
838s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c7000000000200000000001066000000010000200000003fd63c924bb9a8245b81110b9469f3322b9071233e1f013725f8b2e57964d372000000000e8000000002000020000000b2549401d4ca0e3ceae927a24c38573e7134dc39574134ebae02fc333ded4881900000003cd3e378a214ae6ed859c1ff0bc00c3e75d81e9716745f7c1081a0609568359805b398212e83ac694bca7cd85a133cde46352d6a7491c6e5a5c16d4d0c2f93f0bfdf665d3a9d0a684eb73663929862e9fe9d88a3244c8a4d0497f7f8cf916247cdf91b901eef4a4295a057c984c2c211b759971e173df6c918bc481415fcac86463ae2cc33717d0abaccdf96de13b010400000001086facb8c5689fd0725ac8acdbfc6d54405c4be37ea285443704749f322cfdf3c01896234ab49b885cc7f85e04722b51b400d9cbb96e3390fb811c7ed372f98 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000043174f1aa2314a47aa677ebd5ad1f6c700000000020000000000106600000001000020000000cf16293f5e92b623d5ad5b5e707b9599517d3fa59b7e3733b89968391fd09f14000000000e8000000002000020000000f4fe2db713966178b039b1f14453ac04ba5bddecb7641d20f0b5e5ca280126d52000000010f92755db75ccde0efd748742e45df937e24b539cfdc6559ea448ca3f00af8440000000bcce866232c07e97a0cf78f6ac9a370e7e828fe78a14e062e97e3a6c28116be21ac7966fd58049d62c073b7f93d734a0511ef73413dd8129382ad031b26db22f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430616254" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{53595931-61A4-11EF-AAA3-7AF2B84EB3D8} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c0a8dc27b1f5da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3294248377-1418901787-4083263181-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2508 wrote to memory of 2676 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2508 wrote to memory of 2676 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2508 wrote to memory of 2676 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2508 wrote to memory of 2676 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2508 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\CabE0EE.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarE170.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fe9d768ae4e0bd54f94b8a4814697f29 |
| SHA1 | a82f4a890d4da7522e885c8829ba55ab6e20c1ca |
| SHA256 | ce23f85bc31300d33a906de41dd3c04bdd49dff8de8f9e203ef1aa495c906fed |
| SHA512 | a383b1d029268c9e1bde400b74e75831ed6d6b8c67e37a1dd678afe6a68fef2c623e08edb2f70caf9cbadfefd0a55842c37779230773733c94166acc08b7d651 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fa13392771a7639cbddb24bd5946e5ad |
| SHA1 | 3aad402d48f5d91d66ba4feaf2bbd41a9dbbf745 |
| SHA256 | d2c241e6f91051ea7b8da15ee92f698ec71110751d67054e0ce2b690a1b5547a |
| SHA512 | 1510e2212632c507bb5bd6078dd183dad31df2343b2bce056dc42d51acaffc8240cbc42f72fe54961490d73da28d6c1692efdf5c68aaf05323bfb12566968551 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 04810f338b27bdd2e8684283ed4dab1d |
| SHA1 | f7680a43621c4d496fd899308a00206099bf4704 |
| SHA256 | 117c23ce0dded7a4fef2bcad6c0c12e8a613e4d71a86bb8051bce43e3cf6d643 |
| SHA512 | 8cefdc612d7512adc938812a5025c9ef85c8dfa17f4cf5f2637b32cc9ece4e8415e7877f814b84749e4dd4d86598ff367f25ebac97d8e860baa8f2e8fc37030b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 80a02657c7111fce859049a5e0035ea0 |
| SHA1 | e05f06335819c069ddf1d9a344696d6281421a89 |
| SHA256 | dc14e0c226008d0aa9935a744c5488831efbc92f74c84a4d3316ae10352fffb0 |
| SHA512 | 99e52254f66994b101ceac131bf63ccba19388b8320cfccf88109463b214fdfe3c52e82578484608eda358be74088b0353c22c58f3f37b4896266eab7b9e426e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1ab7e9c3e4acfbdb4b8d9a91faf60683 |
| SHA1 | ee58ce45bc1caac1660a3bac1a43ce86eb41436c |
| SHA256 | d551c52702d94d9ed0536085f5279d3e38c3a0285e76a23eee6529d3a6e2de9b |
| SHA512 | 6f47b07c8c69f33a21977881bf8578969dd8ac21bc86309d740efd9c6dabf68a0603f8fea926d9dcc585d7fdd2421ab719421a143fb0bc554c0cad2ded78c15d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1c16e4ff01ae4de3da157540e0461f77 |
| SHA1 | 493a1d01732c8ed57b777e0c82551fc3af7536d1 |
| SHA256 | 2fab15bb4236611dc8a9596d4bf98e6bd851b0cb96c2c717b4c45fdc8a257c82 |
| SHA512 | 3e0ac692c9b6193ae2178359da6c2ad375fc00eeae920279a694552b49aaf538e111f9fd91b243e6d0bca12fb0880cf241be760a626c12d4d72af0258973e3fc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f089a73f25bc936ad884fb2fce9f06a5 |
| SHA1 | 204b03983809a307a26b93b25d78ac03360c1bff |
| SHA256 | b4b1ed7406f3b466c056ed4829ac5c6d6511e09f070df07fa3af3e3e9bb6975f |
| SHA512 | dfeb0891b078c5aa60c63a204e86e325ff5222ade00b768f44222439b7eb16bac3ba84dfd60a598d99feb350dd548dcc6f7f2f2d0d14f3f0dfe84b8c1d372ac0 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8fc51ebd00e99627e52679f0d9922af5 |
| SHA1 | 5dde875988aa2d0249838fd1b77b3493384eb905 |
| SHA256 | a848e5a01b4bcafa954b270c813057aecf5e5b837b7718e969e274eb0bdd6f19 |
| SHA512 | b32e50927695f4e4d28dcd3481dd21b82f8159817d8601fc76f91d0b5b8f09a0ec11c1b12439fc14dece3734b88420475630b6558886bc09562a3f1e660be0a1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d06e2c81e0674f5d81d96fc2f859e5cd |
| SHA1 | 43ff2faef2ecd5497b9298ab1ab73ed5c001212f |
| SHA256 | e333a7d2ecd031f1d3128ee5007ae85cacfaaaf9f09b67d3fd7f0206cb8dc7c4 |
| SHA512 | f6888df8a1a8afa36339d4976141bcd09c2ad0e6add5103dc7e1348762971e96d2a3c6d5c38a7d6063027b876ae06b822cca0a72b73fa7062bdbe65062064fec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5475f63ea2f131f480e6d2f28d00eb80 |
| SHA1 | fd9a511eea3a3e3d16cb8ffae8c17ac054f0dd44 |
| SHA256 | 8f6632e8812586bfce6cc4b249cae988bd2599283b7f61afb8130eb6312861e3 |
| SHA512 | de37e73e2ed6ee3ff4e30c9c42ec352dd2009a3ae0e2c0f78b6ac5478691d72356e113c38dfb4b2a50e64b508dddab38b6100f52216a80a21ace5f9561ef850a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 902854a235652d416d33b3bc7f2d7da6 |
| SHA1 | c05a9c964988f954c2f157dba62f07276346796b |
| SHA256 | a2d358a3c2cc28c0b0e09e8968bc058da8d08dfa8a858a1db11ff8e347cdc0b0 |
| SHA512 | fa1f37d1daf16e86510abe3a6b36bf72a5ae075ea202d7c33331864a1d8e8b95241aeb673e0bb61495652eaa06c801f00df154827f32f5895fb36c5f25325879 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5f66083094360332c7569c3e2cb63b12 |
| SHA1 | 2bae35946e54cf750da255b387b1d0a659460e8e |
| SHA256 | 8de2a57a8381ce1e8df0284d3b04b6d505937a43d075295b7b311b99e1215ffb |
| SHA512 | d19a9bdab59897feb0b7081d38ce9a042065503a17b9e91d7635057bbf7f3b4d57d4adbb4b2a1bb0d991fa5b4cde327d81bfb54f2ce536770217613211dd7707 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67de7f7fce717af4383a27121f7b9dee |
| SHA1 | bc6a2229ba88575cb0a401f9f8b8842c5e5b6e61 |
| SHA256 | 0e6b8dccbccd8677874a158c15b7302a008cb3050cd123facaa402e7a196c193 |
| SHA512 | 0dba20e29e4f6652e995632cfcdf835ec9dd6d6ff0d7fb2cabcf2c5995945681307af12717aa1eb0be751cd23037442d8795f9dbfeece12003f950e3b2bb36bb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4f9811e49b692a3d060684450d35e56d |
| SHA1 | c5b8e7823e6ef1902dc57dc3f888fd0df2bbefbf |
| SHA256 | 3f43b9bef4178f995fd645808a4490aa529bf742bf67943dde7785038a3fb019 |
| SHA512 | 07629cd6943e6d4d44ec801bbfb8d50c452a7451afa17fce259bd9cdd089471a4acbc8fbff2b95db818ae1e9b2696195f98ec630bec84075999f331f1349b4b8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0b851546b6969d08affba43623c2d543 |
| SHA1 | f1619d387d456c3954ea008c865b9584d9fdb13f |
| SHA256 | 07c9825d551b47159bc03bb46fe16334a0939cba77dcd9980208e5c8fe6cd2c3 |
| SHA512 | 7c1c1eb22b8c17c1e022c7277e89a611701d68f43f6c8004d61d11495879e2a324631eca12008a699e298fdb9d4a2d6e042a6ddf10974bab11ae236fe13e6f5a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c13f2d2b0791a134cb3ada96ce9a16e |
| SHA1 | 7f8293c1ce6b868963df220cdc448cb3059274f6 |
| SHA256 | 58d19d39955e1843fafad233df6d7b5e01cee2bb7b34fce14d96f0249e14b650 |
| SHA512 | f13205583a711f1cd008e329d56c81aff696ecdc3bc55e91dc3a8fc8c16baf680012d0878f70cf5e63f68e80ee27d4c31dabbebef6545f83754a4a7eb4b4039a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea4516c8f2e91b2347a68888828b0ccb |
| SHA1 | 8abde9023e307de8e4ead0509adcffd853300212 |
| SHA256 | 58f18ac992bfd613f1f5e428b1d6ac00fbfae7fc1dbc45554edd6ad869aa49eb |
| SHA512 | e95beaceef9e144d066bcc9708a25d5cbb600a546271bfc21affad893466eaafb25f14224d6d469873c94e9fbf3fe1973581e60512f19ec06a4c25ad99c77ccc |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c74d23ed345ea9a402ddae52789f5fb8 |
| SHA1 | fe72ec1ecea2150f42196079406c8505b793c1a0 |
| SHA256 | ef3d6ab96ef437a1e2f860bb549dae660b07b1307afa8a959e4c09d2be2bb620 |
| SHA512 | 96ca97918b71c2f22a4bd50c71d114515e9dd28d61d1e48aee5f789fbbbebc254999f0a8c6fb8640fed11476f88cb06d67b0c45c9e4ac9d74fa1694163780d37 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8839d4c80c63322c9207a484d28f38bc |
| SHA1 | 9cc9f6d0b829b98026ee77b5fd3113f175b01938 |
| SHA256 | 252f0dafadec2d8daf33bf481ed2e09aae20c265ee2858f04d73fb7719d19c0c |
| SHA512 | 6d7316e76d4d9eeb6ae539e4b835edf95cd064068f8aa135318aa079a216178cc7e9584119aade43c58aa426e77019f94e661cf3ee7f1db9f4025d3c1cba0fc6 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-23 23:06
Reported
2024-08-23 23:09
Platform
win10v2004-20240802-en
Max time kernel
190s
Max time network
191s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2412658365-3084825385-3340777666-1000\{9CE95BD0-790F-4C66-A105-DF986773F141} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeadb946f8,0x7ffeadb94708,0x7ffeadb94718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2548 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4836 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4228 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x418 0x33c
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7052 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,7083036029704473728,2371265519327299103,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5588 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 95.101.129.194:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 194.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 233.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.75:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| GB | 95.101.129.233:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 88.238.56.23.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | aniwatchtv-to.com | udp |
| US | 104.21.42.66:443 | aniwatchtv-to.com | tcp |
| US | 104.21.42.66:443 | aniwatchtv-to.com | tcp |
| US | 8.8.8.8:53 | platform-api.sharethis.com | udp |
| GB | 108.138.217.99:443 | platform-api.sharethis.com | tcp |
| US | 172.66.132.114:443 | s10.histats.com | tcp |
| US | 8.8.8.8:53 | 66.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| CA | 149.56.240.31:443 | s4.histats.com | tcp |
| US | 8.8.8.8:53 | buttons-config.sharethis.com | udp |
| US | 8.8.8.8:53 | l.sharethis.com | udp |
| IE | 52.208.158.54:443 | l.sharethis.com | tcp |
| GB | 18.245.143.68:443 | buttons-config.sharethis.com | tcp |
| US | 8.8.8.8:53 | 99.217.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.132.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.240.56.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.158.208.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | datasphere-sbsvc.sharethis.com | udp |
| US | 8.8.8.8:53 | count-server.sharethis.com | udp |
| US | 8.8.8.8:53 | platform-cdn.sharethis.com | udp |
| GB | 54.192.137.78:443 | datasphere-sbsvc.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.165.201.46:443 | platform-cdn.sharethis.com | tcp |
| GB | 18.154.84.3:443 | count-server.sharethis.com | tcp |
| US | 8.8.8.8:53 | aniwave.se | udp |
| CA | 149.56.240.31:443 | s4.histats.com | tcp |
| US | 104.21.15.52:443 | aniwave.se | tcp |
| US | 8.8.8.8:53 | 78.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.201.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.84.154.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | scendho.com | udp |
| US | 8.8.8.8:53 | cdn.aniwave.se | udp |
| NL | 23.109.170.224:443 | scendho.com | tcp |
| US | 8.8.8.8:53 | 52.15.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.gogoanimes.land | udp |
| US | 104.21.40.145:443 | cdn.gogoanimes.land | tcp |
| US | 104.21.40.145:443 | cdn.gogoanimes.land | tcp |
| US | 104.21.40.145:443 | cdn.gogoanimes.land | tcp |
| US | 8.8.8.8:53 | 145.40.21.104.in-addr.arpa | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | aniwave-se.disqus.com | udp |
| US | 199.232.192.134:443 | aniwave-se.disqus.com | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.192.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.disquscdn.com | udp |
| US | 8.8.8.8:53 | disqus.com | udp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| GB | 13.224.132.61:443 | c.disquscdn.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| GB | 13.224.132.61:443 | c.disquscdn.com | tcp |
| GB | 13.224.132.61:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | 134.0.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.132.224.13.in-addr.arpa | udp |
| US | 151.101.0.134:443 | disqus.com | tcp |
| US | 8.8.8.8:53 | realtime.services.disqus.com | udp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 54.227.133.51:443 | realtime.services.disqus.com | tcp |
| US | 199.232.198.49:443 | a.disquscdn.com | tcp |
| US | 8.8.8.8:53 | referrer.disqus.com | udp |
| US | 199.232.196.134:443 | referrer.disqus.com | tcp |
| US | 8.8.8.8:53 | 49.198.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.133.227.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 52.111.243.31:443 | tcp | |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| CA | 149.56.240.31:443 | s4.histats.com | tcp |
| US | 8.8.8.8:53 | ssl.p.jwpcdn.com | udp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 151.101.66.114:443 | ssl.p.jwpcdn.com | tcp |
| US | 8.8.8.8:53 | g.jwpsrv.com | udp |
| US | 8.8.8.8:53 | www032.anzeat.pro | udp |
| US | 104.18.8.50:443 | www032.anzeat.pro | tcp |
| US | 8.8.8.8:53 | 114.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.8.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prd.jwpltx.com | udp |
| GB | 108.156.39.61:443 | prd.jwpltx.com | tcp |
| US | 8.8.8.8:53 | 61.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | c.disquscdn.com | udp |
| US | 8.8.8.8:53 | www040.anzeat.pro | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 95.101.129.194:443 | www.bing.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2783c40400a8912a79cfd383da731086 |
| SHA1 | 001a131fe399c30973089e18358818090ca81789 |
| SHA256 | 331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5 |
| SHA512 | b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685 |
\??\pipe\LOCAL\crashpad_4072_GUKFFXYCNBPIVIMW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ff63763eedb406987ced076e36ec9acf |
| SHA1 | 16365aa97cd1a115412f8ae436d5d4e9be5f7b5d |
| SHA256 | 8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c |
| SHA512 | ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cd631275139721c5dd4f762731499a05 |
| SHA1 | f31e5c439f9e3c4ea175756b1149ebf05ce56e4f |
| SHA256 | 9f815472d917dd0b9c4a451fd8f46e252b24b094f7d5e3b112bc71b5e7d4bbdf |
| SHA512 | cd4557a22e6767829547c46032611dd473d5eb7ab7aeedee100e6871d347351c1a6cb7d56e642c91144eeeeda330357c2937a3189358023fe221569e4d738f2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1946ac42dcf20f77453f478b3b3ee183 |
| SHA1 | a7cc43d8c7c0bb999cbd18107f78ca29ad57af9a |
| SHA256 | b0b1921863d37d78861c3bef285c009a6378a56199770f02e79d951ab5286f05 |
| SHA512 | f5e9d7e954431938c73207528710370a18326fdf5a916b7a10a9550184bf7cf40c147affd8b8f8c41aeadf8f1a89c0440ae2ba8ec051ba9be6ee9c01b3a4df31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 24375ba6ce8ebd9551a65ce7b21f11dd |
| SHA1 | 786bd48ba9970fc6cf0d56b0190fc37660e5792e |
| SHA256 | 850943ec5b0bb40a4fe5105decb10a25dc7ee493092755facc32cc847df58efc |
| SHA512 | 45330faeaa734c1b7b05bac0f8375da0b758c04fe0b9609fa64735156ba7be6f0a20cdd9f548bcf558128ba24c6230b85d1e7fe5e2d62182ff07954681d558b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ab9b4ba0232bd8877db476e3f9fa683d |
| SHA1 | 9ab7644510637edf8866fc6b36ac80d5e10eb117 |
| SHA256 | a9df78ef5d31372e8b62a13bbe1635d9cf980083191800a0f2e1e3da18e9ba61 |
| SHA512 | 81d71db63498c79e4bd720a7d3e551b7fdd9c9b41ca2834e5a10558cca867485b2f3c85d6f47d8e52fd368c22343456d3badf87df3cc30dc09d6dc5898369cf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 038c1f469deb6932520d09a340856ebc |
| SHA1 | 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e |
| SHA256 | 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451 |
| SHA512 | fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c4ab90503b8c622d00a777fcafb165b6 |
| SHA1 | 9edd60b6fff9626ca46c891ca0dfc51da9cf4a9a |
| SHA256 | 11178b1aedcde36c67e388089b057a89a275b0dd6b39f174ddbf90958b098ef6 |
| SHA512 | 2ffe9db2e4433f5649784fd4181c1ff2908a40d3613759a9a6a04e2ff7033116ad31f06e47ba68292e7342850e2b86ab25024b62cf420d29c7cb724c1c942da4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5848db.TMP
| MD5 | 29e9c6fcde0f37006f183cbe74c0b542 |
| SHA1 | a8f61f18f06076d7ca006fab8547b54aff5cd39a |
| SHA256 | e724188ddab271b40f94a003c5c1c17b14760e5fdfd0dbefb505dafed8495a32 |
| SHA512 | af3de015af847c813fa6ec4ec322bf24c4694cf74555e8c4e6c93271d647266540d37a71670ef56e8982446191d147850c17b833823211845da021c6942352ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22cf99043b7fb4aedaad6f0c10dbe74b |
| SHA1 | 1115a7d5f1011d66dfa14e0dc8ea144de3c532e4 |
| SHA256 | bcdb72ac90889fdccf1f9664d48f233ec2e109b216924b8078c8b8ece669d6fa |
| SHA512 | 317a3d7b224052e42f5446331574b9e95db52044c83e18306087806d88107b79c87e2d86b8e9e40664fe7f76c06d22b4a600b90f69f777ad2b4b41b17f38ff1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | f95a0faf6629fe55dba24478808491ac |
| SHA1 | c91fbfa760c6642f522038a7e90b9445cf8c762f |
| SHA256 | 3401a6c618e31c817b75f603ff2ecfd83b8b75e4309aa09007cad5e98878f1f9 |
| SHA512 | 06f2e5329db17deb104bd106cfc84ea2b321a4ddf64d6d4acf37462cc0d898530b3d913f2c48c7cc29063bb22430e9d12ebd6c9f8e32a2e980cd985a40923673 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 400f32cde5ca1e9ca9a1e510c2fd8c9d |
| SHA1 | c58d2b6f43e1b609d826ae332f0116c1d26cf544 |
| SHA256 | 4b5596057535cb55b74c820f591164230fb4da2e69bc5fa77855a00e57613554 |
| SHA512 | c171c08d39060fa97ef81f3ef8fbf4e9b841b85e65ea2ce773d0b9a63f4e1bcf5775797f350c144acc0ed2cb23c5cb4302001e54b919bdb0cebaa677d5d702b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 95a6f4ed6fba501dc7453db874bf233d |
| SHA1 | 9ec9cc812b586e2faab1c52664efa48ea0c6f0d6 |
| SHA256 | e7eede79de4d3c834d085525ebb18ff9e1bbbb6a34eec331e2a7e8d68344590a |
| SHA512 | fcf4ed51b29b27e65aea385909bbae5bb7267c4bb18c17dd2e4bdde2a1fb4974b764f4ec1a386a0ca0e21ba33108b008d6112c7bce7644cb47dba5219fe84bbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 76d91d1985ef1887bfc8c4e3edcbcbe1 |
| SHA1 | 1f082331e127d0a8af671da13cdd5913b0b1fa34 |
| SHA256 | da4daca50fd599240feff400e017d8c5844f9ce1e0e6f63cd76e4b1a3b499173 |
| SHA512 | e2594cd61e22adcaa44e09f2a045e1281ae1384f2c269db7f82b7130531c5e0d5c1133c5a54d59b14a37e028eea9ef7f82ffb44ba71c733a80a9800bb9f4e6d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c
| MD5 | 74d9f2c8f0c9769bb997839e688b77a5 |
| SHA1 | a078f50c4281a218a1794dabb3fb2aa2f3516d59 |
| SHA256 | 2d6d5a268e3296a7771bfdf4b4c0c3af27f243b3978e18e90c6416c030ba0415 |
| SHA512 | bf97e625b26801e555fb11d75eabd41b8cafbc48a345cba8659bca7396e1ca187adafadf850bc371bc93bf96d6d9d8d61dc53384ebfcec1618c1e7b347cc6c2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | 2b484be50a93f761e770f16208a463e6 |
| SHA1 | d9b31c38b76c7401a6fbad810a8940e1fd6eed55 |
| SHA256 | 62d96d013a2eb86f64f4b653b7a83d59c30c2f3cb7de2ae093bb9977d854e9ee |
| SHA512 | fec3ee4fa0d7528abd88fe87a7391a527ad0ecc433156972e9815665027c4ca4258725c9c66167bd140db659771ddfd0290bcdef94b8d2dc7c698c0dc6ff05b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 417c11243669d3062b805e3b68d32b73 |
| SHA1 | a7737c8d885a44ee67e364b5b424a7fbf23ed646 |
| SHA256 | c35fca8b894fd8ae2ed673a7b82317163efe23ee0cb85c3ca5cf4f60ec836df2 |
| SHA512 | 0d117856ac4534b806169d5c8b32a68814ffbb4f114081264c2a34d3260e18f54c64072ee2802154db76e87c188c2f5c99a6183dfefd65f359c034e1debe78ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6eddeab5713ed76ff1d6b10770ebbcd0 |
| SHA1 | 2e4f38e731326fb39f0581277270dc4ad0e18c8a |
| SHA256 | 75acd8262a12bc5e2774f9f2e29b62d3d6ff45451c055c4389ecb6949662a0a9 |
| SHA512 | c6861e461d587cfae1ecc4cdc6dbbab118cd6932c53669408e8af9931dd0f535435f8468a35a44485aa26dc9d21cc72f90564af887765f6ee88950058f037628 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f3a99c2b1dba6f809409a06514e4065c |
| SHA1 | 870fb9a0f221a56453113a2ef5936b3b226168fa |
| SHA256 | 5592c38ed1fefe6a353bc564fadb47961d1d540aa66f82f42c5971d01608c567 |
| SHA512 | d68d0921d62b9bd1a38a5f85d585b676144afec6d2213b876db4b3ec2cd696805661921ceddfdc629aefe7807e2eba90485c9a9e9305f09403609af707e7afbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 88fa86772e2aefe97136992f54351650 |
| SHA1 | c9a7a37f7a4ffd97df2de244094d4f332c777b0c |
| SHA256 | 36e96fd2399e7d4e1b4912a62257d13bb431a0f0d07993ccf513ce908978f806 |
| SHA512 | 5618a115f66d50b5b1c7d098d2a55450a4687c7100f8619a9b25f74a349990d5fb2a2f045728441c55a4dd9987a06781a11e59ae75ced4467de2d14e77b3ccf6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a25425d39a592e814088d0278bf3ef5 |
| SHA1 | 135686aefad51adef250a0ca41ce4ed94510cf5d |
| SHA256 | fc90e67590e930bbc6face8e65966dfa0340f7b2dffb2ed5396012deb5b79d22 |
| SHA512 | 839235a8aa575c063e46c687fb701a5bef283033cac49e68f514c9e54d4c624db970f0471045ac74ad3f620adba3227b36b6823e0e4667f87487e693a0577306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7d34f3730c9416d4ec5f8e40839d6b90 |
| SHA1 | d4da1bda327f6739e7347cf5403966d425af3441 |
| SHA256 | d4d46372a3a7f8192bbd003916bd5d183d4cd337a98785f0b1e97bdddd7b5db9 |
| SHA512 | 7a65722b03e6ca512d1977c5a67623466eddb979c7ae93cea7a6b15143aacfdb9536faddc69ce0688b4e2838478c17d20591dbc217fa129e5cc849d3cdda2856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | 82a5350fc7db268548d39428cb98deb8 |
| SHA1 | 19f76caa593e6720773c4594704d5c9b7c338b26 |
| SHA256 | 5afc494773d3f9a53f30fb71b0fd597e432a834270f8b6de98999b4da128bb8f |
| SHA512 | 7829924861f043139a110f62191686385c1d3cf4287fcb2438129d076f2e9228920ba65cbe19109fe32aa1e94cd9318b1eb93e020daa27647c19785381fe056d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006d
| MD5 | 47d4acde92a35f0800d12532d6eedd7a |
| SHA1 | 7ae06b29d7668900c5daa964e6cd2f6f454dd36a |
| SHA256 | 24fb1963303074be4df15ddc6fb01105da843c481f5238ec75881127e804b2ae |
| SHA512 | ec37b3c63eecccfa8ebfb9fab84e118d2e90efa1436b0d9bd33c5510f6e229890d085ea8bc2162cecf1fbacdac3c5c3926d7f71d1e3e3a92a5d8a4e35d89a649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070
| MD5 | a091d71d19ad9746c3a45ea923fe6424 |
| SHA1 | 2241f89ddcd72fb7f2453d2702602b8ed836ce31 |
| SHA256 | 217e52131053518e0528413d79cc2221423ef23c953fec2198ccdcecd8f4708a |
| SHA512 | ee3966d6826ab86873f26d980d894b962ef30492a40a226351b842a119023e46063312c32938150feb783b45a30aaaa16ca7b6e671350e07e2f204be475019d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 5ffd3ffc6ccda1244d6e3145e2f88a37 |
| SHA1 | 18c64fb9bb5ef69ffc2304bcbf90300866c4c255 |
| SHA256 | 45c9bf651e59eb923abfccae66a6132fdbad1e707b8a913f4a84a0019d0990fb |
| SHA512 | d2d1dded419b1b52c1a1e9709effb36333ee102261c22ac9360d005173b7ceaa6253455b5b901313d58aa262c1f4a7e434658cab4f06173c9576a53bf0698d0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075
| MD5 | 8eff0b8045fd1959e117f85654ae7770 |
| SHA1 | 227fee13ceb7c410b5c0bb8000258b6643cb6255 |
| SHA256 | 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 |
| SHA512 | 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076
| MD5 | 608471849f9473adb650b0bdad1f52cc |
| SHA1 | 9abf0be47629f6f8be140847242b37e647bf60aa |
| SHA256 | 0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440 |
| SHA512 | c44d2de9cd2c98171a720fbb03258a3da87555a2dd1860d30dc83b7cf4dfab46e54d97c2fa83905f80a8b710f5252ddc6f91297b44fd6cf7498bf7013dfe3465 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074
| MD5 | 115c2d84727b41da5e9b4394887a8c40 |
| SHA1 | 44f495a7f32620e51acca2e78f7e0615cb305781 |
| SHA256 | ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 |
| SHA512 | 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 214f75e42aa5cfca07257cbf8c64e83c |
| SHA1 | ba4bbe71d4ab266bc145305217cdf86a7777137f |
| SHA256 | a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00 |
| SHA512 | e8d896c8c3509941fbce96e2847838a520b3bc8d94348b1121840a1a2a45328be939238423a03cdfb7823cf128eec3190de8b4c1924553d603ef02fa856217e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | c83e4437a53d7f849f9d32df3d6b68f3 |
| SHA1 | fabea5ad92ed3e2431659b02e7624df30d0c6bbc |
| SHA256 | d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb |
| SHA512 | c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | b45cab9606431ca5a8bf31869d1a6961 |
| SHA1 | 6e8a52f738ef316270abc1a3ee10be6531432d62 |
| SHA256 | db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984 |
| SHA512 | 17005d3c426648c1fc51dfee60eccb3005dd426b323dbc09177a24d16f84828df44678aeee362dd0ef81c24b66fc226b2aefa10d4c1a1987006e21318cbe6d93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4b7e671aea399c94707826f39b43c359 |
| SHA1 | 7cf0b61f189f62895798586b5b6cc65b0698e930 |
| SHA256 | c62c08d5eaef9af1ba37e68d519b20b4724c5ab37ab91952f7601b487643d438 |
| SHA512 | 9e66b378efe78dd59057a4ca1695d71ca9f84da4974e6483df3f449577ea798ffd0bf7b69f94daf7d9e219bdac9b37b760dd32d606a5b408d6e37c8f1840971d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2507afecac0e15048aa03b2a36d746a0 |
| SHA1 | 42a940d3c65e78c97746918ab76e60abf0828f15 |
| SHA256 | 2ca7abb5f121d0cc35260564c3e26eedc9dc9377e1e9530e2067899d45383d00 |
| SHA512 | ca05f83beeb3d159a7b1f558b5ddc1f1c25c7e90bba1833001eb09678a33c0bfb744d039114760b6caacc8ccceca90a4319e9a40a8f3b63f6181ad1e10fb49eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9a553a614839c7dbf6dff42e7c065de5 |
| SHA1 | ea6b297e6e113954fda943e31d23cec42f8c3eb4 |
| SHA256 | 7d164d6d900cc40f052c8d2371329107147dad12433beb645e97dfb5a272a364 |
| SHA512 | 6b3c4582ae7a42ad8a0a8f85f250fc5295935d343488b3c8448567492b621499392dd3854c74ded9d53499aa09453799fd0f9547118540e95f71d3a7de17b97d |