Analysis Overview
Threat Level: Known bad
The file https://getsolara.dev/ was found to be: Known bad.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-23 03:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-23 03:32
Reported
2024-08-23 03:34
Platform
win10v2004-20240802-en
Max time kernel
93s
Max time network
96s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://getsolara.dev/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcff3546f8,0x7ffcff354708,0x7ffcff354718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,4259238134002445497,678763756096832744,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.203.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 104.21.6.192:443 | link-hub.net | tcp |
| US | 104.21.6.192:443 | link-hub.net | tcp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 8.8.8.8:53 | 192.6.21.104.in-addr.arpa | udp |
| US | 104.22.22.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 2.16.170.112:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 72.22.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| GB | 95.101.129.233:443 | www.bing.com | tcp |
| GB | 95.101.129.233:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | bypass.city | udp |
| US | 104.21.4.124:80 | bypass.city | tcp |
| US | 104.21.4.124:80 | bypass.city | tcp |
| US | 8.8.8.8:53 | 233.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 104.21.4.124:443 | bypass.city | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | api2.bypass.city | udp |
| US | 172.67.132.19:443 | api2.bypass.city | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 124.4.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.132.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | 200.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | a.bypass.city | udp |
| US | 172.67.132.19:443 | a.bypass.city | tcp |
| US | 172.67.132.19:443 | a.bypass.city | tcp |
| US | 8.8.8.8:53 | buzzonclick.com | udp |
| US | 104.21.81.209:443 | buzzonclick.com | tcp |
| US | 104.21.81.209:443 | buzzonclick.com | tcp |
| US | 8.8.8.8:53 | 209.81.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | favicone.com | udp |
| US | 172.67.160.51:443 | favicone.com | tcp |
| US | 8.8.8.8:53 | 51.160.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.pretrackings.com | udp |
| NL | 34.90.81.51:443 | tracking.pretrackings.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | 51.81.90.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ver.tubroaffs.net | udp |
| US | 104.21.62.26:443 | ver.tubroaffs.net | tcp |
| US | 8.8.8.8:53 | prbadsmepeople.azurewebsites.net | udp |
| US | 20.119.0.47:443 | prbadsmepeople.azurewebsites.net | tcp |
| US | 8.8.8.8:53 | 26.62.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.0.119.20.in-addr.arpa | udp |
| US | 20.119.0.47:443 | prbadsmepeople.azurewebsites.net | tcp |
| US | 8.8.8.8:53 | sdk.ocmhood.com | udp |
| US | 104.26.7.228:443 | sdk.ocmhood.com | tcp |
| US | 8.8.8.8:53 | cdn.ocmtag.com | udp |
| US | 104.21.5.19:443 | cdn.ocmtag.com | tcp |
| US | 8.8.8.8:53 | t.ocmhood.com | udp |
| US | 104.26.6.228:443 | t.ocmhood.com | tcp |
| US | 8.8.8.8:53 | 228.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.5.21.104.in-addr.arpa | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | gitea.com | udp |
| HK | 18.166.250.135:443 | gitea.com | tcp |
| HK | 18.166.250.135:443 | gitea.com | tcp |
| HK | 18.166.250.135:443 | gitea.com | tcp |
| US | 8.8.8.8:53 | 135.250.166.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | plausible.io | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| FR | 142.250.201.163:443 | www.google.co.uk | tcp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 163.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.71.125.74.in-addr.arpa | udp |
| GB | 143.244.38.136:443 | plausible.io | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 27304926d60324abe74d7a4b571c35ea |
| SHA1 | 78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1 |
| SHA256 | 7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de |
| SHA512 | f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd |
\??\pipe\LOCAL\crashpad_1924_ZPNTMLGPRTIJQYUF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9e3fc58a8fb86c93d19e1500b873ef6f |
| SHA1 | c6aae5f4e26f5570db5e14bba8d5061867a33b56 |
| SHA256 | 828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4 |
| SHA512 | e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 54f5d90ea8bc5f6e2b7efd7de8111bee |
| SHA1 | c4b3a2a67ddcc8f4ed72f60f6da1df1a7ba937f1 |
| SHA256 | b28ed20b12dad262d8997008c2fef725114c8cdb167c08d8b2bcbd0c2d18c872 |
| SHA512 | 431494c9e6c218c82ef513ad1347032ccff7670979d9e38dcd6e5790ddcd35adf4e8084cc01d19a4e8b721be6394bacb3f4f0adf1acc4ba8c6af8ed097b60802 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 78182d8783f6dae79180b4e1ab434e2b |
| SHA1 | 27a8a5c7dc2274c4209e33bc447db6ed3df8145e |
| SHA256 | ad77a029bdeac6d61a0bacc5cf8f866d4bcbb6166cb42776a218e57cff694d92 |
| SHA512 | e64d3313bb759ff4e412c887d3d7ce233d4cbf4d4a5562f22a8323de31a1bd333ba488614e5977d0d0823c2913ca004485a89e4927185a9bb7040d06028fd36f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 431a02272b5d916cceafe27bae4e9a3f |
| SHA1 | d03e9f0fabf1f766cece59d33238b923c67c6e7c |
| SHA256 | 0818e8be3fb73e42fec0f6519d0849d317ed28efbe42f9c9b0a2f1798a0b9308 |
| SHA512 | dddb5de065bd169078ea721310f2a7d4cd3dd9fb49475622479da27046cb522b315638d084cc2b144caa5f59adc28b163754c267acfda2375f6f895e946b5a4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 375657cb31f12ae808a1bc472f6a7a39 |
| SHA1 | 6d681b9792e2096df19ddb0fe0ff0e6adc816a14 |
| SHA256 | c625353a449ce5f520ab47e6bff523ee32b75a9a88eb15c5a16b72416661b9b5 |
| SHA512 | 7b1a9c9c6068d1039b49f876a553f46c2fbdfd7075aba39a67c4931f73074e8d9b007fe6ea6520812be2163a844c0072823d7bf5270d3fb90682d835ff9d0046 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e969c11ea37b2a39dc5a4b52b451b445 |
| SHA1 | b57d40715af9c7d0a82827c730905ebc47b0c2eb |
| SHA256 | 222dea6ad4a1b389ee5913eb23effc2fcc9c73234311ad10b8c5c949e4214bdc |
| SHA512 | 2744d3e2dd6246bda0c5f0d9788a4936eeaa74204077bcc1fe6ee92520fcde5746caf1cf3f33ae1171263ce8a3c115898293b106e7751fbc77e8b9e8f116d360 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt
| MD5 | a4017bb8241ef3bfc3711352d8ab91b5 |
| SHA1 | 60aaf37273c06fa772113a26e3d732095bab5420 |
| SHA256 | 36b386614e402c2f044dbaeec0203c3b257b1dc7f2bdee5b83221b14bf397025 |
| SHA512 | 32a6d902813a44be6e69f5a87f960644f9339ea3f5cb8072ebdbece558015f8e30d6ba30a7766f7949b374a7a813985bf5478918bb6864c29f3a930c9326948c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt
| MD5 | ce689fa1c710b5864485f8aea90054d1 |
| SHA1 | 1b2b0b12cdfed2b7dfb802c1c42c63b45a29e22f |
| SHA256 | a191455d6f2023a93aea524d893b78850152b81831aa152c75a56fdb1320c6e9 |
| SHA512 | 2dfba8d6f5e355a13e72d2c05e289c38fc5f807aa54ad84cfd9c10f9ab1de4b46d2f4cc7951058a246511981e9a95de78c0dd57f6e03dec81caca28aaf1fc455 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 05832567122957fed809b034f52d5aba |
| SHA1 | 413f13defb5d5cb7eebd782f4046cc1d9f9a1305 |
| SHA256 | 33da7baf3a52ed452c0e02db7bd3079fd2497b4e84de89e1f295b830435830ac |
| SHA512 | 39ec40a8d0237fec73c5821d3c66cf503a2f3834431199edac06182e7c61788bd994702cce2f16167fed7ae3b281fd2f8bad907fb052883bf15d354ca837b7e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 44f54a7a6a27dda21b137d7cd07fe5b8 |
| SHA1 | a4ace903b9ada94db324feb5d9b53704fe15a86a |
| SHA256 | 29604f50ed500a4fef1e398e85031683533c49811931a51bccaaac53ef6017b7 |
| SHA512 | 270050f8a10b304f320bef0b6164557ace0270a4f04fffdd9e6d8de23c1b5427f25450001ba90e6fa65d6b7ed3a8530759e513afcd3ff1625ece31549926b129 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585724.TMP
| MD5 | 661760f65468e15dd28c1fd21fb55e6d |
| SHA1 | 207638003735c9b113b1f47bb043cdcdbf4b0b5f |
| SHA256 | 0a5f22651f8fe6179e924a10a444b7c394c56e1ed6015d3fc336198252984c0e |
| SHA512 | 6454c5f69a2d7d7f0df4f066f539561c365bb6b14c466f282a99bf1116b72d757bef0bf03a0e0c68a7538a02a993fc070c52133ca2162c8496017053194f441c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt
| MD5 | 5a367718dac331ed7b2a5ffdcb0cbbde |
| SHA1 | 79800c919850fe7658dc3cf35ed440c9efaf49a4 |
| SHA256 | de54ff9c03ea2d8ed927417282b2e2081c50275b2ab0fbe3f074ffcefefc08f2 |
| SHA512 | 745849739ae7b9b6763350a00658da500c76fbc01c9ebfc4687fddd37801c12e5a3af3541447a2193cd4e286082c3f4ef9144ef54b9bfcb16c5297019adfc47c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\dd5aa796-3563-4c1a-9de5-129054e4eec0\925a02cd30dd2ad1_0
| MD5 | 304cc8ea0de19bea45ed8d5f367176ee |
| SHA1 | 367a05708a9b31608f4f80c38f4bb5ecc002b264 |
| SHA256 | 45d5a64eb3fffd9bdcfb3d49ef7b8f13b67b48ec2b83fa60c25300c4eb53e018 |
| SHA512 | a92bf41a5c6336fa8fa2eed35084711caa4207e34c21b1d93b7a5af68528326d7f2d42c2fdaecdeb1a20159f71f8fd41cbac4e485c80ace806e1d6b7bf2a68db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056
| MD5 | 8c40080ce790a71c9b85accbbec7a2e8 |
| SHA1 | ddf9ab694c9fd5799f8bc82cbf58dddc85d507f6 |
| SHA256 | 4de75bbe04ddd6afb222da24d1dcd6ba1f361142c174efacc8f7708b8b27a214 |
| SHA512 | ef6baa1de2eeb62b63799bd070e193c2cf367f42adfa7f37e0f2cd9c9957e922c8343413e03fedcad1114be515c52bf1b3eec3aed329945628883fc65b2f38c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cfccd6c6d6be8ab283721f4390f13143 |
| SHA1 | 0daa9862ca08519b2476c88b74414a22d57b1bce |
| SHA256 | 4f831d0adde28868249a0ff7269b209c62d9cea0b41d8b3cd50783b4869a158d |
| SHA512 | 3fccbda328848b016c3b78b40a647d0663539d8f9aba367ca69c2f34401dc9226ebacaac905ff794a778ac86c8edfa6bd025a5e3a03c69ad0e67ccafd1c4bb48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8522ced6d7f663584e64f0f393150183 |
| SHA1 | fab249532824b1cee1277dcbd743ce03e6f46ebf |
| SHA256 | 8e85bdab27b6130f9a4f1a4991661b83f5a51ceedd88a5659430313351bb751a |
| SHA512 | 51e1a8ac7a54aba07f0e2682e2c7558949975f9e4af25f9d3c1fbe24ce6397bd7f8389944cfd5b655b30533a050ab1490cb8a43372d3ac8a7001670d7f981d88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe588056.TMP
| MD5 | ac361d6cade4bcbd1e16e7955f97364c |
| SHA1 | e039f0eb27e8707093563b4e9e178baa514c07c2 |
| SHA256 | b900a896d6ac9711189b6ed256d6929ef083b91f5fe0bffde3f684dd96629010 |
| SHA512 | fd90798baa6b1c09cfc50e9bdd2fab2775db727d7796647b18d40ba94eaeb2ed57ab6e295f4ec5e436a51c22de886f15c762974ac9d28a95b67da7f013bdde9c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 4b4b8f440bbf53de359440c35859fa63 |
| SHA1 | 3047a0739955e328b986d702e684232e6fd5cf5c |
| SHA256 | 8676237dc28a64f9758a6ef5e8de5f73a914005a77cefd3f0da222eb2abefe69 |
| SHA512 | e87ec27b7ec481fa1ab9d2496e97770cc1a7245238b370406348978ea69e930f524dc6b8a936af634d1753538e0a2a654e914721f34fc8d9969356819c0eeff5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cd0e8c9e5bebeb0cf659c3d9de08b451 |
| SHA1 | 6cf3ef7754dac554e355179291e68416a1f59e14 |
| SHA256 | e79d14f359813ee6d65ba3532b2cc9c3a8066ace043763b84d6ccccb50184e3b |
| SHA512 | 11d3e542a844bcb7d03295bf406a457bfc36b2656095779240341895de600ee2ff2b3e4a08bc120f82302a0156f04b2cc9518f59739ed5751782f37183b9a5f7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 20594a71b9cbba4780d6d6a8b9749cb6 |
| SHA1 | 70ac38268f2b43e66ea8643cfc5f01de4cd1b281 |
| SHA256 | ee9e961d3f5ac8a3452da83be3a30cc74adfff908aa56dfee8f06956dd20e1fd |
| SHA512 | 04c04c9b572276a25546f9dde3bfa3214428a504f8efad3f8a06bd242cc6303ed80c36a79d856e02b715736c8f81d60bd0f776b595e4fcfd72934f3666d0517c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\c9e5a3e1-32cd-4dce-a6ad-94edd40bb5a8\index-dir\the-real-index~RFe58b783.TMP
| MD5 | dd21c6598e2d0bb2f82cd15a67658def |
| SHA1 | aa91d1258b86f68f028f6b40a58bcb4031494cdb |
| SHA256 | b152d842801e4b0eaaa44c2e1c28669196f0ceb139b578abe20f841dc69d2913 |
| SHA512 | d3baf9972e490a00e018c0f5ded3c2edb6f9c30fbbbdb5180e80ced8b76b8b26756ae18599eee2f976a2e0e8dac8642dec0d079110655cb10e44dcab8b5bacd8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\c9e5a3e1-32cd-4dce-a6ad-94edd40bb5a8\index-dir\the-real-index
| MD5 | d234201f3a4db6f3fc979d3b91ad0132 |
| SHA1 | 8964f591d0cdf3f761124afd69f489fbc2b7b2fd |
| SHA256 | 7d40caccef0eae291db365aa234d34d66c7a17f6cf87f668c645d91e97e19cfb |
| SHA512 | f8a9cb5b75eee433ec907e06a35eac885751b1faa74fca75c5aebf78df39072c9f446c7a7ea7c4b68685b5900915681581b7dccf2c08bb394ccf477bab64843b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\dd5aa796-3563-4c1a-9de5-129054e4eec0\index-dir\the-real-index
| MD5 | 042c5eba26fb356dacf68d56efc0bb72 |
| SHA1 | 0b5a7c243252515793cb54071fb83e0aaf01a895 |
| SHA256 | 1a1e641c9b3fd85e059fe0c5281c664a204c71c82451d3d32e2561458386b043 |
| SHA512 | 7d81055020097d1b3be9f141e4dea8e0987ddd3febb18cbdcef732fe2ea36fe5848850b4d4a4541f2aaf4b360c9011ca626446033e5dd6d02afc33d305eee65e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\dd5aa796-3563-4c1a-9de5-129054e4eec0\index-dir\the-real-index~RFe58b800.TMP
| MD5 | 57c58f24852764085fe43f4cfe6c2f77 |
| SHA1 | 9c1de64136448d5e4d3e1847391887f446c2b279 |
| SHA256 | f109717cc2096e9384a79297db2b161d847627647b2d25ab8171edb3ff62d552 |
| SHA512 | d1086d5d725bf7c56e7ea8d7145edd4d196032e646bcec33c2b3a62821816bfe2cf26ef73ff409138ae194a46f3699520532fc16a642105a9c949219bf0baac3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt
| MD5 | 5c79667eb6c87d86b6a4604ee1dc527d |
| SHA1 | d7448ada6bf509ff66fd70ca4813b4511839dba5 |
| SHA256 | f57e61f3cab07b6449ad729cdf6760aafad46adceddc151d9ea67f27d9f9ba79 |
| SHA512 | 7ab2da5fadb9252606bee7c5355e31811c32ad8e6d1c36f19696cfeac1e9b6ecc0a354939b71e6c93703289e57f97bd246ecc51f1a4b122733e9c74a072b6a26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc3dab1790fcee2c21bdb604f8874ac1 |
| SHA1 | 961b2476a1241e342ba73114608b9cbae5e7adb4 |
| SHA256 | 393c153851106c75f1fbff808e2051227c048eb119cfe8353b710fb7513a37d0 |
| SHA512 | a17ad1a057b2a392035b5ffc8b930895ddb8ff6c723abc033c4af560f6c6a5e30db07579754d4371f339d9bbeb4908ff13e4ee1a84fbc86a24db88b7752ae297 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a202c243859bcfae8e17852ac0335da3 |
| SHA1 | 5014b5119eb179e06acfe1054c75d1f171f3c86e |
| SHA256 | 7ef52b36d802c6b50de6cafe20782e5c131cb48ed67a7be456c121eeba470272 |
| SHA512 | 6038fa79e1cf24deb54a53bbdc0626329cd89ce41507a57ac264426d83cb2bd0888be6e4f98b76ac3797bb6df08312346bd28753c87403cfc6e25d02705a2f05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9afc5abc58ce9f76a44ae4c2c098f2a2 |
| SHA1 | 4147c77d5c13a77bef830d84e61a52f868838c3a |
| SHA256 | c9edb83a6769e5fd099424a8b451c886c1b72f9e553f64a884c05c9699791bf5 |
| SHA512 | 521737c0ee19312f7f24ff771e303f6517c264b62f37100b6537149223a33992d4de970ac9f2ec3af292f297a3239d78a461485ba77b3445d2725cdcb202a24b |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9861b84d9d0082931b1bee502c9b6ad3 |
| SHA1 | bc7091a5f9b0f3989e0aa970cc99dff3a03318ae |
| SHA256 | ba30c8a774bc6bf472bc26ca04a3c3837c381bc2b8e0473079a4f16c4e79e1bd |
| SHA512 | 18a991ecede00f420f604d39e2f0718bdcd4ff47b45b2f682c4f6f781c56eb2de9989986c0cfec442a8f68918b2abe10cd598ab3b23a317753fa01a72a53fe31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6dfcbed07853ff0b_0
| MD5 | 25eeceb50d9328111e72de49acdc9aed |
| SHA1 | 95332485673ccf0b4fd53992c9f2eb9650e44253 |
| SHA256 | 4dae5e0ce9fe6a7cc7c79437240e6220140509e4caaed7a78356b8ae1ea7d443 |
| SHA512 | 6aed98bcd7f8f2e55cc80dec104bc0efd8cfc7b170470cdd100151b70d1cbb693e02b569b9dcb4121a53066b40a5f70d9cd0902c7927157a36b296fc7aa4e16f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 261d5bc2552ce3ad65f1442db9618ff6 |
| SHA1 | 9a39f18b0f070584237c1867dc344543efcc30e5 |
| SHA256 | ebd6fb2be01d2b25482f9aa3cab5881135ea2e3b6b3a75eea7a28ac6aede4bad |
| SHA512 | c24aebe1d0a2736e5a523458878679097512cf658e476e2faa1fee7c3fa84cd08ccd80e85c6461854d8bd166051af9e5b3d506f9151590346bbcd3248c214df6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | ce12a3d624a8e176b08f2523f8039c28 |
| SHA1 | d90a07428687593330b882e059a24386e92932a8 |
| SHA256 | e98eb4ddbd3a54632ddc57c46769f9442d38fe31e01211e1c9e75a5a1bab214b |
| SHA512 | 49002c543f37d746dd6b7a16ff682882de203823f1329febee195b95a40fc53f45e33d6e8584d3b4a8d7258045798634aab138f7c30beb2a1fbfaf9410c85ba6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4254ea616a7f468dd36cb96e5465a193 |
| SHA1 | d54b23b5303b40041b22ee79f686235ee0da9552 |
| SHA256 | 5e17fad23335c40b086eae67c8c51d202567042948b7d1ae6230175572bcc4bf |
| SHA512 | b8f478914adf3c5ef595e8fc324b0dc85e63fa433149e3847a871ac07d90e2a98b656f3d471bb8e21a92348998c1e78f4a4fda39fb8bbdbf79b95ff00cbd6598 |