Analysis Overview
SHA256
5821bac8baadb496774ebcf15e78a3cb8e2106b3d651f6b09343f34332a33863
Threat Level: Likely benign
The file c081c15e27286657984ffec3f2cb12b5_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 10:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 10:09
Reported
2024-08-25 10:11
Platform
win7-20240729-en
Max time kernel
134s
Max time network
135s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "430742426" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Enable = "1" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\International\CpMRU\InitHits = "100" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{17251221-62CA-11EF-8A1D-72B582744574} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Factor = "20" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb900000000020000000000106600000001000020000000ed9af6fa109bd718708fb1fbf7f6646ef33e394fe3e3f57e597d8e2f4cdb0dd3000000000e800000000200002000000089adcffa5ff58007dbf31518d6091c221f0098d3c3b740e3782f4b152010864820000000a542d1ce28d83c84919e3b3e50dbee470e87f13197b9bd040cea4c4d24e9db7d40000000feab2c5d16e372026b6019e54153ea20c9b4289fd91bcf2ce77255fd5b1c4b20461cf30256407b695c611b9433b841706e0443732277155293179b193b9eb63f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 308d0c09d7f6da01 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\International\CpMRU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\International\CpMRU\Size = "10" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000004961a9603b5d8740891a04601e8b8fb90000000002000000000010660000000100002000000010a80363afaa9b33f70f1b39521fb794e60c0e46c4884cdc837a6b8542d6a5ff000000000e8000000002000020000000e5fe4417eb41bf1c048639c43b4aaccf0e604449525f95b85af3c079782a14af9000000044c46b8e86140a5204a98b791e6e12029961eb5f4dec0a6b42182700105f5ae760a2acf055496293a735dfc231d79a3cbc5bbe99ee5e49b896233d755c4f42b8783168697d715d2d69c3cf40edef56a14116b34dd64c9e2cc3cf07bc7649367cab3cf954c9775683d46dcd2c48f7fb9405e3a2ff27fc771a5880dab09f0e725a236b3b7f0e59ff481ae828b9cf5928ea40000000813bc5f3da9f7b01355be73ece5171b6b7066060decec0b022b0e40f20a4e6e551e04a5030a34df23c9e135ee1cfbeedae0761e8a7e76e43eca6d3f84a786496 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 1976 wrote to memory of 2560 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1976 wrote to memory of 2560 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1976 wrote to memory of 2560 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 1976 wrote to memory of 2560 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c081c15e27286657984ffec3f2cb12b5_JaffaCakes118.html
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | ads.lzjl.com | udp |
| US | 8.8.8.8:53 | adspaces.ero-advertising.com | udp |
| US | 8.8.8.8:53 | sksawi.info | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | m1.webstats.motigo.com | udp |
| US | 8.8.8.8:53 | adserving.cpxinteractive.com | udp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| FR | 142.250.75.234:80 | ajax.googleapis.com | tcp |
| FR | 142.250.75.234:80 | ajax.googleapis.com | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| NL | 217.22.19.199:80 | adspaces.ero-advertising.com | tcp |
| NL | 217.22.19.199:80 | adspaces.ero-advertising.com | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| US | 8.8.8.8:53 | banners.getiton.com | udp |
| US | 8.8.8.8:53 | newt1.adultadworld.com | udp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| GB | 2.18.190.78:80 | newt1.adultadworld.com | tcp |
| GB | 2.18.190.78:80 | newt1.adultadworld.com | tcp |
| US | 69.165.107.14:80 | banners.getiton.com | tcp |
| US | 69.165.107.14:80 | banners.getiton.com | tcp |
| US | 8.8.8.8:53 | secureimage.securedataimages.com | udp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| FR | 216.58.214.163:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| FR | 216.58.214.163:80 | o.pki.goog | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\Tar7600.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\Local\Temp\Cab75ED.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d5a8fc96e9370afd26875b8808453bdd |
| SHA1 | 2d87ed57827a4bd65cd2480287b3930491855594 |
| SHA256 | 9d0622c9ea98226e926a9aa5476347e58e2fa15fa1923e4c6d7caaabd59599d6 |
| SHA512 | 127af779ab0ddabc2fbef3a882bed9d0773c3673162062879e4e1bb7e9484b441407eb3c3d6d0f2cbd8df6c31e9e40de18df9c646f956d2d5a0b2ab722b3888c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3867e8c8f11cb681a0b01e2e40857854 |
| SHA1 | 55356cf713235b65f20a893dee99546ae2ec7b0e |
| SHA256 | 34184ed53e8e61d562f3d02a27802add50ab47991db77ace0dad9a3b02a4c0d3 |
| SHA512 | 05f3251baa008b6f1d6b09b97cad5fcc9ae2e052d12b06268c1a435038407ebfbdb0fb4b7a5f1e0c3be47b5b9236dbc8d64b7e9e9efba06617f8739c10bc1cb1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 12e7293bbf10f4f921ca7de31d7ff5e5 |
| SHA1 | 3cba364d3a0140464fe97c50a1051138b3ac5ed7 |
| SHA256 | 5d8336adcb6b6f38db1655e4b36ef98251ecf4936970e61800199b53dfd2dba7 |
| SHA512 | 36b43441c124624ba44688f81cc26ca96dcd39a75f35729dd802589ef738ce31fee46a21b0e5174e567aa5750a1b9efde3973c38bb88a3d59c1fe850e6a9e380 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6b0733a4326b0540784d039756d3757a |
| SHA1 | cc7004648cad9044421086c48aadab3da2fc1825 |
| SHA256 | fd2de45254ee073cbf54598d8bf126c8806b5bb70f67a86fdc1675276ba77ca6 |
| SHA512 | 3bb57fb97b46b2f55717060fa9be9299ece03841711282ac88776c03f81a1697bee867b836b2e5a681bdf25b067554c3326672e80efa3e4031d11b339279acd1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 117ef7ec933ea27a4f46750f674d7baf |
| SHA1 | 225dee0e824601ca2b7b40cb835d1f2c9f60c998 |
| SHA256 | 6ee746071ed8775abe6c2935d80475bc7245f95ce4161da41997d245f0cfbe5e |
| SHA512 | 1b6b4ed752a6f7a7d0aeafbbd3307bd5a371c80a9d60d8e82fd6bae71372432f0439d6fca5f327124dd8ad326603e880d186ad98deae58888db5fb29fdb983a4 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 6c89332f579c9084fcc6750f85c5e85b |
| SHA1 | 1ba1754eef79e2d316e123c8f7ecc97d47a0e919 |
| SHA256 | 526b39c34874baf03ab3d29e00bcdb87bec65596c28227cee4fdcfa7b8ceca7a |
| SHA512 | 8435f3befcaf1efe8aa125993b2908067500b67deb4ff34ad7757546cccc64dbedd64344f008a3baecaf6132aad3d42c03a9faa9e84d9f9b7275fb824b90b3e2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5bdbd7c29920290cb0ceea74d5f7cfa6 |
| SHA1 | bf5de184eee238c12ef1d9e0170ba7701811266f |
| SHA256 | 049e6b35e1bdd131542ae373264e4a5c2c4af6e3434d7bce5559580e75154ec3 |
| SHA512 | 2004b08340ae5b9e8b42ae1663957fc671fd7b6ec9f8f9586654b4097e73a13e58e6bbfb40eb9bde0d952d5e486efd64a56b672b563365939d83af27331f3b0c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | a0e57b3567083227861c363e60ee3e94 |
| SHA1 | ab373568a5315c6b98ab8462859b4ebe8476841e |
| SHA256 | 4069c6f56740f887b4ef596b5d3bc0372e1e3349aef885299db65d71717fb623 |
| SHA512 | c25621163a29a1152c3142e8ed3f027921810efd14073d8d9c85fc45eca6bf34acf37aad9e2cf4bdb720f1cde8f422446d6a7500fa0c54dffbbe39cedcb4258e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e1d487d9b5e2a60f4826bad94889fa0f |
| SHA1 | 949b659490aec8bea5afcaa51cc817b67fac81d1 |
| SHA256 | 4562b9194ac637c29b4429b6cbd20fbd2d40ed2b972b2f5b3ed7f53181d899a7 |
| SHA512 | 97532eb9057338734ef9221494716ae8a9552db905d409531c880bb79d81061f1735b53dfb9b581d707f8c75f9904e12519768b4f3ef49777d14ad92a180e9b9 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | febd024babcdc76d3a2302c9df6c6c9e |
| SHA1 | 7449b8bbba82b9b9341c90ac0ed83452f183c8f7 |
| SHA256 | e2c3eeaddeab5fb0386ba0e14b4e6fdb09342ffccf6e3fac4e882f5d2d3806b5 |
| SHA512 | e7ac575b670caae558d5a01117af2baf0527c1650096ab1b35ea8f98ec9e6b8f2e79ec7cf9ccba58b105406dcb8b90bd2d05f07f9a5fdd6dc0e981d489dbf55b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fe4cbd7df9f273809aa03f801f9069a1 |
| SHA1 | cbfd8ff2cf6e72eb4d38ed33b83151d041add1dd |
| SHA256 | 79d43ceb39a58681419fe633f56478cdc0b74b0ecec6043c41b06aa35fe4ffbb |
| SHA512 | 0020c320317c6d63dff31c05238eb79a3ff011d608d5c5038632d050aab22212206d788be2103d4b2103a0330147f396be9954584ec4379da9f7364870cec341 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5fc606841287b91e93b414cf2079e8c2 |
| SHA1 | b782640ac9625ec71eac818cc48724734c8323a3 |
| SHA256 | 0ce4d8c5ab45f5d13e90ab93ef27e26fb9dbf39887d8cb91a4f971f310af1e95 |
| SHA512 | 773fb77a0602fa29b28a7a06141663c3de29fe5e91e677c9ef004ff0d4ca2b14a8dbc5f5a9ef41be3913697f1b2f21837cc4987f3853d8ffc668a43da717c6f5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | aa20dfdf940783581e3fbbe1d1aeb00c |
| SHA1 | 9b62f7059466a6990adff94f3adc8aac5204ff42 |
| SHA256 | bfbb723968117213f741e48fb90b33fe8c470dc812ae1dfad8cd4fa520639607 |
| SHA512 | 9525347ea0a76bb684b92edb639e0a46fa94569b91f3fcba4923818979d59e94cf04be1901aaac0cedeb12ba7cc5f7baef37206d618d3cf42aa2c5b6df51734a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ecfba96047e0f2d03e0d0b1f1e2ba27c |
| SHA1 | 88d00fd7b69c69839548210b27671cc750e1bb1b |
| SHA256 | 5ac9420438382983aaef76501883771d183e40790456e192fb02ae2d5e19d54b |
| SHA512 | e03d6af4ec6e51e150d3f2851726a44e3a11a2cd53f7d00410186d628aac41afa0c6e947e0bf5c99c40badcb195499ca9ce546ad8329111142c3af74bb268d91 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 16498b16ae6154b49185f1d6c9010d57 |
| SHA1 | 76b7fb056b007671e348443178de111a3ebc40f4 |
| SHA256 | f7de5ad2579b6e4d354bb69c23d5006b61681752aa1e3d345dc2737f5a78bb84 |
| SHA512 | c7dbdd74aaabab77b2b9145dd6482c26a325b94ac950fbf01289b42f551c7e270837978d9241183930600559a12a31123e3e8623937e364812e936f8844b5cd5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 1f08a1b2162ffb309537bbe07e4bc63a |
| SHA1 | 2a125832e7f93f7eb92805df537b0d40a0d08d45 |
| SHA256 | 4ef91f8b7d7d2f0ad78b41bc19b0ef9ca9e88777a9a7b0647d26111f7d3d0ceb |
| SHA512 | 1fc2092ac4e6edbad116599c409ab97afa342947fb7dbece30b8c4b800ef971b7bc7d49100303c9ae510bee30c02c7b46bd16df0d26e58ebb3d1abca750f1318 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f87a53ae3922165baac2ea6c9af5e7d2 |
| SHA1 | 817f22e79939d75284a7d436048ffea33a831c7c |
| SHA256 | 36a0670c55b2f953b8cb0714b6e05a07d88c8c3c0fd561066e95c8da6caa1666 |
| SHA512 | 44466f0b8c9f63ac508dd8ef92b0f03387eea47575cdbd8400d2971b5263695ec888ec15160e2f6d38e17b4d486024ff508bf80ebd25ab67a6d1aa2f0395d4c2 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 89ea89afd9b5bde9febe70ceb8545e9d |
| SHA1 | 06ec3c8a22c61c30d56f8c013e2e48d239b2f8c5 |
| SHA256 | 55152fffa76356c4290837ce78a4972e802db2021e3caf9ef4dcd9a5b8428c85 |
| SHA512 | cd62be9d932a8b056a76aeefc58098d0e406551c88ab6b6cf9e815e17cf0548a48236570d7799eb5e1fdd71d1fd64daa6ea3a7b64ca54ee01fff3826f962663b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 638df242bfadb3ae98ac46124cffa77c |
| SHA1 | 6231dce66504cd4e15366292987a1498274dc8b9 |
| SHA256 | b42cb2c7f693fa1fced9608effafd6913953adf080167d6a1113bbb5770822b3 |
| SHA512 | dde7b2ab4cd1b801b7d6a36de0523f0539189f56498fc56836b348f5e7df04dcebf2c970ebed951ae56b0a8339283688a04d1a60e8cb91d111ec5b57f9c83b2d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 83fc3261f10cdb5a61e8af252c86cb07 |
| SHA1 | a086ccda932727610166cf500c8c3f713f338278 |
| SHA256 | 3bde4de756d9ecd126c07ee2b274f6a250e41277c377ec9cb681f4c49f33e257 |
| SHA512 | e09e88bf21d1c82c1a1a481e6d2e0b3c0a96451960eb55a7df3cb431968cb9359efd93c6afffcd9d91eb5776a0ba779dc4828764c52ad7bd4c10f26e61474587 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 23619e5b26336b2cc6b31aaa49e4ca5e |
| SHA1 | defb0b37f242fbfa91ab013018dbd548516d023c |
| SHA256 | 8b32451515b1d1288dffbcc64306f5b50e85b8353c8fe36341472381729b8485 |
| SHA512 | 1b603be467cd9197dd7ceb23e58e9436906624e96f61d14b29b83962b962b2f046deecce9879c5899f828be747233feef28dc368286440fdde43565409b7b7f6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4544bdeaa5a5ad7920090637407f38ff |
| SHA1 | 1b7a2cc1382ae95deb8735c0f46b0deaa331a4ce |
| SHA256 | 98fa63d7b1809a5170213b3628484436aea8285e926aa035d25afbb10cafc472 |
| SHA512 | d1ad0c13a79cedbc67a651793e54ce6b93a20dd8fe036f9e7df29084cbac8d04bead1cea9befb9b4848d2750b792342150c1b00f38b54246fb6c2d88d0503621 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 67eceeef462d7b523615c2f6cab68ae5 |
| SHA1 | 25ab2f12dfc9c63a319dac518e512362289124c4 |
| SHA256 | 9977d517cb70c9c9bb95ebf3937eec1589666f40ef0da49be410aad31d66ff01 |
| SHA512 | 88cf7a82fa3ba3f06901730fd8bcac2e42272d30ae0be952aaef0e6d595f57d69a0ef4037c7b30387257c3bd97f27efe5814a6da122fae8cdaaff2592112832a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5104ce48778db5c05dba5b938b670bdf |
| SHA1 | 6553ed30356bc61e8ad81b863ea9f7fefe85249e |
| SHA256 | be54fe60ad2e8cfacf897097aff249158e88c0567710369a3d8d6e6b62aa249d |
| SHA512 | b602fdd0c6f809b80d9d4c9f1a401c9db285052076fd525effcd55576ccad102faa8f97bea0d056c36740a8ad15f136add013de58911be6246683fb64902940b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 2cc4e782958327b98766573334ca3410 |
| SHA1 | 2e39771e5c7ba7c3c6d80f9914c3ae7fb31e75a4 |
| SHA256 | fad45327facdd15f4487db8a1b291c3cd14a8d4933cf116b4ced47d9088bfd43 |
| SHA512 | a514b2254f1810a856bdb8b0f1e2f5a1667bfe8387edf144ffbaf02313a8f83e68c63d575fda522689cb3326a85cf8e17e234731f7296032e18a8e250c666a57 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 34468b67a20e5596d9c07562a2f33845 |
| SHA1 | f04a2cba4595e38537df769fe9e94a0df260212f |
| SHA256 | 236a57939d7f424922c5f651c160af1c9ab37c8ba36e04f65ac3951e68ba265a |
| SHA512 | 53e71f3167235a9d58be55c6cb862e3a84d84a4578fd9b51ee10b9ed3091c79404ad21ace475e8843f994d85b6c00f1fadfd456523b9620f81be03f842344cb8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 3660a899a9c2ec41e206866ca5bb223b |
| SHA1 | ec147f3b783be37e1da2b1ccc70c4d99cf44b3ab |
| SHA256 | 9542295e3bd07c2f7b38f62a695865a5392d9d6ed4e78272a89d39052c6408ef |
| SHA512 | 9afff2fbb83e9bcea8ef10e74fac48295ac20a3851362e7efd9e494f5053fa5db64a46a81dae629d802f8a00dc3dff7817bac4fe5e2258f36e38f873958b1302 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 81ec37d61e88f238ac3302ee4410ec5f |
| SHA1 | 957b54f8202d106e5e794e1e270d35c62861826c |
| SHA256 | 9a233047df6708bec3bc9e57e73a27b70958b4680e512623284d1856af1c2018 |
| SHA512 | d5791657c4ee04467c5a06df190dfbbabbf3112ca3db7b58d9310585cb37a9eaf30438bbbf424e25dd5b0bd4755baa74b35bbe459465343fbda227735927facb |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ddf95e04719a461193a94594dcaf7ba0 |
| SHA1 | 0959b54041f7ac64db368ef10f681a6a30b3947c |
| SHA256 | c31d37d70af4fd42456d3fa63e9524baa8c3af727e3dbd88a50ce5604fdcabf1 |
| SHA512 | 184ec74e6600a8e47d6681809a1d7c34e1e95a489fefbb27191ce51069186e43796616d0b6c083d129c2d5d3de93b3f970b95bfa0966d4fe6b6576a3bba5238a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 8e255c107ead6ae6ef402e00db3babf9 |
| SHA1 | e314cda550b35ad923b3b4ce16a4eb4ce68d1d4a |
| SHA256 | 27e6972e902c3e5f7dbd697b1dab638e7b439a646f9df4c5ac008217e1549119 |
| SHA512 | 0ef6f2f3916e7961c2ae556f71885f90195f6e9e55d96ce7ba93ffa561002d819a4ea54571b56e5b59e4b717a1980d4af51056eb60f6d10553659333f7ee6c88 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | c45fd9d94942f3cfd24107b47f7fe24c |
| SHA1 | e190cb9f4e2eab63d625b3205f57030d62ee8109 |
| SHA256 | 1c0145a559667e9ddbc83a754d8c28368d03feab96e552d2efda3482eb6fc181 |
| SHA512 | 71243d592cfc8a21776ca6c2b57aa3f5f53dbb06e1c86877a6e6c2aeef87da1c57b8bb558945966de0a24cb0ef15a221dad7edbfa520aec95d4c5c290e8a1381 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e449cbcc81f8e0a8995df662830ca861 |
| SHA1 | 8f3160a186ccd8bd91a0995895130c670ba17338 |
| SHA256 | 03a37e95a38b1c286fcbd0cf16a91d451c2678fe14d2dcd002a676961ade066b |
| SHA512 | 2ffd2270d22af0c9a3499c1bb410d857a1560b3b53ff96739be4a437dc6a1707fc6292bf8f97e776844b93d698cafdb836ab5405cf4cf2889ee33490dd8de6db |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0d8d7a22f119d8e98bd7cbf869ab5db4 |
| SHA1 | d911ea2518267806eb3f03a6f2c8f5ba89feba6e |
| SHA256 | 1ba73a5e478d93499e27469b209ddaa522d0789b6bb796f6aa7cae36bb3e2025 |
| SHA512 | f8929dd0dfc886a5a2396254f4ed60a76ef7a14dad9ddef9775236b08c17a6f8a1c8854f2f8add282353a444fa4a799751055f5044085fb088edfe73c2fdad78 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | b36df33b831dc3ee0e846b7d052a9bd6 |
| SHA1 | c29670a83b90279b7dcb577f3468b58775ebdeb4 |
| SHA256 | 95104ef668ca699bbde73306baee666f7c618e12eeb7cf60ed31ee4211655422 |
| SHA512 | 3735a01d502c87ef63be25974366c7116241629c28c30f653175225176996b179ef720092cb5ee85c4c05bccde12ded33c8a9f5a0e58750b2e5f47c924b27771 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9ae63b0d26b5c071500194c9374e71f6 |
| SHA1 | cb2bc6adb3f6841494d500bad59ba95e1e675986 |
| SHA256 | b7dd16e89dc43853909edff3b3201d2813b719c0105addec0cf21b492e2bf5df |
| SHA512 | 5c99d11617ae191f7ea2cd73ddbc4ed9f5816f44fea592f228fe288b90db309316174f1929dbbccbbe5984e4ad8ed5c0889d43ca0b323f849f7b3821ca369d39 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0932b4d809d8900518adc0d32515723d |
| SHA1 | 1d2b5b5f1864c354c858fe05994c5bce211499d7 |
| SHA256 | 5298fe76bbe5e7f0177db1829521b39aa108bca5266089fd0f33450dfe43a2f2 |
| SHA512 | ba787ac01801cd5ccff42f5292b715d33f5a449f350416b22dfa20e7ab8779a1232502eae04d5d7d0e3205271673b4b67e906d5af1fdbc93e7d5f616060ecdce |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 59a2f518f26d91003b1364ee277e8701 |
| SHA1 | 815dcc8cb4cfd91865de5194d325853f7a19ac40 |
| SHA256 | de677146e24decf9857fee873d1f15d9c91b166cd7e1e588c659437eb453ef12 |
| SHA512 | 9c2190d0e70b8dfa1f3626dc1d343ba31340ef0b77eca8430c5e9698fa01a68b64536e1d9037a22f60594d2e168e81bef3c36075d432b69c581127fb7d5c4589 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 15f3e58a72c67b38a8b633781e643961 |
| SHA1 | 4ceb7915e5220aa86344d6e63478ff1d22c8f31e |
| SHA256 | c75976371c8532994163ee6a3e6686a38689cd0fdb2c50863af403d3b0c0930e |
| SHA512 | 44e0d94bf1811cfce8373f3c183af4f97cf1b69926a0ce02a8ec4a2539328d851a3371807bbe356cc931b03e603058d4eeaccff278a8d4ea64967a0355a81f28 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | faff11c56c71fc619bae35371e52c536 |
| SHA1 | 54660d06d00c7da997276796b3289a5e5b597053 |
| SHA256 | 83987ebf935e1a2d8adef4b300297fd4f61b2802f297e9d6a60a6ae6cf368dd0 |
| SHA512 | 939a3a8d0a47adcee1bd37fb6cc642957d4e8ccb1c01c8f61027ac49daef6080b9ddee39ce756e5649e38eef1ca5a16819bfa76d4c5027a19ca772e28b48090d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 710d8c4f46138acadaa315d972e11634 |
| SHA1 | 791de0a4aca354d403a26304d6a377430b1de6cb |
| SHA256 | 76f152ac5c15909172bcdb3ffe1722406e25de898e2baf11ec6feeefc773c3ef |
| SHA512 | 3a2998494bb1a41c4ad851b89e794c05af1bb93ae27aac806df751847e246f00b21d515100c1067b50875d800dc4d7a65b51804ed88a19f84b02c3fafba86871 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 35af5eda338e0d0410052ca7b43e5689 |
| SHA1 | c6a77a95f7d9c9383edae55cb5212a105048b2d0 |
| SHA256 | 721206a582a2a6559925913d236a5a8b6301c537facf990410bfec7650572ee5 |
| SHA512 | fa21c0d744566ccae30476fa73274c06056a922011f08411ce6290e741988085302b1abd572586beeec7231ab46687ed0bc87f314ebf36196013012216f44f14 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 4145992bc1fb5a0539915078ecdb2c44 |
| SHA1 | 9a3809b63e3e0472bd096733099fab78b6629503 |
| SHA256 | 63053924e25530d7bc3073e4ae2c1453e24b5f5caaafe75925b2fa592b34d083 |
| SHA512 | 36379776fc903ca9c7fbe3ead4d8dffee2c0b652a1dac866c2d1458e48659f9938ad2d2d34c8d78c6817e8a20e9f36711cb154d1e31c72024fddc52568b7818c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | ea988d386fa95650f96e3e400b844a4d |
| SHA1 | 9e8de3d05b65a5ade7819d6e464ee39e58c97799 |
| SHA256 | dbc331444d3f6df699d78d0692ddbdf8aab64ec31f24a0e303a4eedd3108b34f |
| SHA512 | 06effdb5929fb61ffec5092c39ed8f4ceb03c85aa4d2fac2861a80e2a1b005ddcafac0c2430a680f6358c568701daa8c853bd9929ef3dc0c84ef745ca4243f49 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | e62908bc6a5b4e60e4c4d6aacdc128cf |
| SHA1 | d3269429a1f3cf859e010eb8cf6f86449b54e189 |
| SHA256 | 764ed9094b4f357abf9a46b1f7b26b5c17aacb73ca466e01d0ed821cbf2b3ce7 |
| SHA512 | 573be758580593942a66113b18a3faca6d0768db3215a248edb1775475a913f48de485c5f5d6ffd20b96d31f58f05ad646cf3f398a072b8bf3bd61c5a00e5956 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 62736c1ef7f5224183dc83dc30f07387 |
| SHA1 | 011aeaabdd1d29305ef7242338bd74b745bc98da |
| SHA256 | 8bd1a1047014f7089e77c8565fc60ab4ec706c3eda48327d28840f759447a481 |
| SHA512 | 7ccebfd3da0b811e655691785e4d2fedfc8a184541dfe45be9c5073942f429c8cf2251084d3a91f3c9896f6ba2e7a8d9e5fca05a81ddbda235b049df768a170b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 9d59e02f044123d9d82629a1567c3de5 |
| SHA1 | 34c38dd647431395a17b7b9081f1f22cc9620e03 |
| SHA256 | 1babf19f4eb655abb30331b710d5ba258c3cc51d81b11fb666180f5b3846faf4 |
| SHA512 | 9f00e16f31be68070fd2e3f0137ee719485a623340936947283b1af7a8f41eaee721c66eef16b7c585934d9dcae435b3e2c5cb39030b73a53e59a5caa55c736c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7aa6f7f676260442ba444acfe44412ff |
| SHA1 | a9cfc71c9391e3e1024c4ab3704f39281cfca27a |
| SHA256 | f65ab5c580508267d37cf881973248a08718a3f9491cc926aea0850b28a77460 |
| SHA512 | 707bc71848de3d43017d343e3621de7826659525f643661a396c218eadcf595ccd083ba47194180c86a11948967e7654513cab5316b41fb6bfacdbeebc08e883 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-08-25 10:09
Reported
2024-08-25 10:11
Platform
win10v2004-20240802-en
Max time kernel
145s
Max time network
140s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\c081c15e27286657984ffec3f2cb12b5_JaffaCakes118.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9ada746f8,0x7ff9ada74708,0x7ff9ada74718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6204 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,12203783136541867374,2645988441915683464,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | sksawi.info | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| FR | 172.217.20.170:80 | ajax.googleapis.com | tcp |
| FR | 172.217.20.170:80 | ajax.googleapis.com | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| US | 8.8.8.8:53 | ads.lzjl.com | udp |
| US | 8.8.8.8:53 | adserving.cpxinteractive.com | udp |
| FR | 172.217.20.170:80 | ajax.googleapis.com | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| CA | 199.21.148.89:80 | ads.lzjl.com | tcp |
| US | 8.8.8.8:53 | adspaces.ero-advertising.com | udp |
| US | 8.8.8.8:53 | m1.webstats.motigo.com | udp |
| NL | 217.22.19.199:80 | adspaces.ero-advertising.com | tcp |
| NL | 217.22.19.199:80 | adspaces.ero-advertising.com | tcp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.177.53.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| US | 8.8.8.8:53 | 199.19.22.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | banners.getiton.com | udp |
| US | 8.8.8.8:53 | newt1.adultadworld.com | udp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| DE | 185.53.177.50:80 | sksawi.info | tcp |
| GB | 2.18.190.71:80 | newt1.adultadworld.com | tcp |
| US | 69.165.107.14:80 | banners.getiton.com | tcp |
| US | 69.165.107.14:80 | banners.getiton.com | tcp |
| US | 8.8.8.8:53 | secureimage.securedataimages.com | udp |
| US | 8.8.8.8:53 | getiton.com | udp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| FR | 192.229.233.220:443 | secureimage.securedataimages.com | tcp |
| US | 8.8.8.8:53 | 14.107.165.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2dc1a9f2f3f8c3cfe51bb29b078166c5 |
| SHA1 | eaf3c3dad3c8dc6f18dc3e055b415da78b704402 |
| SHA256 | dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa |
| SHA512 | 682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25 |
\??\pipe\LOCAL\crashpad_3848_HAJZSZBMNGKFTSSQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e4f80e7950cbd3bb11257d2000cb885e |
| SHA1 | 10ac643904d539042d8f7aa4a312b13ec2106035 |
| SHA256 | 1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124 |
| SHA512 | 2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 317fdb766711804c565f3e659529189a |
| SHA1 | 21f85c0b1afeb849b03c663bf9dd597312308d47 |
| SHA256 | 57b5a6a73b9030b5ac8386fec535aee8dbfbaa9513472ba364d59c8dedc3472c |
| SHA512 | 02dd1f685c58a51962650db71623e1403b54e65d7d60d976dffbf42650c29c9b1a58141e3fb4e347259ff9b89bb40db42d713d1f32d4294491c91de59e765492 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cde6af23824b89b5825ae210fc26904a |
| SHA1 | 43cac236f31d15371f1230db64989d3d2458ffaa |
| SHA256 | 6b3ad8321b4f188fee715665c0d380de5ef36c0e8a841d156e836c2c17bbd040 |
| SHA512 | 98a164c571788ae96757ff18a6c30b519bb0cc17ebe71b2bb3ac7637ce786cb9b54083eeefe88db6ad6b17078595f43b320be74144913ce449d5fa0817949227 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f31e6b959111915e82f826bfaefe8f2e |
| SHA1 | 400e9d9d8c4f27410ea6d74227bf9c78af0a1df4 |
| SHA256 | 5c39e8ba64ec581446797236a6f97e349b601623b5bd4d7e302ad0a9c51fd34f |
| SHA512 | 546842600b1c2f60bebdfe619c2b1dd5bd830a8968490fd98a1a6bd3646c5bf31bea87fd95c375690900e6ef0e4d69b01d5cc03111ffe6e0450a4d3a32ccbc5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 659c9abf2602f97362ec26a32ea87757 |
| SHA1 | 33b5c61dc77e23933f71ea3c4371490d6f402d00 |
| SHA256 | de377c11e6d3839b2c0010376f438986309a5eabe2610024a71d953883f76f44 |
| SHA512 | 5619ab38fb37373d6657d091b750daadf1b02feb4c69ea9b1247346458f43f19b03c2c705e96a1493f5e8c62f63c422529d6b10952ce4c7e2e55acad932954d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7482bae1ac51794fc06a16f80da3a87d |
| SHA1 | fae449f2fddf3c47576a59f3d6f57d9cd26593e0 |
| SHA256 | 013561dfc3c8a67fa2a1da8de6ea8fbb153b766b49cbd331b6346ad897aa83e5 |
| SHA512 | 95ff6d5ac03b3304f70a66b45af01d64122e37be1c74fee3af816e390f978a12eb74d990b38d6af49801347fa0fffa85789ccef75f18f3217819a5ba727d7384 |