Malware Analysis Report

2024-10-19 11:14

Sample ID 240830-sk3zfs1fpn
Target https://www.roblox.ht/users/410586352353/profile
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://www.roblox.ht/users/410586352353/profile was found to be: Known bad.

Malicious Activity Summary

discovery

Browser Information Discovery

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-30 15:11

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-30 15:11

Reported

2024-08-30 15:14

Platform

win11-20240802-en

Max time kernel

123s

Max time network

125s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.ht/users/410586352353/profile

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1864 wrote to memory of 4504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 4504 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 2836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 1656 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 1656 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1864 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.ht/users/410586352353/profile

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa1cd23cb8,0x7ffa1cd23cc8,0x7ffa1cd23cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3596 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,10110980800733091136,79741171679212520,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4816 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.roblox.ht udp
US 154.216.20.205:443 www.roblox.ht tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 app.injuries.lu udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 108.138.217.62:443 static.rbxcdn.com tcp
GB 108.138.217.62:443 static.rbxcdn.com tcp
US 172.67.155.42:443 app.injuries.lu tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
GB 18.245.253.89:443 js.rbxcdn.com tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
GB 2.22.144.104:443 css.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.22.144.84:443 t3.rbxcdn.com tcp
GB 2.22.144.71:443 images.rbxcdn.com tcp
GB 2.22.144.71:443 images.rbxcdn.com tcp
GB 2.22.144.71:443 images.rbxcdn.com tcp
GB 2.22.144.71:443 images.rbxcdn.com tcp
GB 2.22.144.71:443 images.rbxcdn.com tcp
NL 128.116.21.8:443 lms.roblox.com tcp
US 172.67.155.42:443 app.injuries.lu tcp
US 172.67.155.42:443 app.injuries.lu tcp
US 172.67.155.42:443 app.injuries.lu tcp
US 172.67.155.42:443 app.injuries.lu tcp
US 172.67.155.42:443 app.injuries.lu tcp
US 172.67.155.42:443 app.injuries.lu tcp
NL 128.116.21.4:443 accountsettings.roblox.com tcp
N/A 224.0.0.251:5353 udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5578283903c07cc737a43625e2cbb093
SHA1 f438ad2bef7125e928fcde43082a20457f5df159
SHA256 7268c7d8375d50096fd5f773a0685ac724c6c2aece7dc273c7eb96b28e2935b2
SHA512 3b29531c0bcc70bfc0b1af147fe64ce0a7c4d3cbadd2dbc58d8937a8291daae320206deb0eb2046c3ffad27e01af5aceca4708539389da102bff4680afaa1601

\??\pipe\LOCAL\crashpad_1864_UAPFEFADPVWWAZVD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0487ced0fdfd8d7a8e717211fcd7d709
SHA1 598605311b8ef24b0a2ba2ccfedeecabe7fec901
SHA256 76693c580fd4aadce2419a1b80795bb4ff78d70c1fd4330e777e04159023f571
SHA512 16e1c6e9373b6d5155310f64bb71979601852f18ee3081385c17ffb943ab078ce27cd665fb8d6f3bcc6b98c8325b33403571449fad044e22aa50a3bf52366993

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 057b496f709cf33a2c52c1cef1f87c34
SHA1 7fc9cdc3a2b3f6252a4fd41fd954b82d0f4b8d81
SHA256 affaae135b6c2f5b48b15ad3f96c2bf20f791fd86f685086984719b62c4b665d
SHA512 3ebff38b291a6789747b0834b1d342e8dad2af64acf6f2da36f61517e5cebe5ac0a2dd15b6aaff94ece862edf2b61d806420a53bec50bbda3eb9638281bda4b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 b691f2165945ade7d5482e597088a9c0
SHA1 938b244a03298efd3d8bfdcef7394641bbd99273
SHA256 3fe8855c77285a1e6341c9d16795c90626b423456a3301e6bdee3d33cbdcfac1
SHA512 4b4cace367d45a00bd597acbbec54606a3317ca45193271bf4237e04afba3aba5b63e932a865260d5d925e8f2721693aa727d64cbfa92e508acfd0fdd84ead92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 5603b360361ccee22e80139155302574
SHA1 0834d5ef163e14699ae495fdf654e9a6803c60e3
SHA256 628c66400b1ccddb5db7006fb7077565411ff4f0ea65edc45a422e8680a261cb
SHA512 4c69cb561c0d31394be447c34fc4b8387d20833b9812898d00a538e1a44607aadd2d0a9c02b59fb0a1f081a758d710dad2efabc9e0ca6b67244e1cbf3e451003

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 fdf09c3c067041ffdefcc9e1bdea9718
SHA1 e31cf28187466b23af697eedc92c542589b6c148
SHA256 144754d90b3eaad27d8a11c86faadb24da4ddc251bead8e43b9ed515fafb84da
SHA512 9e32b294cfc17fd52fbdd62732571f4ee57dc0308d62af476331887d0e2446b483ceac06ba4617cfbb1c347d771c0f7ea12108bc384e93f69b180c7ca1a92268

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 46dbd0bb0bd8510e00a953bb7521e774
SHA1 aa907dfc02e858609025e2a3462b8d32bc6516a3
SHA256 80f87805797015c03590116fc920f36fb1d5019f7646c390110863afe08e9c39
SHA512 7c31c764a6e00ec4670773beaa1107e9866b856ae11d5b9c4b550e6237470d17068ad6287e2b63c8ba2c1bb15af0994a1d8de7c1378396c87b2c99a1d096b689

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 4974f431af99a6b0fef1dbf0fa4dbd91
SHA1 00731761845dbdeda815f5f9bb6a94b06e820a8d
SHA256 7d11a64ce5bf8a535ab3d1c14651c639ae161993e58608c25553159798290890
SHA512 1f71acb62694920a707aec629807e3cb05a995971ea0383ebe5a1467387dc2dee6fc1153e67c69c9a933fb4055f97bc85f82109bfdf108a7dafb87c439bc6348

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 72cfa7a13e43fd21aa3e0c36ea24ea03
SHA1 754ce23bc8f210a23f5ba2674eed91a9ba71dbbe
SHA256 f47d46aed169840fcffafd3dad4c77b7d386023c01fcc14708af9b05bd52dd27
SHA512 99f3720d4022e434773836e4d0733b719360556882c210459fd6717b49b504a4bf7e455e75a1029775405378c9e81fdcc9f08b3eb4886bd19d5c5bda21fd8855

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 455d055d3d0c351f6f589187e9eaa8fa
SHA1 b26d5c999c1a8c98a824c78c4959c1f3cdc2808d
SHA256 96a175bad2f946ec5c7607102dc403f7f86ee9544847f6270b73d821f988bc6a
SHA512 92185fb971c90fe3db7cdf1b2e343deec38d0dc97f5a136de5110e43889ba52d311967a36d2a1d31c1a0045f912a48175b6b2b64e16b3899edd8b8b6fadd8479

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 c5bc9edcb2cddf8ce4b9ba5867a407ae
SHA1 fcfe2cf3e4a15a21466624e743ca836150c4bc86
SHA256 b97848ff8ccb92a7bbb008e6c641dbf0b9d2bbe94c2056a6cd4942748d6eb75d
SHA512 891f88d0ade72f3ef26199f4259f09808730abd91b73969d4f87a29a5df93684863c48885e341232743e5d7860c641cc07ac8ffefb3e5f1cc17610cda97b5efb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 2a5211f13633e621e4e96e3bb4aeb2d7
SHA1 aaec211b9b1aa4340aaea0cf52494e37725e8d89
SHA256 a5b539d625f24613d5224001de32014ed9d77f96f7de7b97a2cf24100d9971b9
SHA512 cd1e9f4c8274ee50757496c160982d345c51477ce1e8140eca44c7af3d36b516a660a28c41651c5321d5213d2c9ed938dcf00a13f4e8d319ba5e47a65d5722e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 ec79a2dd5421f89fdd16597ee997f82e
SHA1 01b9a3551cbbbd0d13fa09b69f9abea5e6896d37
SHA256 89870e9c63b4aa9ae87ba8b89ffe36d1d4ee0a5dc64d87c771cc541333b311b9
SHA512 31b2dedd1a8eb8f0c3de7760f3bd2a531df9e3e3bc20922c47a43fffca767f4c64b2159cab1b20d9976a0f226df63b2a533589c1629b3b90ac70e378ff68eddd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 a9d083052ad8d0ba97af118f209180bc
SHA1 77901b98afa46f425a803139b364b3dc4c6ebc34
SHA256 d29139223025de061ad4a5e9878fb13d2b89a3860b3a4a6e84dd33dcaccec9de
SHA512 42fd500324f58ba7aeae5e76d44b8652d48136ccdc1e13c31906dacbf789b1ea32d7d3e10ce2f489284da6a5f35a67a6d176786183e5c0102e38361990a2a37f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 25aac7bb72292b2d04b05542c17bbd87
SHA1 49a08f5dbc6d081f5f1e83c69c8c60cb7e7810df
SHA256 715699c77fe77d0142a8104bb2e55b536c79f22d5b1a988895dbd56bd1812e6c
SHA512 b68198ed00c8df57af87b84a31d80193c18ec390e2ccb7866fe4459975ec7e256e0b8e2cdf4cd456cf3ebc8a9c3f623dda46333646bd887c697d9fe3bb5e5981

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

MD5 f07fa935b8a27e46664564c44de37df8
SHA1 1a89260a83c2fee1793f5bdd0580b2e53e3e4d01
SHA256 0e938ab6926bc4e49a19651373acda30cbbd5cd2aac3701b5d7152f13fba54ac
SHA512 c0bbf649278d567224d13e66efdc95806aca442dacb1debb8c6d9b2d98439ecdadb341d83b2c7c6ffb5b2601522d79ae3c374a605742d9ef24c8b5ad9fee56ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 80e7fb2030815373395ba26c9ba7f95f
SHA1 0f44c6af7d3ee3304cc5785291dfd55445f271df
SHA256 166c8b865fadfd13e26d221f5c17f50cd7d3c2b7059b021f344279ea27dab382
SHA512 3b223ffafb5d8bb173b361a707ea265fdf869360ffe845d2a8531d0992546fdc339a6f522f60373313a17ba1932a96f2a6b77260313fa3f5f1a203aff390b609

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 1354b344cba6c38f9408ffd6cdb50c29
SHA1 5f4016073f9917c26d002c3555cdb47905deb3e4
SHA256 f66714369f9b86c5d35bcc706fa65bf8cde75d20567cb8843ba3e7260fee7fda
SHA512 caaa479e814e344b8900b82c95e42f16840aad1c853e6bfe71040c67a0e88722c75869512b9372ee2c2a9a3dba41328f6883d1c04cee72be8c10ef84fe0b8dbd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 267d4d0823e4da7915bc880b8f654ea7
SHA1 231e3d8cfe53a1b1c5b687f600ce6685c2551ff0
SHA256 c6ca00f61af2125b2e7254af80b1c767d1e90f5c3daf4f3219350ab2a17e2dc9
SHA512 8f44c535ef2f1fbc701d38057383c47bb5778967c61db0295c7c37fbdcfd51f8532e8c7fe6a1235ac2f72226f0635bb3fdb1d029ffdd7a0a70a41830085d06ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 8c9e60b7fe4ac9d5588c844f25897986
SHA1 75ea91265a8623ddbd6731107840b1d16dff6381
SHA256 09d53112f429f17404ef8b9caf2c2ef6059ef166b9fa999a9e8adb58a1489ca7
SHA512 e8e519f45ebd0da36722c9f04e22071b30dd51e06c7eb962767566bcae660412c3db8f83aae983dbd89981d5d4658f62a9daaeb7ac94ce25f031edfff266c860

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

MD5 cc7ad65e0558327d8fbe8ade40ab94e8
SHA1 6c153e9bf971f196db25cb2cb3b62f77f0a1299a
SHA256 956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30
SHA512 0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 e1f6e032096b2924e561c3928b9dc73d
SHA1 f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad
SHA256 fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8
SHA512 b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 5be09c7c686dbba1984fc1a2bacb772c
SHA1 b0626f753ce1f18bd01b5c29d86af92a7152e07f
SHA256 c85491a931fe791cd1b23d54b42bd7abec503842ed5cb76420ab365c4ff45b4a
SHA512 2fb59449fa9a0334e85c0342352037a60378e484ad0e0cc417b9559fa8ef7ac81c972a50dff01d177db0875bf244b3ba90bda0565e269be8e745aa7470e223b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5aa85f4aadfc9bf8839584a9b1558179
SHA1 733efd26384a703a5c2819be97a443a96a0e78d4
SHA256 c3fec58abcdf522311690002abb1b51f0897e53474ca621395328644cc3dc695
SHA512 bb6c435977da5c9a42d38a08efe6f3e2d0fd4967a7883733c468e9549c62c318b6dbb8b50c0da27d14f375cfe53f2f30fbc8f97664fe33132f05f83ee1441f01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 218a97447eeed4979c8c835f446907d8
SHA1 5d8601c827a3bf5397cc7ca2866873a41d2847b3
SHA256 43bdfb38100731839c28f5dc32ef773ad310d9e8af110d383a3484f83c3680af
SHA512 88e9c9b640eec40c573d2e7fc6f43dd3c678329dc8e39a820a4f557739099ceb227cd46bed1ebe5f95785601c99d287899b662f5ee46e6275b78d8d32998ff9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d7aa44029ad53c5333a3724f897286e1
SHA1 bb3fb8a1c55ea4343ab636de41bce4e103a75923
SHA256 572bb9c3b9a31be13487c505ede754105f3677e33bf91fbe496bc11d30e3aaec
SHA512 a169a22400d2b7e34c4b6f458de6a4788472ee790128063140c507387668a613e838e2952d3407a19d44917aa43b961b20f8f429f4b334f10992f4636b263f5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5811ce.TMP

MD5 9d873c9f2de760568934d26e5b915f3e
SHA1 9f936fc097c1dcbacc77a3b47c240ed5d8bee154
SHA256 fbf36582d57a361db2cc68a7f53938d64a644de8e3770a097b2d5fe727432bb8
SHA512 c2566536fbe9b85fe647b9c6a249055958135cd5f6c56de46897cba403cb16cd286c6c55902ad8861848dd000c84114e10b816579d7ed8ee013cb4f60606cd46

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c9efd9a8025bdb037a4059f700fb0202
SHA1 eddf9fda8a53338a5a22cffb575d5cbfdf3b126c
SHA256 24119871943b09a98eb86ed96b05da3c8f0d720cbaece2da30bf1057eb9fcc0e
SHA512 d4c204455f44f5f01f12c2045283df16ac9ed601962d12646881bd0c03a2993ab8cf970d747947bf19f8b5bbe044831bff65ad493092715a69c898ef9aea1a2d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 04480fae82a58d0eb7cf5547499819f2
SHA1 a7efa55887a415274d4148ea27b961ffedf614a4
SHA256 488a04ab1c8a0fa7a66a0ab4ebdf967f0360676f73575acacd0b7616d8398844
SHA512 7d5374bb46414070099fbcac8c0facbb6735c6a58937931325cc6fd74f7e83cfbe6dda824f9248f15b7702c5876497ce9be6a9c626f61f18b0ca76f8a74c611c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 7f67a642b90bbfd9404ead27d50f1d0c
SHA1 e2edec49c33e4f458b250e82b13276e3bc6be07d
SHA256 cb44fee88cbd82aeaa2d4448840dd5852f82123cadd377fb33ac79837402f0ac
SHA512 dad2198b0955dfe172d96509221ee599beb6269343b96b18f3b98a29578bd7a866a725878793d784516c75e4c76c447cceea9bfb58c9704b3ba8ecc284556826

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 d96b6a74c9ceff02ae9cc41bfa91c77a
SHA1 99c666491cd95939d2b65bdab76fac42e5ea3c38
SHA256 3f545bdf886ada31f172f4a4a9dfb81d6a8268b77061f6cb8ba791f32301540e
SHA512 f0e1eb4063c707da65b23bcc362877b936e3a633e6fba30dd2271ed9418af408492074f25ea47826fa8199aecbd2089375722ae7ef2661776fcf6ce2b2544395

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 2fdf7c874a5008a3483635d218006b98
SHA1 8c5455ac1ea36c61e2e2e327c1a6b72670a6ced2
SHA256 6cae0efbdc3181949b4724f434be38af26143df49520f2249956e3131456d973
SHA512 54151d8fba45c44ea7a6383b46e5fc81ec28081788646344e6a9c72866a1d8d20d905c50809879ec2c0925b497624fa2f892f04b794082995a688da97bee5c79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

MD5 d7830bf136da34b26ff997e130914b3e
SHA1 ac15cf91c30c39b67ef94308e01114444de38a9f
SHA256 6cf72a73a65c6d4081368ab17846d7b1a69c5aba28a107898e73e1004d8fe288
SHA512 cf393013a74a36713c03b29a4303745fbf4f8afa8f7d997377fdf110507a510895371aa54ce8e805ded5e17989824fde76ee664c5226339d868006e8e0271342

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 7c95a2b342bd0de2be624a1b34d311fc
SHA1 7e777179ece49380a78f6bc5f4d1c74cc0f93172
SHA256 e7e068f33b71dc6eda2c1c373531c0add2bae4a6dea3108706a8265a948a1f64
SHA512 25b95a2b2eb757429e84abe6d62645cca4c51614cd1ce251826645af65a711c9595d3037d18c362eec812c64938d45b4fad94841841c8101ad47a4ca7eb07d9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

MD5 23e75d258655e31f1e810bc6c5cd955d
SHA1 fe77ef6a0e20f1954aea7a9979c6a485b0ce9a47
SHA256 bc6216b65dae5961df0ae80554be05185d7924c4571a1ae1f0e9fabcbc729a41
SHA512 de7087031b956cac94ad37a8969ce12aa108c46909cf504ba1001b22ca9c63d230a25f384f13678d26dd8dfa4242e903b2f1946f597ec5638d604d18ff43b333

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 df53f08fc71d477539a6bf155e3c9bba
SHA1 75b9b2d6b43209130507bbe9bcff22397038624b
SHA256 c894bf7e0b98f6b4ca4e65a7386bff9c28d8112cc60fd98c78674a0fd9b46d41
SHA512 dff124e105d6c20c352f8397108507f16c71eb5688ff2292efed0aa0173473d3bb452701497bb762bd7f6743c82ab017e00d94c32ebb3432588821d9e6f4da1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

MD5 a62d17c217260f14a60e9e30070e3aed
SHA1 b61f0549e44b9a655c828da2e050853bf9a06cda
SHA256 be258f23663e88827b794c49d5d68e77045b3082e0967096b337ec952d4581c2
SHA512 64cbad8c44d88861058f9ed99830170971a14d5522af7f29b988d7b0eca8a7af94caefc334987b85f0b8537a032e29f9f5aa278c404e6de3b7614363bfcedd9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 c8843f8a1951df938b089b48aad53199
SHA1 eb666e54f14fdd91d06b5b54a52542e48b174155
SHA256 89c7667c4f61340c53159850b0647c5e6ca71160ce9f5e55594a3d48009e1450
SHA512 201c12c9f949df89f6ddafbeb35541316153949d1aaffa71df608273d9e00d31ab7f3eb3fde7d0810b51f8a0c5abfd2b20906c1d99dac8a0e43faa29ff6894c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 ff64dadcc711337c541d84294575a04f
SHA1 56596c3597a1084811339930b61b6b03f55d9276
SHA256 6c8762e1acb16b6851c163f5e6d7a8454ca73ab0006efb1e80ba46941b0cbf70
SHA512 2262c82ede1f8754e6c97b84d671f526c9f953c518f098a8e763e6edd6468ef61d21c93bbba7e97548254b1fb261730bf04973567380a10cb5380a21db32e7df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 657db0534f6ff3be8e9d5f3dfc1d30fa
SHA1 601f35a64cb376745908cd5cb4c2075028dfd89e
SHA256 9cd9cceb447530854caeda252679eb21d4c43646989e9dc9aae06b3a7de2bbf7
SHA512 87e90090fdab94fa08bdcab0271e0930cb98539d39e0457b82a193dd219fa006e4a38341502c66ac850fddf885202b05a57652932481c82b0a20e4e194f24084

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 c37a5314ba360c995451518527cf293c
SHA1 22d1c9ce7d909b3ff70f6ec0c8bcbf999015ba11
SHA256 65beb8051538d1938ec9af6e82affd097e681aca80afcc3893fc7d1081fa23b3
SHA512 51c80c33f1b1756ea187827ef20cc4ba1917a7727759adcb23daff5585ba5e2fce7d98162ce0659ff50fa556e8b0c8d58ad7143e93f74808d6c287b25b2ed3e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

MD5 1150ee4c372d2063ca7b77a96eb484d5
SHA1 26f0c510c5a8058a6b077b4fa6721cb51110c5d9
SHA256 fa7cc0de881228e07cd4ad3ec6fe4c373fa5c0288b17233e0161b76587434727
SHA512 1df2fe3416c783f223137bc856899476737a9a2189d13c8cfacc456f920ea0be0d62ecd70a5038f6cdfd404ab293f69ee2f8419c93ee27a7e053ff0326d44220

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 d7d66ed67c0b26b02f873a76509b52eb
SHA1 6646997a26045ee32eddb10d9e2dfc0195797250
SHA256 13f8d05904ca3f0d324dd149fb40567f52252e67d96fdabc1939c86f06cf4315
SHA512 8c216e8999c58004798fd2c5f0aff77bb680adc890e1a1792a9e48c93a4fde3398ca9131c9c9bc6f8e922d334498c404f5105f982e6441073d28f3d8ca9a9de3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 a414007880bd4971e8d87a141e05af39
SHA1 115881c13eeb6c745090f57f01271707ff70298e
SHA256 3647876a727bb23926b530be246c8bfd32b6b8a12517247f0de02be221e25fce
SHA512 755fe0cad9415e0da7c6074cab0c3453b779cfd0f04b9b0f5a71d1b8ab12af7fd7476c95171e2060fce2517a6e25e83ecffca403fd305b0932f662eb77daec43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 417649c98abb82db6e657fc79a1e0fdb
SHA1 ed95a6b05e3f507705c2aeeb3e6cef3c3796c6de
SHA256 d4a522187acd6c4c18037a5b90033cb59c5d4da1b2c5132a4b93821bd5cde559
SHA512 ac42bb7717b5f42b18f89e0b5fa420cc77e95809a49c9d22bee50b1242cc6466ce604fa8be022558b378e2ff9eab610772ed470b560d3cf1cb4f3ca688e79f6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 a115526c69b4eba0d79658c1bd0ae60c
SHA1 d0bda25ba2f371b2c417b90a983ff1664e65c262
SHA256 ceaf529cda8c1aac785983df0cbfb362c650ada5953996fc6b59de267d0cfe04
SHA512 d3bb9feb88cda064ad8f09a499df632d5b02d0732668c950d0d026192ce159773411c9db2a0cd1f4e974136c64a008042be4adbb67f3cfe46850ce7948c76edf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 990dca01f54a2e8db882d6c89211dccc
SHA1 1b218efed798b00b418a997fbb683755476276fc
SHA256 6b32a9f4d9e36cc7673e0329873a2df9e17877f25bdbe830a1c1e2a5d7671b41
SHA512 230a8cb2611f0d12976257c1c08209ba51a6a2cae0f894463ab8f6edf484c4537db708417dce75e0dbe2f80addcfdd8f8e8af64409f576e755ed9b61d76fbd50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 9662309d1dd82ac90350fb0b60054026
SHA1 97beb59ea4b7f40ea845f314ad2b3ebc32a71ab8
SHA256 4132abd5d3026d1df17a96eec27f40c1104afbc5cadb66e0158105693885e9c5
SHA512 aae98eb679e505a221066bb9766308d43575c650a29dd6db1b187eb8a9ea5cf9913d6898daabc560b976777de9cd16540676b4e7620c4e2477e675f3b8fddc9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 170f4209de62a473414e2eaf1668f333
SHA1 76adf80de1ba7673bba14dcbf7e546a1e55bb354
SHA256 c79e0fcf1574495847bb6b903e61989343d0c7a6c8559d24cd30b287b933b474
SHA512 e97963d3c914b9d3f20c72f6c0c3e14c68d682d294c24105ad41b931f743be48294440656acfb95ffb3e2cc907c10ec2860915e17ae9b92e3e0bcd91117189c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

MD5 c7ff729b8ca01937c8551313cefa99d4
SHA1 8ddd4b7cea3482adfe4bc6bf679359d7ba96d0ab
SHA256 ffff9b9fbd88746c33d21945d3589f348af33516a406ac907c2cf6bbc9f1d540
SHA512 bc5caca167c36cdcd978571000156f1f87eb392c478680b77b215149c0568d4cf2423949cced4fac98789a29fd1bf3a21fc477aea1650f710145a25e17eae2cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f9eb791abb79fa0a8aa2b3f0b27504b1
SHA1 4c77c0374ecfe79ac7c1c6fed16718b2001589b5
SHA256 621087176b05e4a196294014d1f020c796ef5f246842be61765652f42c85b44f
SHA512 4dfcca67e38ae87b2e3fcd4dc8872dff016f38cc30da35ca81186b565a4843e099f8869fd68a9c52ea1eb788bfc5cc05e52c5c900409e87eb58accb72f73a379

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f524b31bfd963d445e3ac28b5df9e75c
SHA1 21e3edb1601658fa1d398d0a9d5fefe4ca59059b
SHA256 b252ca6b73a15d487a0b694efa841cf2e598f640012cc742c1da621f86769f8c
SHA512 42392507a44ca3226c5cdfc8a0fe7171acfcbd05d8522c07cff0b8e6c3a1e2be13d146350aacf166484d3b9b3b681f18325af97e1072016c9cc4cf7fca28d040

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4868a3ae51136e657034efd0a7d8173f
SHA1 c37abeb47519e24a52af050d8e69a7a43b0d825c
SHA256 adbbed7cd5363af40776186d09eea826d57facafcb721dfd1e740466f178f89e
SHA512 4bedde19cab716fd49447da784c8e60e8e8e8193e13e2731aff94b0c70bdfaef609e689be75b640992c7e34d46440e1e8b24b3ab72f36e0d95c36933ccddf4ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c3a486dac2384832936191760b1ac1ea
SHA1 fdc0230452c0e9f2c483e1a869cc93a7dd81778c
SHA256 b401f8757a11c6bd587cdbc3099ea6b10c417e7defdf44f78861ae7e6626cba8
SHA512 e83a9af9367fb9acb08f7ab3e528909d862aa7631e0b9351ba4aeb8f8a95b570e2f1d04cd37e98c8beeaf8c033174118e85570287f0861c98b4d9282b228d999

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fd3faca30b29a2e503a00447fb1e4509
SHA1 cb69278423defcf3d5c6e18a0eb585eb896da58b
SHA256 8051e86635aa6cd986200a0d005bb35d4c4cbf0f5c1f7f7b533981bebf6ec608
SHA512 ab45416f7d08bc8f58bf18ab229dcbfb56f28f062630713c482d1ce9c35e96a70c9d7f284d5df07578404fdd94bfd74f3d513a7b0b2ff76693701c6f067a08a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6e1b348b07bb3f179ecd749994289b2b
SHA1 e2b46730712681f5f1f20d415f6d047861c7b716
SHA256 73efece0322ddc406003053d61cac3d936cc4aac5869be2ae3fc2689649506c6
SHA512 2c40c0419cd8666b908bf9da309c84277eceb8cf084310412388f359811b687c1697c6798645e452a0fff1abcd239715f73d179ccbd5e2cd0a0c5716b8e5f949

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3078de943d0ce7a0d20559aa82af01a0
SHA1 7a126871efe638085d78d9e033434f73dfb43564
SHA256 5f91e6e22a55d889f1fae0ba4e6b3ddaeeda7767d084cc5da7b5fd04dc42a986
SHA512 5b9f883180801113865566224aa6839fd7b617859c4022d90e2ded3da9c986b3ce6eca41bba12a8f13d7187811142233dd4fa444def26c3c02e24cae63f13cd7