Analysis Overview
Threat Level: Likely benign
The file http://youareaidiot.org was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-05 22:08
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-05 22:08
Reported
2024-10-05 22:15
Platform
win11-20240802-en
Max time kernel
385s
Max time network
379s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-242286936-336880687-2152680090-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit (1).zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit\Funkin.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://youareaidiot.org
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff835d83cb8,0x7ff835d83cc8,0x7ff835d83cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=7308 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1900,9364270425615918653,4065037114033168611,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6584 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit\Funkin.exe
"C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit\Funkin.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004C8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | youareaidiot.org | udp |
| US | 103.224.212.242:80 | youareaidiot.org | tcp |
| US | 103.224.212.242:80 | youareaidiot.org | tcp |
| US | 103.224.212.242:80 | youareaidiot.org | tcp |
| US | 103.224.212.242:80 | youareaidiot.org | tcp |
| US | 103.224.212.242:80 | youareaidiot.org | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.128.169:443 | th.bing.com | tcp |
| GB | 92.123.128.186:443 | www.bing.com | tcp |
| GB | 92.123.128.186:443 | www.bing.com | tcp |
| GB | 92.123.128.172:443 | th.bing.com | tcp |
| GB | 92.123.128.172:443 | th.bing.com | tcp |
| NL | 40.126.32.134:443 | login.microsoftonline.com | tcp |
| GB | 92.123.128.172:443 | th.bing.com | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 2.19.117.28:443 | img.itch.zone | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| US | 45.79.115.66:443 | itch.io | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 172.217.169.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.102:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.201.58.216.in-addr.arpa | udp |
| GB | 216.58.212.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 45.79.115.66:443 | muffin-ninja99.itch.io | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 45.79.115.66:443 | muffin-ninja99.itch.io | tcp |
| US | 45.79.115.66:443 | muffin-ninja99.itch.io | tcp |
| GB | 2.19.117.27:443 | html-classic.itch.zone | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| CA | 51.79.77.157:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.77.157:443 | uimg.ngfiles.com | tcp |
| CA | 51.79.82.168:443 | uimg.ngfiles.com | tcp |
| GB | 92.123.128.172:443 | th.bing.com | tcp |
| US | 45.79.115.66:443 | muffin-ninja99.itch.io | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| CZ | 65.9.95.127:443 | js.stripe.com | tcp |
| US | 45.79.115.66:443 | muffin-ninja99.itch.io | tcp |
| US | 151.101.192.176:443 | js.stripe.com | tcp |
| US | 44.238.232.213:443 | m.stripe.com | tcp |
| US | 162.159.140.238:443 | itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.204.65:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ea667b2dedf919487c556b97119cf88a |
| SHA1 | 0ee7b1da90be47cc31406f4dba755fd083a29762 |
| SHA256 | 9e7e47ebf490ba409eab3be0314fa695bf28f4764f4875c7568a54337f2df70f |
| SHA512 | 832391afcac34fc6c949dee8120f2a5f83ca68c159ff707751d844b085c7496930f0c8fd8313fd8f10a5f5725138be651953934aa79b087ba3c6dd22eaa49c72 |
\??\pipe\LOCAL\crashpad_2272_AQLYTSSRJAGHDRMZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2ee16858e751901224340cabb25e5704 |
| SHA1 | 24e0d2d301f282fb8e492e9df0b36603b28477b2 |
| SHA256 | e9784fcff01f83f4925f23e3a24bce63314ea503c2091f7309c014895fead33c |
| SHA512 | bd9994c2fb4bf097ce7ffea412a2bed97e3af386108ab6aab0df9472a92d4bd94489bb9c36750a92f9818fa3ea6d1756497f5364611e6ebd36de4cd14e9a0fba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\4f8644d9-5bfb-4a03-8405-a5e9c079668a.tmp
| MD5 | ab3b8abff67bdf8cc7a0d34589cd7c39 |
| SHA1 | 4af11452ad8fce29dab6ddaddefc8627e1775dea |
| SHA256 | ac2585d719b7f59ccf6774b96d7d177c769c55c73e661b068f1fa4cb62ffacbb |
| SHA512 | 37215d09d6ea81756596cef9c656eda32915f777ff9af1fa060f04ca16007c05533ae1a52ea1954efcc997d4951eed2a72ee4dfb4f35eaa38532ab25496a0b56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 72077f7e61e3f74a85615b1f27d416b6 |
| SHA1 | dd002a6858f8f9e70793c5b4ffa8a23724253113 |
| SHA256 | e650495aceb4cf7a1f09988d1f1cc80cd7a93be1ef5d8834595f938960045a21 |
| SHA512 | 75eb90d9488209d28566bbefdbef71cf400f4896b1a251ac8f86ad7be6688309999bd9b7c7e390d369784f347536d09a6f973063d616281dc974afc90740f016 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b4519112e3d72a8b9af7da6c169e185d |
| SHA1 | ca163eb1b9fb8bfcbb8166530506df64d7ebbc85 |
| SHA256 | b2b911157210390a50cec3bdbdfc353b3a1c229516af8e2e3dc4272634453efb |
| SHA512 | 35882b90c5f79729d94cb2691a86ff30e580b57ef858c3afdb1255f70e5993033fe0870ddb0e2f49f24d0bb6c67019f30e2a4f6ba2ff210d3257fb7129360390 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cbdcfb34fd1a40bf4830adb8c1f8939e |
| SHA1 | b519fd0a130caeaffe77797cf0baa52fcd489de4 |
| SHA256 | 2ffa38e6d7b355356ac86ed9bf4434d18666b29c7c8b9956e12de5069d0e390f |
| SHA512 | 49fecd68fa3e58f941d3457ff6bdd48f7e854b1217d07857a130385c4471331a606ed2d148b0ae4e9395e4f6e9108f84a9b2f60b9b3279bdb2b871879ec932de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b670222cecd00dc07576724b93582e8 |
| SHA1 | 0b439350f3b386d8608eccd9fb76857fbc3f3a58 |
| SHA256 | e441732940baccf007b0da3e443042452de60a776fd21e22aa91b7babfc42018 |
| SHA512 | b845049a380451dc4861c687a8a4dc5250d90478171ea00e6b0599aef0258be8e4a44956ce551328a182d75d4ea1b914434afb5f2ea4029bfd0cc1623262ab67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 929b1f88aa0b766609e4ca5b9770dc24 |
| SHA1 | c1f16f77e4f4aecc80dadd25ea15ed10936cc901 |
| SHA256 | 965eaf004d31e79f7849b404d0b8827323f9fe75b05fe73b1226ccc4deea4074 |
| SHA512 | fe8d6b94d537ee9cae30de946886bf7893d3755c37dd1662baf1f61e04f47fa66e070210c990c4a956bde70380b7ce11c05ad39f9cbd3ea55b129bb1f573fa07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8d2292dd8823fda3d23b517076869963 |
| SHA1 | dfc81e15563e5144fb99426e2a93b9159234a822 |
| SHA256 | 41fd6b1b490618d4ef6a69f118a8bd182122f0d4a8d0f39764628c7f17c3a10a |
| SHA512 | e592a1cb0aee40b71f70b65a57865626cd3a63989833c2f96c6e6b3c9c95bfb11f8e8d1a56236a76be8465c03c1a1a439d0377b2a3e2b35122a8994a84a77f4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5857ef.TMP
| MD5 | 906489e923f3b2c21decec48d688acb7 |
| SHA1 | e63c6f7a55ffb08f558279c221105fd7b358656e |
| SHA256 | 613141d2bb25dd4b960363eb5d565f9aaa0b384c0fe6597f1ac42b81960fb6f6 |
| SHA512 | b26b1ec7ac04f5d2c045caf2543a86ed5e313130aa19c962733e2fdc859f09a48af6a8584277bf61cdde660ed561a48c133dcde15e893f7799573b007dd82655 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6da699b88653b0a387aa40c3121a8d18 |
| SHA1 | 470cb1cc49c3d9e8e2611832762a4f97fdcd1004 |
| SHA256 | edbe94a1dbe8464e4ba6d6ae43f4a8caee8695270e12493d9b5de1725bc611c5 |
| SHA512 | 5de6ad643f0b5610eee9243dae61bfa724715695b1a600d06c61e1bfb797935f582775444f573deb09c960b6dbb11a574af1e94ffda24199721122f6bd105485 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cfa7e7ee06758d06769d9c5bb307342e |
| SHA1 | b472bee1d8deaf7b38245ba49835225e62e9d915 |
| SHA256 | b101613d2ba07ab09c2258472954eac805bcaed7c930bdb81f559f0b5a9ecb5d |
| SHA512 | bae4468e409f91b77b68e8211afe6079fc044ed76f998a3c51f13f64d73366c099a3703fc682b936f85ebd4f29a0b2425292046a9934cbd21b7b16432829950e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 790c81db9bf945fc2a3a3912c2a5b6ae |
| SHA1 | bcaeed70f5e969e369dd2303df53da089a81bb8b |
| SHA256 | 5dd15e15b2c3f3537c06e593e5700225dd28f13678e9649866c7d3c477efaba4 |
| SHA512 | 7693db525ca06118bc1907e9962ba691f1973bf5639986cb303c03894440dfb9252a2e9633d5bfff58905f8b0fd9dd63d75b48991412ccc4f0277127a08365d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | bf00f873c024f73efa31693df1d63939 |
| SHA1 | 40db1b514b5bbfda55a7eee207f6a6b27dd36bc1 |
| SHA256 | 25dae3811221d0cf7d88260809eff9c7104abf978157a63238383d02af28c3e3 |
| SHA512 | d392441a213f299697b742acd7f4c265b649ae5fb64cae8f5104eb1449f91a37e5f202688db8911e068b16a273ca60aaa665510cfd39e6c8286e3026a6eadedb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | cae0a3bff6c55245d9c41f31ffb59d80 |
| SHA1 | ebd40dab223720af9a3f7f6fd8a1d979a50ffa92 |
| SHA256 | 0373c3d6ccd255a22794c4d134d7072a5eec32cd132571889538389959075abe |
| SHA512 | f0fd812b0c5db1655a224729c1d2f8bca5dbd797f333ddeb4c8779a0c7db7e142f02bbbb209971ba324613bd6c467f2dde4f940c246236752cf47e9c53fc73e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 7a71bfdf3e1385109a3d7a6fcb03ddf7 |
| SHA1 | 81624acf56e701e26d27e1e70d0bbbecea47c9a4 |
| SHA256 | 328efecd4dcb0458d682ab1d38411258d76d47ea7f90d69f784cb5f527e0504c |
| SHA512 | 2c67bed414b4a2f3f6b781fea74c371707f0475d161223c7a3e89ce14060473ef552b2dfcf3c1e92e51f9dab2b6074611607c5dccaf3b0684a1c1700eb9fa880 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 365139c81098a7d1a09be5ad35636cc9 |
| SHA1 | 1ea3cc8cd2e4af315129ad24f4788e7b5ae48b74 |
| SHA256 | a8afb3784cafc474c077c92a5e640ad01bb8b8ddfec1db4908e9291fa3d48ba1 |
| SHA512 | 1934dff330d81f0b576522350f655bfcfb10d4dea9b23b4a0c7581ade4044d7c8a81e62caf5c3ab1009fc1bf99d083ddfdd2c1a17f748a1566320868db1516eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 8edeb5a220fe2ebde6e724ec46a47b01 |
| SHA1 | 4cda11549a4866dda172d7e9eda415ce3f84fa3c |
| SHA256 | 25426e5097ffb53fe93f88b9e6fd457aece2c01ae06c9cc02aa6d0f59e04b7a3 |
| SHA512 | 279187e4788378c7b27a7d606293622be31423a76a749d9ae03c2b359b91482f937c466b1288545f8d2251b8df306ada2c30ba5d1d186b63946aa42327000118 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b60ecd8a18004a1ffbb57185a2d44b6e |
| SHA1 | 02a4c34ef7b097df5086d9c94373a9048eaf3faa |
| SHA256 | 650709041492c7d805b2e8b937f22f8021d8dbdff872ae9d75ad9b9ba4ac6c37 |
| SHA512 | ceedbe4e99db21a8bc514fa4b259000110d3a25743f386428fe2e9de07fb3579161703dc3ec8f680cb3ce05ec4f11e51c958cbcb22efed4f82dbfb16f6574cfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cb26b66b378bf3615e02f41ccc5aa26e |
| SHA1 | 9a8230f9483b6be186a54fbadbfe8ec907399d36 |
| SHA256 | 65e0a4838487a5e4833936a93fae29383e7308387bbee68d0fd28974f2fd56b9 |
| SHA512 | ed49e055404743e4237f62764596aaaffcdc6131e5dc2e97559c6e506ef230d56880431889ccc5b8eeddcc4a7c32615ebf5974a9fc7a9455601781253656993e |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f052ec429af896f52322a882f8b75a64 |
| SHA1 | 3ef4269bd64bc4a359879d914c0aea8cd134246c |
| SHA256 | ad163ae600182a87b1d6fec7accbc94ede471cea409b577b87510493f96f07dd |
| SHA512 | ab1bdabb8950d659987b690d1b75b26742da98ee875c09b81df43c56fd353be395fbda9eb251dc197457b1f8d30387422af8c0cd2ee8a74d60731f8a794fa6f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4fbc108246e805bac1d8209ce00e0364 |
| SHA1 | ccf3eea90e5cbbb240c5aaa379a67cca612951d0 |
| SHA256 | 6f250b35a451d1143d32469d64c678110a1848bc6481ae9ddcba37b6bbf83e19 |
| SHA512 | 4195b7804f701996a648648ad3c0c9bca8a598d7ab37d1d4b39d604b4ccc51e8da90802ec8438e54338e83c79a06a3908bc7ea9cf525b678dd8dea17b8621ab4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 17b6743977bcc7a7bb29fafc37f142d5 |
| SHA1 | a06d514d3d380b8c28696bba059c62cfc54deaa2 |
| SHA256 | 7475e9358cc8ec5ae95b1b485ae0f5dfea9f22c375f9ccd1107b53025f71e3e3 |
| SHA512 | 1696cb3834251d9f4c1a2bd5d884d06a5efe2b53e15834f9f78d60bfb186977abedb007a37eedf3a23b9347ee44853c1c715fa50faee04b9bc8cf0d3e712b5e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7f63d0cdee081fe5716f0ed712e6f578 |
| SHA1 | 2ffc1a09e9f4bfe929ad7dc694452b00d084a526 |
| SHA256 | 84de5f72ce6996a14ba552725372a75c261a72b847bdfa5c21ec6d74b9a31b14 |
| SHA512 | c5410da28ea8e7f20292406425bb1690666c658093f9be891c058f88525ce705c23e097c7ad775337d3cc5d4a34d929a8fdeddf318ba38ff503ea0b4c94aa7df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
| MD5 | d1f0cabbd9d437292f0259ee501e3d8d |
| SHA1 | fcffe9fc9669eeb9eee0c984f48f4a7b775f8473 |
| SHA256 | afbfa6a5613a15cc397474214e938618311b47535cdf703953c5a9c54b212226 |
| SHA512 | a93779445649654d81334bdcac32d7d882980799d8dc1bf18580e1b3eafe25ad2d6545ef6e63e8e983f1d94c85007c48e04927de77041cdc8568f7fffe6f9159 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f66b618c1705ac469a333ddad6bf29df |
| SHA1 | 76f7b08fb4c63e0c5e0455f6d2aeea885c8b395f |
| SHA256 | b6b0460e57e0474a0d8a67ffcb13c84ed6ca140b60965915b031c890e264797e |
| SHA512 | a7c192567bedca3d1f59761c5988bb8fb42f362392d503a1aac48e1ecd1f6027c042c1dd2072814363a97e573f1449f6570bdec80eedcfc7565fc77005012d6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b1df0442f7e611e63b2d673f65235cb2 |
| SHA1 | 7b696163ca00f89aad07e4a3840e630bd7ca6ea1 |
| SHA256 | 8fe0d868d152c4830cd9c589e39d0e7dffc5e2024778d16aa4b7d88245b07cba |
| SHA512 | 4256cdf7d013494f141841be7b3197adc605858cc1ee1f17e515d392ff14452e7956b39ed8768d4a0cc890124b44b70eab8773001dcce6a7f4945c56ced86a0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 207a837d14d739adbf2e958e36dd40d8 |
| SHA1 | 335a9ca0c4b729c5ddf7d1d6ccff4d2eae053bf3 |
| SHA256 | 4e7404f2644faa44515b1baed6d4a0de293b6857793754a3874f978d76ca269b |
| SHA512 | 6e12751bb6e0aa7e9fcb338a0d802a7cdc2387e117bed2c70f5d7b72e31fcc37c622a73930db9a863667f236a5ba709bb54b49651fd30bfd0686a5c24fc182e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
| MD5 | d41dfd7ea0f3f542c69ff12754d9f1bc |
| SHA1 | f32e59e0277f5e2b924302763e8bd21bfcbf6b1a |
| SHA256 | d4ccea0c96d11517d93186db30ac4008ae27d697a762ca3008a6baeba7a53f3d |
| SHA512 | 495f0bb565da647c3f1b8c7f97031b1c61a25130fddbdf12c4a1356a5e9422e016e028b779acb171ef67eaea95d0bed5f0f6cead6dad3e7a0ec1c491df649490 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 2ae8efb37be879e10883e9b11d696c2f |
| SHA1 | 96a4783d81d0be0dd05f406acb72ae517cd71247 |
| SHA256 | 99f252f8c0f025a65f20627426373cc8afc4dee960ce7fbab67560c76938a094 |
| SHA512 | ea2c3dadce89ad61edb8d7a9b5a84288ee2bd729ac974943e840ae32704f68f26ea93e4be03d52e799461efb58fdc0ed78e6f5993dc8df2c2c2cd8025073e319 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53f0273b2efada4a_0
| MD5 | bc3188503fb4a574165a9e11e680a417 |
| SHA1 | 10854744b3bde2ffb35e9a0d8cb3626c58649dc2 |
| SHA256 | 5022f63e0c82432b6d1ed18813d0458484320f3057f87b719e073d9f19b1e5c0 |
| SHA512 | 2e6eae00c9a4cc846cc9de085b5f1181e535dad12b6d00971c5377bfafe6364a458e1506194e72e26dc9b272396648bb21d32d3c00e0acf3b116974acb55a6da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df13cfb31cb0046d_0
| MD5 | 40e7f0bb717b977ed665ce55e465783b |
| SHA1 | 10cb3865bbcb6c8356867d89735213b26ba601fb |
| SHA256 | 24506c1d893c77dc5387c86f2cd394d3fa0f20db6d1661f6f03efb5c57e138c3 |
| SHA512 | 0fc75a56ed41ab2830651c36bc9c965891077391dd98995554bbfb888667e27d26f5ae3c5690f3cd2bb4e3356e5dffd4658ce1e23206545c927faca308812251 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 142da08aa08975daad307e14efb21afc |
| SHA1 | d482581954f110b959428c1a9d0f615ada9a4667 |
| SHA256 | d10b99a66fbc9f7d088c7d9f648e39d7e98a3c962b0e4aee75b154c8462b2643 |
| SHA512 | 3a43434616010fbefbef0b72cc9e1e55cc8e3211e22b586c385533376d2f331402fedda4c58b4474801b874f40b163e93f5f64a9b03539fbff17e1d473764b0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ff2364a5747b3e5f2d525aec6358c40c |
| SHA1 | 9db6f2fac2f479024ab7a174c293f2cb216746a3 |
| SHA256 | 9bf81d6e48892e6d76a3309badeeca9ddcf18c81e100c1550a18fcfe9801e132 |
| SHA512 | ea60eceb620926c2401198b465c4d5bd7bdbb6a4daa5caa8707e80a0fece0e6613cdd1636c2da5de0e1e5a59abd6062d924e4a2a7c5523e25c189189946fc626 |
C:\Users\Admin\Downloads\friday-night-funkin-windows-64bit.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 71434d57d95f1a112fc10d5d009995dd |
| SHA1 | 7415ddf84891ab2140067062eaca191d2ab48f9a |
| SHA256 | 329b7d9fe6f0e3c6f931f3ecf2927b3650f013503f7ba24f1d9b0cfb0ef89e54 |
| SHA512 | 792e18091268847071936a2a8af7163112dd52ce069a86c0fcd49a3f2583aa7ff5649741f4f5939f1b4bd831051767663a8e1bc3a3bc8068280671867679fca2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066
| MD5 | 9750026f6d44b0683948dcb6359f21b5 |
| SHA1 | ac5c1a04cedc715d631b590e8be26b7dd33dfacd |
| SHA256 | 85ac6e348ba70ba0086b93e566bfc0139dcade6ff67a499b6ce1ba67bfd85727 |
| SHA512 | 2586c80d8ed98baa869c1210b118624ed3140db0ed24b74bbb813a5d12303ffffc4979d52edb196026288dc0c90665c370c158406b9257715e0e1acfdfdccbf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4b0a797dd58c373d65cdc2627d565338 |
| SHA1 | 077a7e58230d7e60b7a2fbe47ec8eac85cc9b529 |
| SHA256 | 4cc055b4a618eef585182b1cc81871f98c914671feddd21478e50ac193089142 |
| SHA512 | 73a64c621ef6cf1dc8b3545feb774de2d7228d9f91458cbfa74721fc31df942a7ec7cf7fcf92096f18fd2ad7ed79b3258ad7efabb2fd2dd1d5ff8f6fae35401b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cbcbfe03cb4a1b0d3d08b9f39ccdc11b |
| SHA1 | 4abe3808105ca71ccc5cd32172530c059eb027d7 |
| SHA256 | 7c46646d07c4d9a50294cd09ed4037774df4d68b827192a2bbb4ecf99782b2fb |
| SHA512 | 3af759f6e404182a6deb073614dcdbf8cfa57e94dcda0ae58d7279357bf261e3db5a2e48ac4466489a4da582763b979c07b14b3a11b1eba9fa7881565dde14cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e9a0fc73228a42ebf193246a75191665 |
| SHA1 | 910612e9d13d2e088aae6a4537b7c2809c07db2e |
| SHA256 | 1505b44bbf04170c5d47e845a65bfe90275c55615cdb6417e7b4d2057a4e1ec4 |
| SHA512 | 5186a9fd4bb0e6851cd88a5bafbde43a25867350ca992c432a00cdb9f7430e67ba6b3fbf547d1141b7e87cec3a3048909127b19df8451c9aad66e0adc56c03a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d6328bed421413bc5c2f1a6836f82a66 |
| SHA1 | e06bde708aeae28ba2614eebd45736d00e14a815 |
| SHA256 | b8b72b951971d6eb6508683963f1673807737b337af3ec5b5d2c696b748fedc2 |
| SHA512 | 6deb4c3ed93f8f4dbbb14dbd846118ac6c770b74b47ccceae70e1787c064ed9de8779415e0717629e119a0979f0172b0ba2f8935e38614f2113f83ade7eddb47 |