Analysis Overview
Threat Level: Known bad
The file https://veruscheats.site/ was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer, LummaC
Accesses cryptocurrency files/wallets, possible credential harvesting
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Modifies registry class
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-20 16:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-20 16:35
Reported
2024-10-20 16:39
Platform
win11-20241007-en
Max time kernel
271s
Max time network
280s
Command Line
Signatures
Lumma Stealer, LummaC
Accesses cryptocurrency files/wallets, possible credential harvesting
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader (1).zip\Vеrus\Verus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Verusloader (1)\Vеrus\Verus.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Verusloader.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Verusloader (1).zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veruscheats.site/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffaa6d23cb8,0x7ffaa6d23cc8,0x7ffaa6d23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1020 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6732 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D4 0x00000000000004E8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,1102243630827383573,2042295670052460190,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7528 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader (1).zip\Vеrus\Verus.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Verusloader (1).zip\Vеrus\Verus.exe"
C:\Users\Admin\Downloads\Verusloader (1)\Vеrus\Verus.exe
"C:\Users\Admin\Downloads\Verusloader (1)\Vеrus\Verus.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | veruscheats.site | udp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.209.201.84.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.78:443 | www.youtube.com | tcp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 74.125.175.102:443 | rr1---sn-aigl6nzk.googlevideo.com | tcp |
| GB | 74.125.175.102:443 | rr1---sn-aigl6nzk.googlevideo.com | tcp |
| GB | 74.125.175.102:443 | rr1---sn-aigl6nzk.googlevideo.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| GB | 142.250.178.14:443 | consent.youtube.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.178.14:443 | consent.youtube.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.226:443 | googleads.g.doubleclick.net | tcp |
| US | 173.194.24.166:443 | rr1---sn-q4fzen7s.googlevideo.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| GB | 216.58.204.65:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | tcp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | tcp |
| GB | 142.250.180.17:443 | csp.withgoogle.com | udp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 172.217.169.78:443 | www.youtube.com | udp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
| US | 172.67.193.176:443 | kneelyopkr.cfd | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 02a4b762e84a74f9ee8a7d8ddd34fedb |
| SHA1 | 4a870e3bd7fd56235062789d780610f95e3b8785 |
| SHA256 | 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da |
| SHA512 | 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f |
\??\pipe\LOCAL\crashpad_2000_FUJJWKSLJZQHYVGG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 826c7cac03e3ae47bfe2a7e50281605e |
| SHA1 | 100fbea3e078edec43db48c3312fbbf83f11fca0 |
| SHA256 | 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab |
| SHA512 | a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4314078f6ac1b7b6b9a86ad2bb3385f2 |
| SHA1 | 60d542eb5ba6795539df7b3725d28a38d06a5c5a |
| SHA256 | e60448c81d3f82e50bcbb48a7c611a2112df85564575292c1655f63ca7e4f94e |
| SHA512 | 3828d3c36ca72596fdfe5ac5bb0ef805de363463d9f5a7678512c1a74c36352782f8465fb53dcd5f237497b9f8ac58841c0b4724899a4dcef44dbcd6ff33f5d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 432720edd6b4fadfd6d547c8596d1243 |
| SHA1 | ccae4935ff218628824375f254b5eb46fbd52cf2 |
| SHA256 | 7944c6826ad60d5601cb6646046c0d9347d89456721d3e4b01ccbbfd9f7a13c3 |
| SHA512 | 8ab646fb6bb02ade612c1fe3add06e01184658f99e7c013fc32b749176c450c9aa2e38985f69b65e456d8d6da6d74b69055ba220797a87c0179bdc8e931fc73a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b5d5debe6a705c6b6d293d66180d07ad |
| SHA1 | cf960ffe9e09dc1c8b19cb89b4e889ddd9defe79 |
| SHA256 | de54f3a949328ba1de7e7065bc013a243b0293494e24800cdae161168a43270e |
| SHA512 | 60845c46ab91a312ff921a035862bf3a7905b9d7ed78dcf21281032dbc96a87b61a0082da5bb68d59460dd9c2decf21e43a17ac51ef07a4d96fb55f28db547a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8235d29f3870aee7f193a60baec35af5 |
| SHA1 | db7627d6979e4ec3d46020463609408b47b7670e |
| SHA256 | 1614e403529a3c961aef6fd3558269a5779a54668a25f98f7f8061b40c5c55e8 |
| SHA512 | 11b00c08a20a50fd4bcd89258434cf07a8a9f1d5fb4086d24e591f1bc74f1bb478227cc20be86c791fe11cfcec101446b1d3d82d0ef1fa3d6e44a6e6fc457d39 |
C:\Users\Admin\Downloads\Verusloader.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9670351f4ebdb4127dd7216dd1ea25c8 |
| SHA1 | a6ef951b11c251272797f0e57a7101024509232a |
| SHA256 | ce3b451662112e4a64b06dbec38c1ccd4bc42515862a716df93566e57f08e989 |
| SHA512 | 4291af65bc9fbc2b1787416cae58d8a894e99592791d9499a66e559b9489ac14de9d259261c8c8c57d53a19708e6fbf9254487cab9ecc47043f4081b844f1b5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d86e7a0eb81cfd65102206b9c7594801 |
| SHA1 | 0167d8c693f271fa079474f4c1e63f74407eb3a9 |
| SHA256 | b433a3a2527d39eb79241a0baf19b47f6b4ea745e23a139f19a540d0607ae2f7 |
| SHA512 | 60d99f8e067e5097d705ae01ea7a100199f9183e67e8ce96f8baabe2d3bbbc454706006f3b4568ec0bb3c9f5e82471bc5e1fe72384cd776944989403d29abe6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 27c8ee8791661ce632f6e142202fa30c |
| SHA1 | 86c91a1e0602dfb30f6e501909857bdf937919ac |
| SHA256 | 7305df20df6c68d6af3493ed0d6a7e8f8b9d2027b0d9924b591806062af81c15 |
| SHA512 | 16bf9d8c273393b89dd9c27a0beb39ad886111494d0e6ea9070584f8a133b7dbf06b4d9bdf1855921f00ac5d8ed178b53de619c843e4fa2b073c43175d3be68c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d279db62adde6b388a730582c582358b |
| SHA1 | ea63e6a96360eb22445fa7466cd32403152a6d23 |
| SHA256 | 86273697613c331baebefc6e5f26f0c353842ce0fd2ed20ea7ea724f3c9d8ca1 |
| SHA512 | c82121a357576bf519e30b4cedda26a3cf85ebffdcd6a30fc9573dd38368266704a521c9fbaf3cbd9d1b3a3baa715072ff28ab91922ab8ff16a7bbe0dbc7f3bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 91c1abde26995ed2f211f73c11f96047 |
| SHA1 | 0b10cff8bdbcba61d5b6797214627912bca4ae45 |
| SHA256 | 45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390 |
| SHA512 | 29508e0995faf428b7fdbf6a867e898279910a647f8a5d0ea46dbc0998a9d679ab4bafcbfb26688281993bf5d417d639f65600099bb6e655350f9f819c4837e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fe15cfcce8f124facb200adf97761217 |
| SHA1 | 1d1a679961f2dec480cb3d96360d80201fcd16d5 |
| SHA256 | bf834de79effee57384d884de7f965ccd0c4141a80758dfead000db43c790d50 |
| SHA512 | 783379dc29d603f99daad4c0fbbd58513be6d8912ddf3992bbb358f110e1cc483f5741256b543ee49576a3c2b16a8d109a65352023ee393ec1e82c8bdd12df26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fe0d94ef9cda6977fec122cbfc284cf |
| SHA1 | 669b6c3aaf743ae65e60928eeef41609cbc8c91e |
| SHA256 | 3f84936ec55b11a3a89e36e33a6a2604638308a8cf805cd18b678df5690dd87e |
| SHA512 | 4addb3a8f51657d5e56c458ca30d5ae432a04ff6a7a671b3ee432f506430b6b6cfa11439b0225df3419ac4c99232f574298acf7e2ac927ace5e3916407723090 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ad0a10ba9ffc427b38126b648b04cbd0 |
| SHA1 | 0cb48806918de0771cfd5e4f65b1ee7450ba7e55 |
| SHA256 | b0906baff904f8d4516f602103cab5fcbc6c465e3d7f6eb9d936207350b1b9d2 |
| SHA512 | 07d746098e049cc04c369d9983160bbf3920341763005881f04aa21415f2b24c15e5e6efc5f8e05db51cf39b25eae6f03736fa4db926c73038c7b92b5e1939cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a4f2b.TMP
| MD5 | c5130368b8f57360664e28b822d7d375 |
| SHA1 | a8783f3791f3f0ac6b5e0f2f6604c810870c45ae |
| SHA256 | 7e22e484f067633895bba2ee9df72ea39ee5960de3299d3b4a0e06bdd421f66d |
| SHA512 | 6797b597315e8ec47c685ebb66cf6a16bc42d1437abd9df034ef87bf5e1fce5fb93c22e40b1df889c292c9671b8fe69b790ac86435a86c033fd1179015bd5fd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 027ec05c2fc6cf591c8c52c472d781c7 |
| SHA1 | cd525509d3cff1558e62d42b936464a9671366d0 |
| SHA256 | 02ada22adf3fd58252a282e0b38531ffccf9f62aae2c0b1f9ae8cedb7047f40e |
| SHA512 | 0b9bec285f3b9e7b74ec032d8df957ef90b0556b590419c1959257ef084cf97bff1274e92bbe6812eaf412abce01c3c8a9221f6add1ba425ff1761b1a5b958e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fcf2ce50f067b5030272592e0f7dbf73 |
| SHA1 | b8f4fab75e0d974a7d23fb6a57d78189bd0b5247 |
| SHA256 | 2dd3db3d7f02dec307d4d1dbe740174d9901b972776308ae6cae5bd1260dba1f |
| SHA512 | 05b9933ac82162b614f62f60df99995aa87584775fb063f5001e932f3f833405ec4798b00ef7c0d62b32deccb3bdc310e42988988854a215859a79b891979157 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8e91dd6588d2c6c51877f500b16b986c |
| SHA1 | 2dcc694bc9cf655a87f17df70eebc9400d53a558 |
| SHA256 | 47ea637bf90b9a2d4ef6eb8095a78baf5d063cc0a3517e1e45b41675ad5d082c |
| SHA512 | c6a9288079b6de9b390d6d2998c4beffc1e68ec8b49cd8f692b560af83bc4f4bf5349f293671d5ec1fed658d26e877f617b24e32328063a1c4f267b3a0ff9bc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | cc55ce09781590f7a37f3f5790fb9a76 |
| SHA1 | 4e632888a0e033e86e22c57c5210a453725d3e20 |
| SHA256 | e215047db6d871bf543cc102feaf3002318b4cf2e1d63b4c586ba1260d1dd843 |
| SHA512 | a4baacd3b1b5ee50859a2049afa74bad49c425ea435621e38567cb21203f2b64d2a3920844f5d5856e59d107bf3bca30ba25e4020b1db59ce6f7bedbc6a48261 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9ba9de477c71777e45771d9c970c7f3f |
| SHA1 | 1836a22752fe04ac57de16d3e431824e71fb69e7 |
| SHA256 | 166e7550f1bc43d8bcd84d22a15fd3514075e2bf077ec88a714077e092702a52 |
| SHA512 | 034f1661814b3bc51d03ae4dcac177a3ec4d30d3ab8499716ee2b1ae3df4fb14c40702f88d16395eee22bfde99eadafc9c44363c5fdf5b516455b9e586990fdb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
| MD5 | 070a4ed814a1eb3ce6f40d5c5f095096 |
| SHA1 | 6037b9e6e679b31ee5f2b28b5cd5cb8982bc7048 |
| SHA256 | 8fb466b37ad64bebfcff27fd80f4b50818ad5fe6a12b0a326c91e450a21ccfdd |
| SHA512 | 44772a053c1009990c24b654e6da16a99f740c3c57407f54efd3b570d0932565b6faa5af19b094ac58b27a5def4f41c2d191f6dad1e185e168f4a0acdcef1686 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 6c2375c37c399ecc1e5bbab801e83b91 |
| SHA1 | 3df6993c14c21e6a3d1892e2d23f9e66f0c4159b |
| SHA256 | 79a3c738c95d960e36ea62ef426f10605a7139ffb9332b9a30101d6e200d791e |
| SHA512 | 4934be4e5b5e046a89e86dc349b1ea1bcb76a48444afb0a31c3fecea9beb40c2f74b1a81cdde76204e9dea24a916f4e05d9298dac52b4acbe66b368d9c941b1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 199f79a72fa4db905e34d8fd2acd8b26 |
| SHA1 | 207fa36cec7bbde8518de3e4df4237236b863b36 |
| SHA256 | d199ba0ba3dd14a6fc68c19ba649dd1edc37d6e3fc3ede0eee6d767c712890ad |
| SHA512 | 58ba0dd1b6955c1808ae3c5b0803a5cbd4535881946ad15a479ff37ae194e30e72b675d049ec07b25ca370d6902357b9b4d203ef5a541745d425e4ef8d11b708 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4ee34befb61c8864fc85fc93644ad63a |
| SHA1 | 6b56fc37a8efcc4ba7a73ce35f2194b4b7841dc0 |
| SHA256 | 5ac7c136d348bb845b636d352861ee058bbf81a66901fce85279f4425696adc5 |
| SHA512 | 8146c31754e2834dbcf3074e4ed267ddc28739a40c71ea95ff4b3c633bb4a7b5a065473a10a9810c2efd747c86f78eed0686f40e23d7d4bc273103a9542e6df7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a1abf2f8706f78298dd406da568919c8 |
| SHA1 | 716449d90d1c8202a14d455f652ff794ca32064e |
| SHA256 | 9c9ee312a7e82cef83ac626c4fe48e6dbd19d3013c0a94737943b9d75c310839 |
| SHA512 | 7f552f4110576ea8a1496a7c75a33c2887aaaa2bf45336b2f503285bdd46213c6f2fcc2f007eb7ae18ff789335e6df1d8f68802464876024d5d0e2ba1ddf36a2 |
C:\Users\Admin\Downloads\95c7d637-93b1-42ce-ac62-f7b8b6717e07.tmp
| MD5 | c9a85c3ec19cfb1a293608bac95c1ec9 |
| SHA1 | f73d2016fecd349b0a490b0a52616054f170cd6a |
| SHA256 | cd8461471d5d53607a25a0a5fdabb263d74abfd6fc6adeb1a0dd385a08b70469 |
| SHA512 | 41b5a57a1207d814ca55e7609fa71149bced791d1075d597687b468cb737517427d222a339153695ebc104a62018585f3362f40fba658bc892e11ec83c80b7fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 34bf4287c30cb7f905d9883ee2d69961 |
| SHA1 | 48f3ec8fd654da73e6765d139a42ed582a23473a |
| SHA256 | 0d8d405b7114e268f714a0a5f54245ff53a83f92d92045d71cc0f49be52af6cb |
| SHA512 | acb52b2ff651d4ec5a7568be5ec803495025860dd13e615956844b975a0e0004a5338bff55140336fc5fdea6aa398afef3b3ea2ebe87cb6b0c067fdf38e986c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5aacdb.TMP
| MD5 | 073dc6b1d0c83ab0ff93a6769dcd9d96 |
| SHA1 | 0305b8a82189381a4e6b2a68691626628fd4a5bf |
| SHA256 | a57dfb87f24b845e3efeb344ae952250fc477041901fdd33b6204a3fbcea502f |
| SHA512 | fd6ddb8041ccc9024978fbac1e185b97ce4337bbb499afa04e10f78252864b2d9383c33d9027616aaefa529ee63ba13415335772540a26af5d89bc0cdef21c6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ecc32277-7353-478d-83f5-5783eea142fc\index-dir\the-real-index
| MD5 | 7cf0180a5862007557103b8953a821a9 |
| SHA1 | c9a0ae3b00b7b359f90a83a1fc6b34f14ffec8d5 |
| SHA256 | 484be0d100d0eba7b104a9a6cde358256a650ccee1ba114af066cc790b276d15 |
| SHA512 | 94486bacb03b094088f5e44ff653d124471d8dfa4e5349708aeaa5be5dda50a41e61c53dd7536cd16fc63ef6167f49363fa5a1a44cb46e0ff689d32db38497f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ecc32277-7353-478d-83f5-5783eea142fc\index-dir\the-real-index~RFe5ab279.TMP
| MD5 | ffc0b998413eec6e2376484d25763b56 |
| SHA1 | 4fa6d6522067b63bcc8a4f1fe2fd33f10fb3a149 |
| SHA256 | 8de3469b5d0c9e6186425dec9b3f3050b8d8c8bd2f246ef48d90aef2684c60d0 |
| SHA512 | c9c607baeece518da34bf5ec7574b2fd08746e73abf27317799ee4cc5121b87f8550cf98b610709ab4c7a4b7f05b2f9721bed8bdd7ce76c910e3b6cc133111e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0f7b88aaaffb929116280537addbcae5 |
| SHA1 | b86eaf941cafb06234d7149a5cd5c6c32218239d |
| SHA256 | 1facb24933eb0333e4c94931a58c5dc5f82753f993b678212821d4e7aaa5135b |
| SHA512 | eb242c0b14b71acba79307257e64cbb2664596b19021f77e460f554bd5c13cebe9f2c8e05059e7f8b8dae00e19eb17d4fa8ab5d15d0e12202b9d33f5a7a3ef31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ea9c54dc-2ce6-47f1-8a0b-2aaedd5eeb8a\index-dir\the-real-index
| MD5 | d7b0577388e005a672a2e1aa59af3467 |
| SHA1 | d6f1657787996ea6a22a24df36de53e69e3f660f |
| SHA256 | 0aa27a12f0d0408cfb7638564cf1d7c9ed5c829158509ba96f67c6ccd7ba085c |
| SHA512 | 3533d70abd23805369e3d9b31b2c82a49c3f0fcc8a1563cad3ccd4bbce255f01d8a8989c8dfa06957edad6d5e555dbe6cc57b1a853b93bba06a40af6a0f49053 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ea9c54dc-2ce6-47f1-8a0b-2aaedd5eeb8a\index-dir\the-real-index~RFe5ab567.TMP
| MD5 | 6cb500d586ef3a007425798f53a39915 |
| SHA1 | d3e1581fef4c4a9ced38deb5b22486523fe263ba |
| SHA256 | 042e3b2e340c594a7ad1aa66659ec6150666b41559a699c6135b95f8e538597b |
| SHA512 | 2675f8b70ec30fa2d993b1c5e7b7ec505d2a79c3d4e5745c6479b874d9c96974e7db1d0fb6bd9cb78385da8873e9bc733d0fef4c5e8a415ee22fadc55d49598b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d1ac2bf7476d06d6a25aca85b08cabe3 |
| SHA1 | 0f694210c256820cf9d8de3d659b6e5da2177ad0 |
| SHA256 | 78329d4397cdd7df3d6b45302b86504c54adfae3cdd902ca18e239fba1bf39fc |
| SHA512 | 516858b1609ae3163082767e52a6359a2456db89eef094f2410e1b346ad5912a8a46ac19af25e55232106bc2f5e4861f9f6ed2a2993970e0ecf5cee31df56908 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b1cf0f144896457783a89fb5e1930785 |
| SHA1 | 24dcef3c96431f48ca0f65366d05e812e7a9f844 |
| SHA256 | ff693b115da69a524524ac17435e265b2d3c026d31bd03570897183874679f80 |
| SHA512 | 1ff478cb304113971242bdb60b59e9ec80e9c072593ac4218958949a8eb79b760d5890c724e5e7296d1c681eedad844e4bf67a5e4df716198d58dbd836334a47 |
memory/5064-810-0x0000000002710000-0x0000000002769000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 7e8dae5bfbf6f4cba4ed22f47261f772 |
| SHA1 | 25ada467fd323b4635cdb00555ae403d2e7292ed |
| SHA256 | 9e9197d3bfb1016dfda4c67c08c1f041d8454fa9f3819040e6eee65de0c71b47 |
| SHA512 | b6e057c4c95c02378d9b2d919d2470fa210311dda9a9954841741bec8976df95932d70c018f7be63ef8f9209fee0d91ef2f2ed563cf19b38dc7e79a3413cb322 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
memory/5064-815-0x0000000000400000-0x0000000000795000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 58e0db21f1eed1e4dcbe2c61665a39ae |
| SHA1 | f0aa0ff244c85817179ceb3ed5f449e7d45303b2 |
| SHA256 | 5a7d043c8eedcf73ac8bb6768b70c0994ffdf5e9d0ade6f2341895b607298ab1 |
| SHA512 | 5ab49f49fa00840611c7acbf7fde3b81227b89daa90effe34b5458fa7be1454184d5b9ef18099de5ad5af08fe2900c1affb63ba49af84d0938cf9dac0fe1dd86 |
memory/1340-836-0x0000000000400000-0x0000000000795000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c66ef01c3ec7b18e291ea798a837490d |
| SHA1 | 4cbd9e989498063e752599e773666a566fd54eac |
| SHA256 | 4891058b91e3f4890f3ad66a79f73d107f8527aaac5b52116c61e59bf1d99d7a |
| SHA512 | 36596f29fca70fea5501d356da89fdc334213d50282e848c81abab8e0fee824b3657991fc917a7a25e4f493a93bfa418a47c128674593c6086eb919e0a42a101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3db70917ba2d687483e08673567a8914 |
| SHA1 | 62b8657d6994af16fd0eba14971de54dc0550589 |
| SHA256 | 1d374a151777f6ea909982786a014bf01a8c1cf4825306ba724c63392a2671e4 |
| SHA512 | f7fbe1f184ed1bde42a69aa5366535d16d8bd7862c302cf589ec9218fe3a2c7bebfbcefc4e854b385b265bc6fb2b265f4a9fa8b70fb35845e701f5e6b855bfd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 995c4d980c9450ee77280870a764748f |
| SHA1 | c4bab1e9062698d5983e2122f4c3755c4a2a86c8 |
| SHA256 | f6fc998e67bbc6400f46e75f6fb4b83959c51b9367db28503a8a5f27e1eecdd7 |
| SHA512 | 9b7f0b9834373a26a99c986058123c745fe75a0f3a944d740c12576ff5f2f8a2727d5fe8918e07c1b51fd6b3cb060eee408cb33a1dde02145aed1f8570d88ca0 |