Analysis Overview
Threat Level: Likely benign
The file https://veruscheats.site/ was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-20 16:40
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-20 16:40
Reported
2024-10-20 18:56
Platform
win11-20241007-en
Max time kernel
1791s
Max time network
1793s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veruscheats.site/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffec3a53cb8,0x7ffec3a53cc8,0x7ffec3a53cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,14084358858507654036,1475809896821088459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | veruscheats.site | udp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.155.221:443 | veruscheats.site | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.68.249:443 | goldilocks-pro.research.cloudflare.com | tcp |
| US | 104.18.11.225:443 | goldilocks-ent.research.cloudflare.com | tcp |
| US | 104.18.11.225:443 | goldilocks-ent.research.cloudflare.com | tcp |
| US | 104.21.66.176:443 | goldilocks-free.research.cloudflare.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 051a939f60dced99602add88b5b71f58 |
| SHA1 | a71acd61be911ff6ff7e5a9e5965597c8c7c0765 |
| SHA256 | 2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10 |
| SHA512 | a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f |
\??\pipe\LOCAL\crashpad_4044_HZUOKTHUDHQPBDRQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 003b92b33b2eb97e6c1a0929121829b8 |
| SHA1 | 6f18e96c7a2e07fb5a80acb3c9916748fd48827a |
| SHA256 | 8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54 |
| SHA512 | 18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cf2c76aa50226c53a0d831ed3140104e |
| SHA1 | dee7ad772d04dd258977b52757187f7cb7be91ec |
| SHA256 | 21c99851e0a75a2d4e7e0dd3a1cf1cb6a8a0a0a4e82b7799424f464c5492a03e |
| SHA512 | 3d3575d48b52c027a1eb6fffa067946c64c9efc4a4442afb8f7acf061575c2739eb942fd39969ce43a8f12621ea74851072592c782bd3e97c277d83379d41306 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6525ca9f749ff27b6b1a2c05c8a5a950 |
| SHA1 | 34133b37e1ab438a3c0770cc52f66b2d918d19e6 |
| SHA256 | 342db6445377d5e7d4b4873866b0a70dced7de495a05b3fd74054fec76ecc291 |
| SHA512 | 480daea1b186cfaf40954d3606ab33a6e78cb193fecca0cb90b7943c779e199d211b5ed91ba5819d52c4b86b8203844d2c1ee72062b17bf790dee1746f8918bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7fd1a6a42f058bdeeea2a8836add11d7 |
| SHA1 | e5309b53ac71f828897f662a37b8a1d073ddd7ea |
| SHA256 | a7645d519b83c2674dd34bcef3a5f468515fe1f045e45a4f11ea69bd69d943e5 |
| SHA512 | cb5079f84a5e84d04b5d84aa9f3c0e9ca3c581711d1055cf524c0803f141c27aeed146f987deff23ec1652c8ef807f8ee94d10c87ffb70fb4b38bcac37fdaea0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6d457746514707796d0b002e23ca314a |
| SHA1 | e2dbd945fb2ff6480e44477d4c78f098cacba234 |
| SHA256 | 5afe3841eea343e9521dbe60faf1ffd81302689946d1e9c23a8f1ee485b7edee |
| SHA512 | f56e468587f7c24f8eb38d371095e7521c58612a49c83156640f2d0c67f9b0077c77e1a85cb45e12ebb5f2d95159c6a99234566a09b75dd82d5fa206ef2ac180 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b7aecd09c5de5e6f6c9e465f108d74ce |
| SHA1 | fd9bfa63d8808bce04c951a01502adca6b4104a7 |
| SHA256 | 7f45e10a17a10adc168ce862cf4c1a45126931a3d8748b7fe2c1a1abf3a56049 |
| SHA512 | d6aa4d31bae5534173fa8f0c33381ffdce25b4abbcb8a1985709138123449a37b8901388767f9a9a5ae03692d93c5a01a3b6491d81d7a80dc8af07a3e3cd4165 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 47c431d44a2b4ece18121ebac737c06a |
| SHA1 | 7f402c5a7e828419b9ed1905968ec229737cedfe |
| SHA256 | ba53c99db3f188aeccad9befc88eea1e4b188f870acf43dc4cbdea8a5bdad162 |
| SHA512 | 9eaf8fc7761791c9dc093ee94b956a462ef340418f5bd7a6e8e6f40eb8fb24032e74eaec55252674663a1acd140172e1a848449a523dfd8c294ca51e408096d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 139c5ac9ed0697fb123bdcf3704c1968 |
| SHA1 | a458108d30a9eeaf38f913895d1fcdfd9b9baa74 |
| SHA256 | 11739c498b6989509aff8208619d030c1768eca3c7cbfc15c0a90376c8328f48 |
| SHA512 | 7093670831ec4de6309102b743c35dea6d677b0e3d1519a959953b65d9db9888b9385548c42497d9aed78e680db1656add5948a25ba0645702991e0d456f7cc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f1b0fc58aeb1454cfce3466ab52bfb05 |
| SHA1 | 845eaf7d40a5002563053c4e00193ea8c31ce029 |
| SHA256 | cd9476a19cf78600bb0ecc2184f1c5d62128e76e901a9fd4e69a94a31fe64912 |
| SHA512 | c6ddee7a0106aee94a78fbddc461814ff6d70a420244cb07443fbf9b9bf563edced1cb53a693069a818d690395ba767c6705295ffedc63b7a3760f2803861a17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1798d7072cd40f4021ae32e98427d887 |
| SHA1 | 0b3502d757410b76fc3e5069607467b747ef7c3f |
| SHA256 | ea353d6e122ada1fded6ce5ba7782cadd838ba15f073c88ee5a228ac2f005116 |
| SHA512 | c139724bb91275ab15dde9979984f122a55a215f3aba7f03b9d9f66c78756cd2dbaa359c73d2a3cf66a1ebc382f1c533f2ea5038f30f93c74df6a4e3d2f4546e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0b225066b3f156945527074824066579 |
| SHA1 | 155c129a1dbcab5327c06dc5018669de60d30c28 |
| SHA256 | f1b9babcbd4e75541300d237f829b16b84dee52441d5e62c7c12c4d48153dde6 |
| SHA512 | d34a0be86b9718011d4c3e05543d4fe5336146b5e77b5d0e7cac6cfadbd99ab1e51196e4e4443c9f4c35d945a5714bff3f907ad24d5d4c11b9d25a5c22ebcad1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 72aa8c26ddd572fe33acc8293d721559 |
| SHA1 | 3dcd1ac232a6c235b67f63643d586488ecec492f |
| SHA256 | 2ff61d33f68b8550c502dc40bda04ff94952d9c0b94b221b0a4bcbc841759c0c |
| SHA512 | 62369c34506343cee65ababaaec6a80c9be33f0d592a8bab411ba738a960b79cc0017b89be90cdbdaacd3cc3b13634b5f8c6ff4aba1cc047c30046fcb266499a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 21ada8a8aa1624ec395b43911dc1dd78 |
| SHA1 | c86ff5edc1fba77a56d24807fb04b39e7e0ba059 |
| SHA256 | dde8d0f2448649a0a6bda95c0bdce1e1a5417f7c8b8316cfacad01cf0c716e33 |
| SHA512 | ccac2b7e140f011d76a28852ad2b1f6d255f2d51589e76c99b8523d7e347d888b2c4242276fe87fd6ba473d0a57bd3e50ee100650e4e1cd2578b491d04b870f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 416f341eeabcda35e670293a90d39b65 |
| SHA1 | 6ef545b5057a543236d869dfc20081393a542761 |
| SHA256 | 8cd9b2820807ea3bcecfaee1d771f60a351a147247122165e3192905c57a0dd9 |
| SHA512 | 9540e6329e8cff179fe008152615da546851b93f9a2a12a3ea1dcd538f3c0522292f01a730995e6308afe108f503634adf91eaff0020ff47e4bcbe1b3f1758d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 464add8b5f43fb81166fbd42db1bc393 |
| SHA1 | 2035bf3b0e2b097f8fcbe18a6893c4eeefdde826 |
| SHA256 | e49c9ee42a053f0507e1161078fc4d02e84631270b63c03daf26919415c5fd20 |
| SHA512 | 16b58535ef8f2feeed8f2606a0b3bc274cffab2b4b7f96787bbe5f35727101abd8bfc6def28e09489afd56ef762eea5ba1bbfc93e0288673e6e652991a58f3f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dca0c278350d74bd_0
| MD5 | 2c8a39df7867309710d40c33f1a09d33 |
| SHA1 | 7b6c304d1e963a4f114f9f43dd61d3e0727acb9e |
| SHA256 | 64cdc50c58a98f0ca111bb68c15733a32023d8474abf58f910bf61e8a528434c |
| SHA512 | 1c213728427d71b6eae5fb70ce1e3951bb35b264006b071667d986283992a7539375727a22229f643e39f9d122a63db01c81519f2ac2e41b654c1a53dc94c9e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3c40b7a78d5f6a2008207acd4a579854 |
| SHA1 | 1833d60b181876ae304d852e7b41ae459de7ddd4 |
| SHA256 | 618052bd76003239659f5e3d9ff07936ee65bd5b6df1e7425824a16e7afcbf13 |
| SHA512 | 3db6a3a7d69d6a2c9cc4415c688b61c3d9c0db595464e981deb55e2e7959fb20c8693c1972fd91f3ca51a879f2c0f72dc6917135f10bcfffa47945b1fd7306fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f22fbefbd468cfc8ae5a302ce32f0242 |
| SHA1 | 40d58d59ab0c3db30c168b8a7134c93680b7859e |
| SHA256 | 0c2e1db3357f6e6b1d1ce4664f66796c0c6963fccee67c76a2b047365cc8414e |
| SHA512 | a505ea7e61b75fc74309a33e8fc6a9e0b80a3cf6e9b658903c73d6f8f522c3f7a6cb5a76f886a05685e046bb063f0b16bff0250373c3033f29ad2eeffa41ff1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cf18852bf5d7c0040909d6787b203f9c |
| SHA1 | 5e145068f9d95c811b6c931a7f1eb687de1fec1a |
| SHA256 | d34e719b5b4eabb7bd462cca292ed4cf6d0014b2e334fc60f9fd6c6915c404e0 |
| SHA512 | d846f92d6b6381e20f236fb2586f153e36c7a7267f77e8f3e688eab13e5206ae2073dda892f20d910f4aaa9ab2e857124959bf8f392009ca1b616a7434dffa9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fde8a4163632900eda58adfbbf35fe2e |
| SHA1 | ca347ce400b650fccab5d1a58519310776e3bf20 |
| SHA256 | f7ce0aaf7ebdf3c7c829d8be575adfc16f6dca77b336f278f3cb726c5d33b2e3 |
| SHA512 | f01d66e3c058bc64faa1e89dc4f15056b18d65dc28b57ee9a4b7a30d918c88e54c2fa810fbe2166a5fd75826652cea93fdf1a6f474aa98581efddac6c6b15b75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 88ec40fc3c804f3aa18dc364f70bf0e0 |
| SHA1 | f44f2f828db4df05df2409b02def942765a703c0 |
| SHA256 | ae000979fd9e7b162814b00b643b9e6597d259a735e1d79260c1eb573c0e3562 |
| SHA512 | 67637a42a4d46bade78dacea65e06cf78ca3aef502ed069fa38d9e187f1ca0fffee921ce10d9b0cfb4bdc5fd6fca7b86e7db3af2d53384edcd3e8923aa4d4ba7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2df1b2f5624aadb85d3f9c05f1586f57 |
| SHA1 | afb5570132d52acbeab62fb27d3035ff3ab85ecc |
| SHA256 | 965bd916567683d084e682fa3f48a9e621b907e7904688825d84710a4b94ae0b |
| SHA512 | 6f632a645aa527dac56087ae9be0829867b894f476dd4ac1f901b8158f99b60697ebb35fb0c63ccd8b10bf32cd5cf34d5c91d41b601f174b706052febdb4c6a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0fff88c3678209ce60504a82ea0dea9 |
| SHA1 | f9938d0d7b0d1de90284f434476bfb4b6ea48452 |
| SHA256 | fbdd0b1b2062746834704e9ce8bdbae963d343661012120ce619d8bc946d3723 |
| SHA512 | 35b479e439b2757f08056945c9ec105325921f11febcb82f8c0fb89bd3bb8565d95d0aeb78a1580392ea57da82a0078ed811cd3fe3ed790c5b75902a66a754c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a1ad3b8551fb79dd5ccf628784870f79 |
| SHA1 | 222fc6217af0510bb5ce866c4a28aba8e63e6ccb |
| SHA256 | ed40ec5ef1c1a2d9a5581aed30434169bca13ea175d0b5f35fe8ea0e6390e57f |
| SHA512 | 20f8637182048da13c46d0a15a59cc591e02357d381075eabcc779f0552686a424ba2e7be96f0e84ab53f6cae4d78138d532137847c22b5de43a44f0a863f57d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2c7647474c8490491a3a4d7a730350e5 |
| SHA1 | 665fda923b96dacfcf09a0d86627bbc1dfa11d39 |
| SHA256 | c7548bf1bf36e9f6ed3d2e78fa8ea047f637aad742c461f132fc93784f7a7411 |
| SHA512 | 5d10bf3619c000d16fdb7a0125548ed56fe2e6710bc11268002a468ea530c0a15c56cde8df2371b31900d9da8ffaa769341f9fb53d0d9ef8fe40296bac9fe6ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 3b5bc6af15868c205a04ef69b7e8a9eb |
| SHA1 | 3185aa1362e9975447802b28bc5970180b28b570 |
| SHA256 | f6fc2da6f4ee3366de3f3fd2ced8445658089247e0b16e9f8c631954a61c3efb |
| SHA512 | 483e8f92fb10aceaf3ce47ae05cf9fe2c442fb370677740d52dd17b3bdb50d47e52967f2005582eaacdee96d5eee7b295d5ac7d270e8db0fe290aea9a5af00c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | db9c09e1f3447f62a9d469dfb7692fd6 |
| SHA1 | c3b7cdfa61dc9772957d85dadaffea6eaab46597 |
| SHA256 | 65ff4344ccf2bfd3c76356f14b71678bec08dcb2b8693fa7e5ce3bdf2bb7ed0c |
| SHA512 | 947d13e6a22967766fec274e995438db2f28569288585df3c93e907f9fbc0c66d3109e7a2babd924449ae9b2e72e8b32cd3affe5e25af92788bce80813a0c337 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f9c029e377b8453a1a67ecae82fb6d19 |
| SHA1 | 4d4992872d097b79e4a2c43ebab1bded411659eb |
| SHA256 | 7bf99874a67060846f2c23c90049a620c4d9228ad579b814869f271b593c07b0 |
| SHA512 | 67c7a13f923e04410bbe06d3d342145c37ab68b92e966c93d1880d323245cccea00fdb780b6193c1a16bbf9388e176c66e88b2ff5ddfc9f0df6327bb6e0e5321 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0bf9caa56aff61c434d7e414050114ff |
| SHA1 | fef86b95412a8bbead90173cc2f599d15523d3d4 |
| SHA256 | c9fd675e54b1878e3fe6569f451a210c2c3224e343d73ae5e45a327c3dbdae74 |
| SHA512 | 09d3d629349c4db307dd697d42f5f602092e55fed543e95c7273c2415303cacdbb77488a9821f4b8ff96256333187a2f7cb3de42d937bcedfaad51e7100f76b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d12ca5ff08f4f0a089645c71767123d0 |
| SHA1 | 9cdb764eb046085962016f1b99d4a0dce8a1f4be |
| SHA256 | cb01048d545de3fb0e479a7aa5d963bbb1c4ed1f95d1418559715f85b8db4740 |
| SHA512 | 8a9355364614d412f25b00e4e2ddac6d4d3cf3987351b3f24da4ac7562d3f2f4d0a6af2c77eb639c785161613b11e5a42b4d286b4be23aaaa060782e3c631f06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2552ec7487d7ee77ad9a88b6d4e4f7f0 |
| SHA1 | 71bf96a329ef6dc59d65b7629baf458321bed617 |
| SHA256 | f19ed4974a9429542124c2af01109b3805d4c83a8c9be379858973f14d767a14 |
| SHA512 | 6be098b1e587acc0f04fe67c6a5b5c40779068c19ca518d093ddcb7e687fbba0bb3a9c20aec4e15adba090560cf3b475fac3ec2460c640de6c86b4134cf2ad7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8afd53db4c112242774d351bcbb741da |
| SHA1 | 23a2bf032cc8cb936628824494c36912d7a84069 |
| SHA256 | e29b95e3ba89ee1d227adeee14cd3fba0a6e58efc80664eca0adf1ef54612ddc |
| SHA512 | c1f83b72f07130c5d79d13e769a696272c5e30f79c94f6159e45dd1192323f990f473d61d5e1b5c9e88479b0d3de488cf876513ef6b07724f3974016087bdf3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 24882128e28631ee4e4228f10f79803b |
| SHA1 | 9d6b00f90ef4d7c0224f4a5e8b52203daad49020 |
| SHA256 | 4d4e0dea08b56d29c268af15d3f43c925d5d229abf3ee4c3fdff21a06e99e869 |
| SHA512 | 4b70a24f217aea026525a73cabacc9795fbfd35ba67bafa0e9ca43d2960f6ef554871acc91fa86acf8cb724fd570312bac1a538b36bdf52b03ce9732f536df79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c6586a1792c24e28f829bec629fefb9f |
| SHA1 | 72431dd00effc660efc6d64227735ba0bdc099d0 |
| SHA256 | 51f146ce8fc91ad9ad217a871cfba227908ece95a59911e4518a169b4eb924c0 |
| SHA512 | 9640a0794ba5c649d9b8321d881725a3ed35966f939617cd854f0773b3872927dd2dbcd04785aba3134281f0b57956f6a9f8dfd9cd6b6fbfe65d11a7cec5d7a4 |