Analysis Overview
Threat Level: Likely benign
The file http://Schoology.com was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand STEAM.
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-04 17:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-04 17:31
Reported
2024-11-04 17:35
Platform
win10v2004-20241007-en
Max time kernel
226s
Max time network
233s
Command Line
Signatures
Detected potential entity reuse from brand STEAM.
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2045521122-590294423-3465680274-1000\{4F2C84FE-EB7A-4FF5-BA3B-21DA12760B7A} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://Schoology.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8bb5446f8,0x7ff8bb544708,0x7ff8bb544718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6044 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6036 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f4 0x424
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15552015985959567328,8044264749323598363,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5712 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | schoology.com | udp |
| CA | 45.60.172.112:80 | schoology.com | tcp |
| CA | 45.60.172.112:80 | schoology.com | tcp |
| US | 8.8.8.8:53 | www.schoology.com | udp |
| US | 45.60.156.112:443 | www.schoology.com | tcp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.172.60.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.powerschool.com | udp |
| US | 8.8.8.8:53 | 112.156.60.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 149.126.74.116:443 | www.powerschool.com | tcp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.74.126.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | consent.trustarc.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 3.165.232.33:443 | consent.trustarc.com | tcp |
| US | 8.8.8.8:53 | app-ab11.marketo.com | udp |
| US | 3.165.232.33:443 | consent.trustarc.com | tcp |
| US | 104.16.92.80:443 | app-ab11.marketo.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | consent-pref.trustarc.com | udp |
| US | 3.165.232.2:443 | consent-pref.trustarc.com | tcp |
| US | 3.165.232.2:443 | consent-pref.trustarc.com | tcp |
| US | 8.8.8.8:53 | acsbapp.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 104.22.0.204:443 | acsbapp.com | tcp |
| US | 8.8.8.8:53 | consent-st.trustarc.com | udp |
| IE | 3.162.140.41:443 | consent-st.trustarc.com | tcp |
| US | 8.8.8.8:53 | 80.92.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.0.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.acsbapp.com | udp |
| US | 104.22.1.204:443 | cdn.acsbapp.com | tcp |
| US | 8.8.8.8:53 | ob.powerstarsbuilding.com | udp |
| US | 3.165.232.53:443 | ob.powerstarsbuilding.com | tcp |
| US | 8.8.8.8:53 | js.driftt.com | udp |
| IE | 3.162.140.106:443 | js.driftt.com | tcp |
| US | 8.8.8.8:53 | 204.1.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.232.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | obs.powerstarsbuilding.com | udp |
| US | 35.172.245.152:443 | obs.powerstarsbuilding.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | customer.api.drift.com | udp |
| US | 8.8.8.8:53 | conversation.api.drift.com | udp |
| US | 8.8.8.8:53 | metrics.api.drift.com | udp |
| US | 8.8.8.8:53 | targeting.api.drift.com | udp |
| US | 8.8.8.8:53 | 152.245.172.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 92.123.128.182:443 | www.bing.com | tcp |
| GB | 92.123.128.182:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 104.86.110.113:443 | th.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 104.86.110.113:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 182.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.110.86.104.in-addr.arpa | udp |
| GB | 104.86.110.113:443 | th.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| GB | 92.123.128.185:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.140:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.195.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.3.101.151.in-addr.arpa | udp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| DE | 2.19.11.101:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 101.11.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| DE | 2.19.11.101:443 | aefd.nelreports.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 443a627d539ca4eab732bad0cbe7332b |
| SHA1 | 86b18b906a1acd2a22f4b2c78ac3564c394a9569 |
| SHA256 | 1e1ad9dce141f5f17ea07c7e9c2a65e707c9943f172b9134b0daf9eef25f0dc9 |
| SHA512 | 923b86d75a565c91250110162ce13dd3ef3f6bdde1a83f7af235ed302d4a96b8c9ed722e2152781e699dfcb26bb98afc73f5adb298f8fd673f14c9f28b5f764d |
\??\pipe\LOCAL\crashpad_2928_MOLUNXWFWWMMXSJW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 99afa4934d1e3c56bbce114b356e8a99 |
| SHA1 | 3f0e7a1a28d9d9c06b6663df5d83a65c84d52581 |
| SHA256 | 08e098bb97fd91d815469cdfd5568607a3feca61f18b6b5b9c11b531fde206c8 |
| SHA512 | 76686f30ed68144cf943b80ac10b52c74eee84f197cee3c24ef7845ef44bdb5586b6e530824543deeed59417205ac0e2559808bcb46450504106ac8f4c95b9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6ce1ae01e4c8852af475310be9f11e40 |
| SHA1 | 23ec21ffda1180e47102408807fdf80f5d816f3e |
| SHA256 | 76674576e3dfb6814852a52e0c77fe0a67cffef363d33be54c293ec7ea6f4f78 |
| SHA512 | 83813dd410f31c868093051590ee80b7baea8ffeaa7dcb5ee0d3a9502256b222b10595af0825b50c01ca5b966b760c08ee17924cc58d31026b5d0d0bc367392c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8eb4d69288a539d8d1c457e51e965453 |
| SHA1 | 70fe7e969678d1c5ab756641916cf78194d23f6d |
| SHA256 | 040bb08c2a862ac156028e796daa2ea8cba1f0245ed72a4e4a2276008cc808dc |
| SHA512 | d4486776c0d9c63b50a2a44a9f4270e6d61bf37ef3414d84404a8f1527235afe2daee023ffa6c870c6d287e678346aea25d5d227f13fbbbf080e301df8f1bc27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 818cd5a353955fa87dda80dddc8accfb |
| SHA1 | 3ebce3413cc61059ed5f3ef1f0056c66d4e98a43 |
| SHA256 | 24813da880915dc252b4f1400e6ebf6c86a80dac7fa1df38ce1762cda2af0c53 |
| SHA512 | e28eaa698143b8b980fe33db28894fc857b3e98e0833304d5aeaa16b60cf3c5897fe8117fe2b28c013a09240cbe768de729658aa2bf95ff70a8a428b8046690e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae091ef869f3fa62d333b8dda66b21b1 |
| SHA1 | 4b7577f4b54d786fcce6e5077d9b4918cd7be127 |
| SHA256 | 2c3b2fb421b16012ab9877bbdd8998e8b6a8cfb65e4395440b595924d05add71 |
| SHA512 | d77e8e60aa856be41948fe228567a1f2783d50a965078b88faf56e86197f46f45fa28bb428b77a23470dc886743a5b40ebb149936bc2939367f455097d72cff2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c25125a48d6ff4fd988dfecef8fedb66 |
| SHA1 | 43197250b0bcc911f129bef7119b1a52e9889f87 |
| SHA256 | 51c73491f601e8d658a600f5b725f8f8fe8d82eb2034a0a1d3f451c15f7a30a5 |
| SHA512 | bbd18a28930d43b7d32a3061c980764c69361c194b740df07f4d9f2c222e400e638f220ec117d7e7b628ce1291e5b811a463adb9734265265398b99e9c1c7afc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3b763002d7db120f40d30e4afa894ce |
| SHA1 | db7c3ab2f9ab12baefc3e262656b5e2c1ea9693a |
| SHA256 | 84e32ad83c07703d07333970a2870d1cc93778a79a33d9da46439a3ccfe55d17 |
| SHA512 | 81dbaa72abd1601a4b6cb55b0f95e0ef88f768b234d60dc326ff6608a586eb9381024fb0f7c8b52c1fded967eb5b2a44394d412eb29474cf1f8e1b28512b24ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58bfff.TMP
| MD5 | dc8b35669712b872a5397dd300783e7e |
| SHA1 | 002a73b968b1080774228764d330690ac5689885 |
| SHA256 | f8b02e513596184beb8abe8a80fa3a7e613d8a18cc00db18a74cfba820b52357 |
| SHA512 | e8e69984531c2c7be1517378c90975415ca3efe4703d2ebf47f92d0b8811547f96c95d935fe9d7db776b21ad9186f244fc7bf3e0ef06349f4f34fac6edd2e64d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cc532fe1f54a6531828aeaf4e8f7cdf |
| SHA1 | 853c6b581f3ea14f8121b6f560e0351cfb11a296 |
| SHA256 | 9225fd668e4cf0c85712391523e9843bfe4420604306ede29c4a2c6b0c3e436b |
| SHA512 | d8fa1782837884c47980a40b1659048387881703bc4442e709b4e9c7249af911841a29cc94ee87f66263a7aa73632354092177c4ee4e4f448a4c4efd66ea0af6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f6eb95adbb69e1bc4ca30503d0228ad8 |
| SHA1 | 8e5088d6f5dc211d11453cc5d4242352e8ca04d1 |
| SHA256 | 7898a525263db8f397030cf09f5784da8ff117c361d5f6559a9cf1e776ffd869 |
| SHA512 | c575e474efd7bade5557bbf4738368c625fc556e9e4790177c29f1749751af6e5c4fdbb7a589e5d8642ee99aac38587530db4b6aa142b4c14a13cfeb3d954a5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 19c11ccfa7d7b4d95215db9801ea75b8 |
| SHA1 | f9aab86bea4589183978901987112fad5a2876da |
| SHA256 | 31dad38fc64afd0a723a475a5d924bd8b6c0e898e03f4e9d643a7d0813f46471 |
| SHA512 | 785c652a054877e13624c2d5c5520135a3a2f3ce6819eaca8b2b01d9484548cb7d25a9198e96e146a2758376f76f32a46b45fa462f23b060aa0ef1ce374caf7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e44d2402a9f5930e8ca381856a7c9439 |
| SHA1 | 62fccd9bd74b2fe3ebc6693f1100de491368d1f0 |
| SHA256 | 412490bcace190c2474e456bd07c32c0b36672ecf35ec6ed6b5154d31917a38b |
| SHA512 | ae18582f45333d51dff6d65a04eb9a7d67ad57ef8abb2f524af70a66bf58ae522158c91366f5a83630b806fa799f307d7b5234e26ccc392060da1a03a1f87d65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | efc6dd058f04d4da6d7d32626e2f50b6 |
| SHA1 | 2cd7aa6925458cd6d29f4f4731e2d41eb1aaac72 |
| SHA256 | 4a25b8324bfcf1c2202b52e0214f3af7ac1d7f590605ec5832d2d0e4900ba30c |
| SHA512 | 8e65bc89fcb0be296c7cde81d6e413225500fb2f71c6691dce7f9223d124dabb451994aa47c59b7192c726c22e8a510bb2b2aacdf0f9a37ad593f7791e4d081c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | 9fa060a599b0ee1912f2073ed59df3c8 |
| SHA1 | eaaeef616747d09506c6ed1d96901d2c8d1ad4e0 |
| SHA256 | 7924474a8f327264982347dc932997ed49890ea4114925024ba678fba2d4e90c |
| SHA512 | 93837c0d1bf848ff603073bce6ac252f770a35fad094b294609682e11b04b463292c74c8440891e89741f28fa67a888ed6fdc1575fda99a3c2b6065ccc4e7b47 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 0de1096411b23f842fc5b77e1a8f583b |
| SHA1 | b925a681867ac101b8441bf6a529d6ac1e3c8acb |
| SHA256 | 082e648875ab240bcb7d0120319d7ba61addfa99de84ccfde03d2f81bdda9929 |
| SHA512 | 282e1fa329824a9383601dc81d5ee4301a4e301e7ab3fb129b106eaaac972a68287d12cf691a967c547a2b5111a372d62794482d8895275ed7a5dc216a852e5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e
| MD5 | 4432ba6759218c592d12ea3054b8f9f3 |
| SHA1 | 67b1acd1aceb6162e88f2dea0c2fa327c7a6e741 |
| SHA256 | c9297f0ff7cfe9f8a788d5d283a548dcfac9d7ee0c914882e993dd7732b08a80 |
| SHA512 | ecb956ee95847206a9e11db82bed59fedc03ce35e4f75f05539af1c38591fb99a478eedec89ea1364ac3d0a655cf1441de7a6b9c3ad01b86a5d8e7383b811e3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d
| MD5 | f222656f7796794674f732c474a033ac |
| SHA1 | cea879731968ace9befe205c55679924f033464e |
| SHA256 | 2d9259afe79e20ac65865133ee69f28563201da61bbd8142cd964fd0097170d5 |
| SHA512 | 9a2b31a325d8030a2aa6b5a932a8c56476a7bf995ac61d419e81477a0c7ecf5e92d5d4884a3d3fd9a67bd33dc619665d5e3bc05c3784c3bc51333abe4332b449 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 757750902210ff3c0d12dee4dc5165c6 |
| SHA1 | a3599ca4bd5da9fb9c83e26813ef62327c541566 |
| SHA256 | 72ff7d67ddc7bd23885cbba07f3889be27b50cb597ba41fd546343416676ba67 |
| SHA512 | ef5cb66e561d5f208a872c65b6732bdaa082d421f9815c8a5a439d5e749890e032c2309c1d7ec66d93d1f897941bb5e2c5f860fd9cf8e13adfbf1ab60aeca27b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d
| MD5 | 014b64daafac87d3c272ee90cf4c0c91 |
| SHA1 | 024faf708d06a7a19160a4c84e2dfb2c24bf31c7 |
| SHA256 | dbc476098874ee29be20462f7d264acd043d7b8b0f64ecb803727040d87021f2 |
| SHA512 | d4492304f499bfa09acb5704007467f1239e90620ff44d92865d371770ea57b8a9690ffac7ca6325e447ba9598093bd5fe4707130983d3f27283c75b73581728 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c
| MD5 | 4d9ecc70dde56858a3451017cd7fd8d9 |
| SHA1 | 88189cff695c454384884888ea46d9c11060c811 |
| SHA256 | e10acc2425b736f904ca0ec762a77b516ce7cea7391354841199e55750eee287 |
| SHA512 | dccdf161353e3fbd904b63f646ebf616e9eb977d23933575a307336aed6bb044902e11dc5990aa217f7b8cc16e190a968fc9077fe74f335c195c72de46c6f60c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a
| MD5 | a6eaca3d13b525eec27a4f59c22974b8 |
| SHA1 | c909f597a525aa56814bb4ff588aeb0f524e2a31 |
| SHA256 | 04809f33e8a8a6115c55ac60613373f93cd043a1a18bb708a126f9fd56586430 |
| SHA512 | 6c75c50044b36ad6334b89178524cd8b153d2bb5514d1312cd315a759b32db3154b5b0f6ac75e688dbf7d384de362efc2e825f512f615fdec3d9d3f2401a47d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2197dcd623a8e0b79de8ed9a8465264b |
| SHA1 | 63fc14d607f87ade8a17618a1d4063d5b9b03160 |
| SHA256 | 91ad0d60880ae5e4d109f3a7cb9232015a6b50a217920e3997f7f7724707536e |
| SHA512 | cc7de41f9bc43667961f2050964b402cc86256f63c9f0caa8d843c677957c510ada37fef4f300cb7d631ae2034ca8105b6d3da500f49b26c25f2fee4e6010786 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dc970931ff3fd4b913d1e84a728096dc |
| SHA1 | ec6c6cc80a6c5f332434da74ff4c3a47b42dd1bc |
| SHA256 | 037015bb9ea2be901cf80ade3210422ada6ba54a7b18fe8a882a3f258e690861 |
| SHA512 | f830b6c422230a93ad632ca0c6ee0bc163c0ad796ec48e040d65da0378068f3c28f19269464f57ba6fa6ae389482c049b331add5c3b7324fa8b8ae6db2f95aa8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 30858cb079afb63661d53433a4af143e |
| SHA1 | 989637c732e8014237fc2ae0a50e1121fa33edf4 |
| SHA256 | 133eedb2e24bdb021906c336f8bfa542ef3bd56c7109a92ae48238f7a84c32e1 |
| SHA512 | f9038d9ded7a5f4a733e5445e3c331a0823f22f2b21cd00d198b3ebd82546860c0cbea396015381edde6cbc413bbeeb53700cd00764232900775d907ac6b1f71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 93588b64eab1fa2ac32804bd7113cb62 |
| SHA1 | c4672e57725eed64ec678b0f5834137644f6f019 |
| SHA256 | 938e8ca620b28ed8cd047b4727381ed0463a6f7be018eca019d7efc07e0e799e |
| SHA512 | bf07e9ed7497be4bb1e0e5737d80a0dc2927cfbdab809688d32c6f49780038423ec186897ae6c485ae09c29cf56ce5c45a2a1662acd1b9d1006b12b4bb6f9d1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2b449b3d4775ed630b032ee781bf93fe |
| SHA1 | 20ecfd83d94371fd41a745809bfa1ba85c920bde |
| SHA256 | 129180d6cd20961ac70f8d02bc5bdea6ffb00bf9d1a254fdc1c600308c27c0cf |
| SHA512 | 0211afd7e3571f6558f2fee60af4079fb6610007521c95126aa6c7eab343128bf94f70cbd5cc21cd3289d9d6d44d70ab232a3a28c711712c67b9be1c3947cc11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5fbbad6b7a396f5d83d0f9d5cf950702 |
| SHA1 | 5e453f87f31a4cf9aaa7e5dcd26ffea9b529429a |
| SHA256 | ee10b1cb627b64c401d724191342f14a9424a1785216cc870ad1b6605fd7f145 |
| SHA512 | 70bf06efd70ca74f0c516c10e1528a9502bb64f207377f36a5fc9a39f9924c4f0d99269711f93ffc5854fd3289b07212fdc1bd7b50cfa71f0ec355fdb15df95d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 945bb3c915ca30eaef4b496cd302cb56 |
| SHA1 | 077daf013babb3d134347693f3c13b089e8733e8 |
| SHA256 | 5307f9809a380229d920a769130e9a493e503c80826bfa19dd74d82944626e72 |
| SHA512 | 724e8562cb3f59bfb201bd0f01bbfb6c1e8a0e8cbf9ffe9e5e427f2abe13779b911fbc3b11d770d465a2293a527ea36ed7c7b000a3ef9f5ca40310cb39bc0799 |