Malware Analysis Report

2025-04-03 13:40

Sample ID 241109-2cjehsspf1
Target http://www.kingexploits.com
Tags
discovery phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

Threat Level: Shows suspicious behavior

The file http://www.kingexploits.com was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery phishing

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

Browser Information Discovery

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 22:26

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 22:26

Reported

2024-11-09 22:27

Platform

win10v2004-20241007-en

Max time kernel

73s

Max time network

74s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://www.kingexploits.com

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1896 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 3412 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 2640 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 2640 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1896 wrote to memory of 1972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://www.kingexploits.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce88c46f8,0x7ffce88c4708,0x7ffce88c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2820 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6252 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,5174633476878191715,11429772577394578169,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.kingexploits.com udp
US 34.149.87.45:80 www.kingexploits.com tcp
US 34.149.87.45:80 www.kingexploits.com tcp
US 34.149.87.45:443 www.kingexploits.com tcp
US 8.8.8.8:53 static.parastorage.com udp
US 8.8.8.8:53 static.wixstatic.com udp
US 34.49.229.81:443 static.parastorage.com tcp
US 34.49.229.81:443 static.parastorage.com tcp
US 8.8.8.8:53 siteassets.parastorage.com udp
US 34.149.87.45:443 www.kingexploits.com udp
NL 18.239.69.26:443 static.wixstatic.com tcp
NL 18.239.69.26:443 static.wixstatic.com tcp
US 8.8.8.8:53 dt3y1f1i1disy.cloudfront.net udp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
US 34.49.229.81:443 siteassets.parastorage.com tcp
NL 18.239.82.157:443 dt3y1f1i1disy.cloudfront.net tcp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 45.87.149.34.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 81.229.49.34.in-addr.arpa udp
US 8.8.8.8:53 26.69.239.18.in-addr.arpa udp
US 8.8.8.8:53 157.82.239.18.in-addr.arpa udp
US 8.8.8.8:53 8.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 loaksandtheir.info udp
US 8.8.8.8:53 ghabovethec.info udp
US 8.8.8.8:53 veinourdreams.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
GB 54.192.137.68:443 loaksandtheir.info tcp
GB 18.244.140.110:443 ghabovethec.info tcp
US 104.21.3.66:443 veinourdreams.com tcp
US 8.8.8.8:53 ukankingwithea.com udp
US 172.67.192.190:443 ukankingwithea.com tcp
US 104.21.3.66:443 veinourdreams.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.facebook.com udp
US 104.21.3.66:443 veinourdreams.com tcp
US 8.8.8.8:53 accounts.google.com udp
GB 172.217.169.22:443 i.ytimg.com tcp
GB 172.217.169.22:443 i.ytimg.com tcp
GB 172.217.169.22:443 i.ytimg.com tcp
GB 172.217.169.22:443 i.ytimg.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 frog.wix.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 34.203.83.250:443 frog.wix.com tcp
US 8.8.8.8:53 tcloaksandtheirclean.com udp
US 34.203.83.250:443 frog.wix.com tcp
US 34.203.83.250:443 frog.wix.com tcp
US 34.203.83.250:443 frog.wix.com tcp
US 8.8.8.8:53 panorama.wixapps.net udp
GB 216.137.44.128:443 tcloaksandtheirclean.com tcp
US 34.149.206.255:443 panorama.wixapps.net tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
NL 18.239.83.98:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 68.137.192.54.in-addr.arpa udp
US 8.8.8.8:53 190.192.67.172.in-addr.arpa udp
US 8.8.8.8:53 66.3.21.104.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 250.83.203.34.in-addr.arpa udp
US 34.149.206.255:443 panorama.wixapps.net udp
US 8.8.8.8:53 wix.salesdish.com udp
US 8.8.8.8:53 128.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 255.206.149.34.in-addr.arpa udp
US 8.8.8.8:53 98.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 110.140.244.18.in-addr.arpa udp
US 47.88.111.42:443 wix.salesdish.com tcp
US 34.149.206.255:443 panorama.wixapps.net udp
US 8.8.8.8:53 bundler.wix-code.com udp
NL 18.239.94.34:443 bundler.wix-code.com tcp
US 8.8.8.8:53 gateway.salesdish.com udp
US 8.8.8.8:53 42.111.88.47.in-addr.arpa udp
US 8.8.8.8:53 34.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 s1.gifyu.com udp
US 47.89.217.158:443 gateway.salesdish.com tcp
DE 188.40.164.54:443 s1.gifyu.com tcp
US 8.8.8.8:53 54.164.40.188.in-addr.arpa udp
US 8.8.8.8:53 158.217.89.47.in-addr.arpa udp
US 8.8.8.8:53 browser.sentry-cdn.com udp
US 151.101.2.217:443 browser.sentry-cdn.com tcp
US 8.8.8.8:53 217.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
GB 54.192.137.68:443 loaksandtheir.info tcp
US 8.8.8.8:53 sentry-next.wixpress.com udp
US 3.211.103.44:443 sentry-next.wixpress.com tcp
US 8.8.8.8:53 birthjeans.icu udp
US 104.21.42.119:443 birthjeans.icu tcp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 216.58.201.106:443 ajax.googleapis.com tcp
US 8.8.8.8:53 44.103.211.3.in-addr.arpa udp
US 8.8.8.8:53 119.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 nostop.go2cloud.org udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
IE 52.210.2.133:443 nostop.go2cloud.org tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 133.2.210.52.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 trk.sparkrainstorm.host udp
IE 54.216.148.153:443 trk.sparkrainstorm.host tcp
IE 54.216.148.153:443 trk.sparkrainstorm.host tcp
US 8.8.8.8:53 try.opera.com udp
US 3.232.14.154:443 try.opera.com tcp
US 8.8.8.8:53 www.opera.com udp
DE 35.156.1.158:443 www.opera.com tcp
DE 35.156.1.158:443 www.opera.com tcp
US 8.8.8.8:53 cdn-production-opera-website.operacdn.com udp
US 8.8.8.8:53 www.googleoptimize.com udp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
GB 216.58.201.110:443 www.googleoptimize.com tcp
GB 104.123.95.139:443 cdn-production-opera-website.operacdn.com tcp
US 8.8.8.8:53 153.148.216.54.in-addr.arpa udp
US 8.8.8.8:53 154.14.232.3.in-addr.arpa udp
US 8.8.8.8:53 158.1.156.35.in-addr.arpa udp
US 8.8.8.8:53 139.95.123.104.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
DE 35.156.1.158:443 www.opera.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
GB 216.58.201.106:443 ajax.googleapis.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 216.58.201.110:443 www.googleoptimize.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 142.250.187.195:443 www.google.co.uk tcp
BE 66.102.1.156:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.1.102.66.in-addr.arpa udp
US 34.149.87.45:443 www.kingexploits.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
US 34.49.229.81:443 siteassets.parastorage.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 34.149.206.255:443 panorama.wixapps.net udp
GB 172.217.169.22:443 i.ytimg.com udp
US 8.8.8.8:53 duplexer.wix.com udp
US 54.148.255.126:443 duplexer.wix.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 126.255.148.54.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.179.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.180.4:443 www.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 151.101.65.140:443 www.redditstatic.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 2.19.117.135:443 snap.licdn.com tcp
NL 18.239.94.85:443 static.hotjar.com tcp
US 151.101.65.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 151.101.129.140:443 alb.reddit.com tcp
US 8.8.8.8:53 script.hotjar.com udp
US 151.101.65.140:443 alb.reddit.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
NL 13.227.219.28:443 script.hotjar.com tcp
US 8.8.8.8:53 140.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 135.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 85.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 140.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 28.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 150.171.28.10:443 bat.bing.com tcp
US 8.8.8.8:53 www.clarity.ms udp
US 13.107.246.65:443 www.clarity.ms tcp
US 8.8.8.8:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 c.bing.com udp
US 4.153.129.168:443 b.clarity.ms tcp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 65.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 168.129.153.4.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 216.239.34.36:443 region1.analytics.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7de1bbdc1f9cf1a58ae1de4951ce8cb9
SHA1 010da169e15457c25bd80ef02d76a940c1210301
SHA256 6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e
SHA512 e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 85ba073d7015b6ce7da19235a275f6da
SHA1 a23c8c2125e45a0788bac14423ae1f3eab92cf00
SHA256 5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617
SHA512 eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3

\??\pipe\LOCAL\crashpad_1896_NIIDZMYFOTQAJPNJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a9c57cab6234bc085ac3cc28b6879a09
SHA1 8b7acadf788cf7edb894f683008d9cede527bd76
SHA256 e2e780c4bcc6176eeb1f1e4b5b32756cc956ec077b41547903a43187884e0c41
SHA512 6cb3595bf406641b683b2375ea457676b3a653289647064bb10022253204dff93a5e8e8d9ff333ae5d3525e00d6eeb084fb8d193b2b24e3aea835aadde4d1408

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 51fd9914f406d6f07dc373593221473e
SHA1 1fc813d64e9737f263efd9ebb7313200050322c2
SHA256 33574726ef7c5065760060ae74272e1526706193e575bfa3a5823f7f303a4b4f
SHA512 4b57a29f5a4f7b0de9e052135e6c6acaa872cc2c264981f431a1f2f416fc1a40ada4b9e8495252975b939618c05f145ee3f626b5fc384ee651949d614283399e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c5ec2b5dd3ed6b604e6ba26bab5a6efe
SHA1 c574f9c1e5bf4f51ec7e7e5162e4c578ba9b8864
SHA256 d481aa50cdde44b561931918af303fd1f1f35c1d4e241a683171a4672c35d0fe
SHA512 4ebc54c8632850455509af5840f7eaeaef84fef5998466334c20ae8ed147b11c5bf167f6c57c64d70aeb0af7c24f6f954d0621e3cd7a721b9fdbf7028a393e41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 be9c57387b2ef6fdb4c99fd271faab7d
SHA1 3d2ec5d5277970ce78b59097236b49a8b4342f4f
SHA256 4709618cf4fdcdeb0b27c83bf1b0ee2d4990fe5b692871777b8175f62fa6ab31
SHA512 60ee9ecc53b5e188a15bdf082650ae8cf966d247b46ab47f46d8b4d2663f507e64883a8efaf294857739c390ec262ca5c30fbee1528875d8fb14f971c0888e47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bd1b0de02db0ff3481086c835205709e
SHA1 3e7e20aa947b114bb3f5b6fb38604384f482f166
SHA256 d3d4aa1716b0a5163aa6fe351225a3dc9cbd7a0e1f7ba56221252cd8dd601ad9
SHA512 a741f1fe16a092f46cca7c04bb67aeb56fc372ff3e9bc3452401eff10fd5d0ec0075781a45090538861db9dd41e7bd6688bdb399eb64d59dea571d8d776ac298

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f84a.TMP

MD5 5f77cfd11c2e7d7162bbf3c0234252e1
SHA1 81c345de5e04b9f7ac654c858993c9310bcaf0a5
SHA256 5cdb4dfb8f58e0084ec62d226e55552bcf0bf3c163c490d68239e09f9c5a5099
SHA512 458860975db506c1b6481dce1b7050b488acf559c843bbec6750d96f1c4b7c4d81e56233513f7039c68e2002b31bb7cb9b5d7e9856d4ef8b8da56891eab621c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 622921477473e93dd9223d6a6047dae2
SHA1 c6a5bc5a590fa0c75b3725ceb8b2628671ec54a3
SHA256 b1ee18ec4b74bd98f27151f10efdf21e03ae7b5c8398309de570318eedd29b0f
SHA512 df56309937468d93ac2478141e5111568b5e18c3e16d20f62e437e60f5e5a3b8212fbc17feb1cb089490f5f627dd62899ea5506535b3f5e99ee3783cca4eb6e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 57632c3e3288b2d52d3a6ac63d989c5a
SHA1 8bd0a80782c89a5da2e8d950205dcd93aab5387e
SHA256 f63506da8221e2480de12f403a9a18c91470ca131cf67b83dd7e003dcedaa611
SHA512 e63931370f5449e16030189ea1e5da61bb654f61e34b713fc46e0e20071c1b1f5d52fdb8ac6495fe4d2de1929b0eb2ca6a1214b2dd99133b6f2cdbfdf6f36554

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 68eae8ae528b3cf4965c780505e8274b
SHA1 23eea22c5ced491f0933dbdc428503548ae48636
SHA256 5c677af2d6e78de58c66b09577213d4b1c23cf0409822378053f1c457ff465aa
SHA512 7fb225df90deaeff597ea4513985545b5ca6d3b4478dbe5969554f15ff4b2c1652c6220b970304884adfc2860be045599130534f1c45586a7adcfb29a8e72ac7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 13d1b429e99059f97e58fa10dd69f8b5
SHA1 174c7f299158103127d50de82f1086c3b66e8258
SHA256 1262bff0591c36094d058ab102b84ce34eb1e547e8ff00557bf8d55449e58e40
SHA512 30dbd99f1abe8d2a9ddf73a93ed199ffb2b55903b5bc2618935a64ad54706f054fc9b46a80ccd1cab4eff3f5a607b5b599f5e02a2e89c990e10b210e4f16ed9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

MD5 e0edc621e4ffaa368d2e0677d3f137e6
SHA1 e374bb44d1834cf6eb688eabe1820aa5f7c827d3
SHA256 13da46f8e9749704bfff6b6f51a202c87facf593280dfde4127e5858c28aaeaf
SHA512 d60643fe87788d76dcf1cd941002ceef18390cac5eaa683bce2e2dbeaba684b6fd656a94187379b71105333590412d65b3466cc9c37cdaada7e009c1c9f8435e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3e7e49073b1ccee3b05582ef676c0fbb
SHA1 5720d986f32f783135540bbb95244613b8d0655c
SHA256 c8621c997dbb05fd83a36ef6ab7968cc39a5c25f1fb6339b8eb2dd93b9486e5d
SHA512 010d51eb4642cf0c109a862cebe574d138d566a529b172278f8471e5e33b47ccb6bf3ac9786f9cc970917a7bb99b68bd06c1fe1da03f8828219561551c2ff490

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4547f672392df3e9e047afa200be4b0d
SHA1 bda529a5da23c4c8e514bb082de3ec0b7aefb5c4
SHA256 b81b0dda04faf0494f54dd6e09c75c4e7da303d736343aa754e44c37964b8102
SHA512 946735e7439cc02ecd3ef5b38eff35d3b8ff8ec82fc58cf098c2adceea25aaa90d00c72debba407a4311ba26d0cb5bf679785a2e42d3c09691449e74c554e6ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 01b9d9a0606b5763df2e2f1ff61b86e5
SHA1 d45bf2589f1a5918d6d0dc047eb203a14e74fa87
SHA256 cd2f22e2378fc34d0a401c6cdfa47d02d24097a8c777b6dfcec05f2333f963b6
SHA512 867b1f6f126d8ae191be9c3a8fea1887082b67404702d90232d62c046082dd96cf4dc46041cf8b880092cbf7dc781e3a074a9eac19a8097d90f9e9deb75cf90f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 9661f391f69ddbf1e8bbf879c1c69660
SHA1 60e78567cd82d5dec158be4ae4d365f45412fb36
SHA256 59fe3fa5daacb2b18c734a563d4e8e9df1f51eb24672249ca4962f3132149191
SHA512 dd61b2a9827be092d779b36dc1c4f3983e78cd42f3b6bb07d61758502ef0eedc2fa562ec028374d072e1ace9d82c2c816d2bbb742523f43cf5a6371b79064722

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 df07be41b3dd34f52291c6133aa0b4c2
SHA1 b6e3517ca9c088cbc6c6432f4de5adcde584d68b
SHA256 cb7f1940d09f8e6bcdbad0cfe0bf05bb73595f3c5660a719fb83ede6f9bdb5fd
SHA512 7eb35458e8f49f3c2b538c5d41883f165d1fc661f5e5955b9fb49d2e947086c43f4c0a25721d56f7d465ed954d1fe71909554be573555750b131f17c56f5be6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 f4b06601d97e0730943d431c8366b1f8
SHA1 a883950f672e009a65a1cbb51f62faaea6526c95
SHA256 e9130d09a238d407aac2c63e5a11a6b1da6e69723edea79324490dde6e96f9d4
SHA512 9febc785c9b658966ded446e95e8f25ab2c77984337b5e05383f418c766081655482332c8d7d6e1468ca18a130d37cb5ea0056529ed2945bf94c2c279b06e94f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe586184.TMP

MD5 d7bc7013ffbf2ee7a682838910997915
SHA1 cbde08d35f176491a4b6358d9e4a2414300b82df
SHA256 560352ff0f8fcf51a55f9c3b54309b170d0afc228253eec964451bb852bb23e6
SHA512 5ec894fa6a55fa9516e7702dc4d52f96ce04b894e69b35c67967ca9c6b2eba08f2885d49033771fff44080516d41053d1b47e281f6fc48f6608f59f3c51299b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000068

MD5 ef2ae83fa24a6421c54d864ebb7a272f
SHA1 71ee8f070d674dc76b1ae634a6fb042504068621
SHA256 a1dcfbe52cf9436264f2dad7ba89605e02f7c7865546b8e7ce7602b0cf610668
SHA512 d2826022e2e2cccaf3aa3a0503ee7fdb1b24e4b005d972eb9ff60af38b968a65df24b4baff232a977b7cce7d13fb8703eabc85f1fde4e78f49bf58bfa45788c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038

MD5 5a647a245a5dd27775e8b96f194d1536
SHA1 29f7b2e9b0f6f7103cded844e24b9c0276e1bef9
SHA256 8463e57c3b598ce66e87abdabbfa04ebd0c8e30bf2812d03ade7c2f1d25f67fe
SHA512 c6e869b245f3a15e29d45d07f623d754ab2ea36127a80899547ed472be39d7b7d90659d83dd9305036b84779062941d2a5b72202addbc5c1686922577fe01ed8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 f8b8c620bebacfa70902a625a4d2a8c2
SHA1 83d5d540d91e6df03ce108c760d969a3758cce24
SHA256 79c766eeeb812795dd6dc0ebaebd52236f4e3445688976fc3101187e7e33e365
SHA512 a5b35b065ef4d09ca8c9006f43b9ece01e06187ebc12eae2384fa915107fd868f4d67720cb40c13fa677607ceb271ca9369a49cfe87361a74a7e2bf325c9e01c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

MD5 a302adbf3cbcfae597723c91f1752159
SHA1 5ba1d029c06d794d1b408f692f12552c8ff53c5c
SHA256 d57c96bbe47a31893834822049e8c2b2790060fa1c8879c7993b6040800b4782
SHA512 d215179dc6d70f2c8259f22a260463408dcef7faf66d457e6fdf904eee646629553d43d87ef20d39cfe661ddcd803c57a84f77019902c3c1865ec174c52063f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039

MD5 34d998b1b76e49cd55098b9596f4a06d
SHA1 89ae79d1c147da897edd43ab8fba030711b24de2
SHA256 b187780e0492be65fd50e601a85f3bea3e5edf0e15a8563b0fcd95c66e3e4cab
SHA512 9c734490da2f67609d09e35d271a212f1ab3b5ff8cd0d0b5dcdf6ff3363943be150bb0034ad61fd0e190e0137aa10b727ed31181abb9582831ecc3ccf17dc93b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 71402fb414a769e71cd32c5baf13b13d
SHA1 4cf8ceb06920861050da1d8b13f383faf60b7bc2
SHA256 8e8804103274a2df140bd3dbd220ce973c69744b6747314faf192cc7148948f2
SHA512 2df5dc808556cab811a5c969ea440b4241af46e185ec8ac51f5faef73b4e54382004e573bfcc0df288e7dda95f571b25210988d440246d409119f39b2b4e8257

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 869048e32015b6cd10d298c95c642285
SHA1 006b7f8aeaf3221e284188e5a27990a7dba60807
SHA256 9e7ca957cac9312282a92950ff571b8a8302073d0f1b2e7d674a863f683b5532
SHA512 694aca9efc7817732fae3ed9406637799abc3e1cfb8047d2f2b7326646d9cf277f027a6882a58168b5ed4dfa86f0f40360b291aa4649529f9895d80be0cac84f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 a3f61bb0b7bf3c9b7399ebeb260b507e
SHA1 0e589a316874773d9a38b675ae31a12905f2022b
SHA256 88e13f5501f3f830373b9e7787dfe70f3bcf0c04fe3e0ace2717146b1f30dd53
SHA512 bcff87e3d0b9d91b1d5c3814046ebe37a5271db44fae98779850f6cee5b64c880b805b66fd8391f47111e65aedb40cd186470b539c61d719ca7c0b4cb5fa1767

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003c

MD5 b9af01fb0240f849ba92eec425ddf7d5
SHA1 6214e1209c76f9f46d459eef3c4bc03f5431f2fa
SHA256 dd2d2b3fa1236d246329ba509f520840dd6357dbc50baff741d17647d6a28a3d
SHA512 3c88d7de8ed6814c1e7a92e3cbcab7587b890d98a32d2cef75b1d6034f80e6be0bd71d7ee3a555bcae0dae29c7411824e82f831c36be0bf0576965bc66894304

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 80530ba21263b5e0f581b6392aebcf63
SHA1 dd2c36c5be2306b6a66a372fea390a854e1aa1fa
SHA256 6ef50659893f0b984668c684837c2d1c403565f1febccbc1734937407a71f7de
SHA512 740d12f6c6751ed3e9c00dfd5eced413753c69644acdc7f71ca607b28855bf90b397ae249124c0650c332d0a2f1cc5cb50c790d344ed9669e518fe22af9cb10d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 43881a474ab80ea6f793db5211d28cf1
SHA1 36b1c5e033d7a5ca884eba834aeef209702c7362
SHA256 e50bbfa9012881b4393ab4989a200e78647ee3ae3c0d1ff4bb0f80e6b4bb7bd0
SHA512 87fa402d97283dcf26506f0e02ebbacf225e4f830fc8400707e8a813f6b75b9da724d91ed6a156378c810a162cc1d9694a1a4203b6bee087f3a65fb307e02433

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 c4d8a615f2a67d88f7fbe4520405f535
SHA1 c0a59be44b6d7a455a567c7dc95089094b7baae2
SHA256 87b38f2cd5f92088d5f0822e9e053675f5681ed31d896e1135a0b546fdc6b342
SHA512 348526f593d20796328d8f8afb3fdec3a78a73a9696d6db095ee118c8f0fafb63028ff4c5bfa98f239c184b238139bbfb6f3df15efe48a79d3e525f972ce3fbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

MD5 f3684328293bf623ea859efd42985f5c
SHA1 7255929c3943faaf4c14105573dac628e332f28e
SHA256 37d842b5f9128fd85aeb3a9fe873c4434f659d04c431e35aec73b4ae200d88ac
SHA512 432ca1054a6d6749248e47d43d524edc19b3f99f3afae9b7694b687188c43194c7d029ef3c028586a2686f994c6d780007c15f1728c14fb6e8e152f1777db730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 bd48a8dd26812c0edca3ee1b422081ef
SHA1 b25126cc992d0de4ecf00870933259c431d479fe
SHA256 410f52f0efc07fd50d773b935ea5b26aa575e66a30d617351088b5f1d25542cd
SHA512 b3dae825aff35b132e0d43ac31305b92306033e15fd76fdeb53fb8f5393ec549dce083ae2beb87c58139def4969d9573f19fd98ab11cb8bdd6e988b0f7f22bff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7556433e75d150c0b0b33d1b8af53a9a
SHA1 6404beda8a84da7e6eac3162d9bf8db2fd849787
SHA256 bbfd0a3904045dd56eac3cf86dcbb2b8ecd78ccdd17bf34a099aec4699eaa4ab
SHA512 dcb9be19c0129d2958379cd36ed4640290905ccf98cf47042d2a3d81587842d42329572876acc34cef61f078c539220bd6a206bc5a084d2fffdfe39d463190cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d4a6b408f7991836a1ea0c5291455636
SHA1 627d9bf2536ca348debe2aaaf904b310d6872f2f
SHA256 723f9e0495f51630d01d7c62828e24c73db0dc1bd55967453c477b98fc444164
SHA512 6c65327f5b6aee3ad597997b5ebafa8a9ab81dba81d691803682454f61291713ca438f805d194d9ea55c4e66b26363868811bffee2e612623739e205802dda6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b703bc38220f248491840cf654161908
SHA1 304d14e1b79adb09705efd596a296116b8d96959
SHA256 32236afad5bc7c2b4a5020afc057d2dae0f3a5f3de259fec96167a058bce7625
SHA512 1b0481223d0e4ec9cb98e39f9ae7c3a8ed78caf1bf60bc9de04aed3250be9688694e156cfa0174da1ec0a2814c70d371e62bc520ef1ff1385398d284bb49c66f