Analysis Overview
Threat Level: Likely benign
The file http://solaraexecutor.com was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:28
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:28
Reported
2024-11-09 22:29
Platform
win10v2004-20241007-en
Max time kernel
71s
Max time network
72s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://solaraexecutor.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffbbcb46f8,0x7fffbbcb4708,0x7fffbbcb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2384 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6400 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,934794262351428822,10005614012392836220,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | solaraexecutor.com | udp |
| DE | 167.235.14.29:80 | solaraexecutor.com | tcp |
| DE | 167.235.14.29:80 | solaraexecutor.com | tcp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.14.235.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| FR | 46.105.201.240:443 | s10.histats.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.201.105.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| CA | 54.39.128.117:443 | s4.histats.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 117.128.39.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| GB | 142.250.187.238:443 | cse.google.com | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.adsensecustomsearchads.com | udp |
| GB | 142.250.178.14:443 | www.adsensecustomsearchads.com | tcp |
| GB | 142.250.187.238:443 | cse.google.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| GB | 216.58.213.1:443 | afs.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-if-v6exp3-v4.metric.gstatic.com | udp |
| GB | 172.217.169.35:443 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-if-v6exp3-v4.metric.gstatic.com | tcp |
| GB | 172.217.169.35:443 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-if-v6exp3-v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-497527-i1-v6exp3.v4.metric.gstatic.com | udp |
| US | 8.8.8.8:53 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-497527-i2-v6exp3.ds.metric.gstatic.com | udp |
| GB | 142.250.187.242:443 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-497527-i1-v6exp3.v4.metric.gstatic.com | tcp |
| GB | 142.250.178.18:443 | p4-bmjowy3b5rbek-ljwo6t2pccqmvnai-497527-i2-v6exp3.ds.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 18.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| CA | 54.39.128.117:443 | s4.histats.com | tcp |
| GB | 142.250.178.14:443 | clients1.google.com | udp |
| GB | 216.58.212.206:443 | syndicatedsearch.goog | udp |
| GB | 142.250.187.238:443 | cse.google.com | udp |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 133.128.123.92.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| CA | 54.39.128.117:443 | s4.histats.com | tcp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| CA | 54.39.128.117:443 | s4.histats.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f426165d1e5f7df1b7a3758c306cd4ae |
| SHA1 | 59ef728fbbb5c4197600f61daec48556fec651c1 |
| SHA256 | b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841 |
| SHA512 | 8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6960857d16aadfa79d36df8ebbf0e423 |
| SHA1 | e1db43bd478274366621a8c6497e270d46c6ed4f |
| SHA256 | f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32 |
| SHA512 | 6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe |
\??\pipe\LOCAL\crashpad_1800_XPOUMECTCMVGWKOH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b40abe9a2c96bb9480e6d6c04922feb6 |
| SHA1 | 4b9f36329d4acdb2ad35c88df72e86c601c733f5 |
| SHA256 | c9ff0c37c0a9bc8995dba48a42695ce4de7cc29076b4b5c8f7a66158471a1ba2 |
| SHA512 | 82ee65b03500085f56c7a0f81cddb5323454a0c4dbff857c4c8cfedd5e0a6d56e64021c97f5f07ee439ecab2fc373fe6e2643727d56d56136e03aad70d5df9aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 423b01f10cdd22660a8092f3f856a68e |
| SHA1 | 0049ec546de91e147aa09b777c016c2a883fa734 |
| SHA256 | f05f777518320046bf488e6bd16db89e0f55f3493846ac921d0b5caa2f2c6d8d |
| SHA512 | 4c916bb856bc12824921f2cd8177ef9fc49394c441678fd4e1f88dda0285c7020a53acc2bd30c5286b672d42849030e0025c51198ff1b8f197788ae0f5740b67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 493188f4606285974a1fec0f37d9766b |
| SHA1 | e94d44cc054e6390a84148fd9302e2bd96d308ef |
| SHA256 | bb4ecd87232ed341623845d388fcf75569c915d403d70007f184c2e40d513299 |
| SHA512 | 5393ae49cda56afb5ebaf93fe520435dc2991a7e4ce439418b4591386292dcc66af2668b7356c9050b1a5ddbcd0a8d8210edf6473a01944ac31f82a3af698cb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e3a55745a5b5a4f1661afeb4a091bde |
| SHA1 | 1bf8adb2f01b513dd9807c12ac04eb61fc01fe3a |
| SHA256 | d72300327ee5c2344500a6906399d358e0ab7de4992302e451df27287669093b |
| SHA512 | 06fc43e87cdff302c2476150c32927895f79525d7560e1533fb93bf72d846fdad32e7b68d6d24ba33015afcb48f1c5e0c54058ec94b30eae4d1d09c8045c8b61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e559006571533727a44d75d72b13e9f6 |
| SHA1 | 86591a9a0b6006e2a4f0c49f9189989c3f8bd2d8 |
| SHA256 | fbe62a5fed43eb24d938321d6dd17ae49d81606d37be3c3f9270a474ea71a158 |
| SHA512 | 7ec465085416451ce05833c132feba4cd6e52ee6921eabd66cb8eb1137f7037d3a7870043273b5ce71b960cdfb07f56ebcbf476b526ea714af3dd196de319437 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | ef8b09f2df1c04901dfd8f5e5f326633 |
| SHA1 | 57c877f6c01f8f41aafd8a0e4b5a7444e3890d02 |
| SHA256 | f3e517f718fdbfc155538067dd9550d19f9ca91fea4ae69330a5f2c638964bcf |
| SHA512 | c0334d4906be1620c68f9b6e74d5235d4bfec252582b6f00430ef5b8e484867848c7ccaad269d2e14adc35d603d3b6d028ddb6c2a2b98b2032c937b7d67dde6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 54460939adee2ae735d8ac184402558d |
| SHA1 | e9b88020fc803bc449f95cb1221294ce00590367 |
| SHA256 | 23b04b0b2a9bf4c2146efe04f0614aeb76fc0d62fa72adc436baed7a37cc0312 |
| SHA512 | 0a994da0fcb85a1b519ce3c783dc3f7da047a7d66f00b377c3a87cc1e5948f6bf2000349b9cb43214363fe3072e78c9e778075db183dc8a1eff829b4cf4bf685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | b3b73a589e1498549a8b705eeb30e862 |
| SHA1 | e1d9fa7de516668813f0f36476864c33d56cb1fb |
| SHA256 | 616aab7a189c0d07cbebcdfef01bcab1c4bd38226cf48abac479e9a7c7ff9a44 |
| SHA512 | be3b96f4fb30ed8b05fa14fab2d389a3acd762d4ba9303c7e4bc11278a34c2caf323f11a973af133bed651b50f31b8428fbf3bf7633303c6d23e27057a8a45c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 33c49690ef28f6d55edc10ef472ed55e |
| SHA1 | d66e827eefe008dfbf468b1fa5513f0f9e5fba2f |
| SHA256 | 8bc455dd2b0a8f07546923f659c63e85eef9e8f470393396adc340cff96ca015 |
| SHA512 | 02d2d81d84e9db34e9f4a3b9208bd1b0af5f2f8d5c17dfa0d6e93fd4c9911c018bb47615f255753c0a854eebd06ab2dadf94878832457baebaf99f7013d54d31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 2abd079be1223e68fdd6f520afe8fab7 |
| SHA1 | 0f52ef825e632aa99b80724e2fc419fe1413ff39 |
| SHA256 | fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75 |
| SHA512 | 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 01bb171a27169572a2f49f522ba88d70 |
| SHA1 | d9181b6e1b0d1e4829e9b7dd294bd92f67f97bb2 |
| SHA256 | 92c2f9d07ed732e4fadf38225707adc8ee67d2db56af26c3771d5625b4f268c4 |
| SHA512 | eda540d20c117f3fe159dc5a6f441083de24734f88493d75dba9e06e4c6dde2ce46277884a95bca54690829419bba6e0fbc366f6c07ce29e0438e7c02b7cb9da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59c86c29b7bd007a_0
| MD5 | 1bd142edd33fa1e8fbfbed9ae4de5b86 |
| SHA1 | 2610b474a410fae03ec2cafbbd2bb53e1f8ae703 |
| SHA256 | f40962e12a839065422de4d0e2bcf01b8b9f407ad257a139116dd51a029ead1b |
| SHA512 | 18f30c034cdf655ca219ed12efe8f540598db0d2c1aa5e753c16b07a5f8923af5674ecd4657915a274f8b45862589fecd05a6ad707c251081b7dee054f15fe3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1359bb17f9454018_0
| MD5 | 786f23d48d45a5a9cb3ce082c213c0e6 |
| SHA1 | e53861d6a8e840fb39efc558ed0d872f135debaa |
| SHA256 | f59764a44bb2881693ea9698561a69a07fc90e8eb34500da7d66f782c60df28f |
| SHA512 | 2329bee51aa3444b4e714d706889e95dc4b8b17a93d2109a62d22a91c3f2cc8d1dd428e30ff21460584ef2899a7aacc38fc6ee184a64a8ae0d703ec3e407aba5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | dee46781c0389eada0ac9faa177539b6 |
| SHA1 | d7641e3d25ac7ac66c2ea72ac7df77b242c909d3 |
| SHA256 | 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642 |
| SHA512 | 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c3e093d259a8989e_0
| MD5 | 81c8c917d64181367ce68990310557ad |
| SHA1 | a788111aad3558add92201603281fc5cdf141bd2 |
| SHA256 | 684d33fe1f1607f68c701134577fd655bb4008dfd8d223d16b8eb659ffdf13ca |
| SHA512 | 428ecbf2516e007efab47096bac730c85c7c06a1634d0cd53aa4ef76c54596db4daf2a934d0b1cf2c0af1c04a0cb5b83a29ebfc603e76065871ee8d0c13bb984 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d6c48456e854370f_0
| MD5 | fc7a8717d2e52c5d79f663cc958eba31 |
| SHA1 | 932ff5f5e91110ba821eef182318ba83f4d18b43 |
| SHA256 | 491650ca6fde39ab97da6eb86fea13fd44e59064e11fe4b35c9983d12f822126 |
| SHA512 | e9fd64bec923a0a1d1777b82e6f4907b29a04a90cf10cc86ef7a1a988e1e40436bbe7e2f63b26f8385bf2158b3e2bcd55190eee88ff388924adac74defad96e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4d511473495f519a_0
| MD5 | 7d023638a69fabdbb53bb82229be7941 |
| SHA1 | 95359e5a3d95cbd386849a6604ead4e3097c7c6a |
| SHA256 | d89e50cacf50cd688c7d31036dc1fa691c7e52080f1bee2a8fb97721a9df0a8b |
| SHA512 | a9119cfeecab8a42ef75d807ae43a35c7a0a8d5af8c898b8c72ff4ec3551dc2fea8e19909f7c10e2e0768cc64daf1b0f766e804f116f628dd8e1d9166e3351f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2ff9756ab92744d9_0
| MD5 | f5f18801fff9f7ea4c2249c617827c53 |
| SHA1 | 4189360e647249450753fa6ac6d0abd4fad65f37 |
| SHA256 | dfc8ecb11d7758f9cc0f45fbe698e888c091e29f0556da61ba8395787ae44e4c |
| SHA512 | 3fcd7877706ba53c91bb8f09e414c72b67d715fd8e9463251e66cbe53bd90140f15a26685ec5f3d3696c436173b09631e7228f135c6fe60273f2d6b6ed8000a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fbe4048052aac355b8aad0208fca2b85 |
| SHA1 | 08a01cb049647ea2df1c20487ea79ef6ed0901f1 |
| SHA256 | a8443ded79b80d63de053b0018dc13e0202ba24879a00d2adefe10bd93f0caa2 |
| SHA512 | f975fac9a792d46a3f057f09c52e27ce9b05f4b1c6c90e525fac65b227085d46c6e1fba248cc9900c1028eb314bfe2256cae25a54ab095cd2940ef2bd4b2c06c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588b63.TMP
| MD5 | 3ae0a856df2c49b0438d7d3c3c99700c |
| SHA1 | 9e291b6c99bd5dbfcbc0d220d3fc437cc2d8eedd |
| SHA256 | 112d7cc344b35cb8349280734228f552c8e4c15c7c9daa0fd8f44a4bfb01d73a |
| SHA512 | 7fa32e3127d740dcf4882d85f64c0ec38ca877c3305403d38dd510ce98f15068b7656dd62fe911c44c9a4bc9be9505b148661ba8fdd76464e83d746785d48023 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7826e01041b623c723b93f14564e53c |
| SHA1 | 0056f924d3f1aaa031329985c955dd0cbff54293 |
| SHA256 | d5c04c7347bba6273f60b2a22b049ecca2375059aaf5e5eca2d0accf7a452dcd |
| SHA512 | 66e07be44862d9cc04a3fc6ca05c2e468faccef737b772c355ce18ce998902ab72913507e183dbb0a12b0b0f579df6e591204db4da4551378c5d18986428c569 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cff75b6bdd735bd550a5f2e40b1e9c1d |
| SHA1 | 6e0ed9d894795badcff75ceb65c1969e126e60ba |
| SHA256 | d6c2917bce4dd1a2d92bf4b3ea818195bdd0bbe1b808cc92b43f22652a823984 |
| SHA512 | 6ebbe1201549e393298a00d33a4736cdb926a51a230c2b608324a06f30653b824475e071618b41b55b85e81a435040447d96a4245afe8f77fcd3309bbf020c13 |