Analysis Overview
SHA256
355e7cf09659d9ec64ed4d3ff6b20653986076169d803ad6dbd1a529b15efa17
Threat Level: Shows suspicious behavior
The file 9x19jv.rar was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Unsigned PE
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Modifies registry class
Checks SCSI registry key(s)
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Gathers network information
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Uses Task Scheduler COM API
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 20:54
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 20:54
Reported
2024-11-09 20:59
Platform
win7-20240708-en
Max time kernel
119s
Max time network
120s
Command Line
Signatures
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\9x19jv.rar"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 20:54
Reported
2024-11-09 20:59
Platform
win10v2004-20241007-en
Max time kernel
299s
Max time network
299s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe | N/A |
| N/A | N/A | C:\Windows\abdispoofer\hwidspoofer_abdi.exe | N/A |
| N/A | N/A | C:\Windows\hwidspoofer_abdi.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\hwidspoofer_abdi.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Windows\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Windows\hwidspoofer_abdi.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Windows\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Windows\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemVersion | C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NETSTAT.EXE | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3756129449-3121373848-4276368241-1000\{F5BC4FEB-A8CE-4FBE-9864-A4613C51EB5D} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3756129449-3121373848-4276368241-1000\{DA48AAF2-0DE9-43A7-819E-9A4B8FF05C7C} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\9x19jv.rar"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe
"C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1992 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3008 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4996 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1976,6608289847777884896,17584628849751439441,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5248 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2016 -parentBuildID 20240401114208 -prefsHandle 1944 -prefMapHandle 1936 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {59b4081c-15a8-401c-b1df-edcbbcd0d51f} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2428 -parentBuildID 20240401114208 -prefsHandle 2420 -prefMapHandle 2416 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {96a6270c-33c8-4418-a85b-267fc5277252} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2972 -childID 1 -isForBrowser -prefsHandle 2768 -prefMapHandle 3272 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {af3d3742-9fa3-4769-9c81-2fe9669740ff} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3744 -childID 2 -isForBrowser -prefsHandle 3736 -prefMapHandle 2900 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82bc0640-95ab-4114-ab00-89b5b0879b67} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4852 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4844 -prefMapHandle 4840 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5c344901-6af4-4ad6-a26a-5726d88f28bf} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5520 -childID 3 -isForBrowser -prefsHandle 5512 -prefMapHandle 5508 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {26677413-13fa-4a22-a4db-ff324df3da53} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5476 -childID 4 -isForBrowser -prefsHandle 5644 -prefMapHandle 5648 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {21cc9922-0530-49f3-a43d-01bff49fae1f} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5828 -childID 5 -isForBrowser -prefsHandle 5332 -prefMapHandle 5460 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2c2915ae-a03d-4a45-935c-27b8978c87c6} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5860 -childID 6 -isForBrowser -prefsHandle 2664 -prefMapHandle 2668 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 1228 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab1984e2-bf08-4ec1-a789-d968dee9ffc4} 4648 "\\.\pipe\gecko-crash-server-pipe.4648" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4492 /prefetch:8
C:\Windows\abdispoofer\hwidspoofer_abdi.exe
"C:\Windows\abdispoofer\hwidspoofer_abdi.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
C:\Windows\hwidspoofer_abdi.exe
"C:\Windows\hwidspoofer_abdi.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://dsc.gg/abdiv2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6156 /prefetch:2
C:\Windows\System32\enb1sa.exe
"C:\Windows\System32\enb1sa.exe"
C:\Windows\System32\enb1sa.exe
"C:\Windows\System32\enb1sa.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault27773f1che26dh4ae6h8776hcec7cdc804ca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffa884f46f8,0x7ffa884f4708,0x7ffa884f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,1539438608995333772,16450847684216892942,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,1539438608995333772,16450847684216892942,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\NETSTAT.EXE
netstat /b
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,13166717246890024411,16932974880394411357,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Windows\System32\enb1sa.exe
"C:\Windows\System32\enb1sa.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dsc.gg | udp |
| US | 104.21.7.223:443 | dsc.gg | tcp |
| US | 8.8.8.8:53 | r.dsc.gg | udp |
| US | 172.67.156.126:443 | r.dsc.gg | tcp |
| US | 8.8.8.8:53 | 223.7.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 126.156.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:55494 | tcp | |
| N/A | 127.0.0.1:55501 | tcp | |
| US | 8.8.8.8:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 149.234.200.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 151.101.1.91:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 151.101.1.91:443 | www-mozilla.fastly-edge.com | tcp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 104.21.7.223:443 | r.dsc.gg | tcp |
| US | 172.67.156.126:443 | r.dsc.gg | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 35.190.72.216:443 | location.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| N/A | 127.0.0.1:6471 | tcp | |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| IT | 92.122.225.216:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 142.250.200.14:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r2---sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2---sn-aigl6ned.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | r2.sn-aigl6ned.gvt1.com | udp |
| GB | 173.194.183.71:443 | r2.sn-aigl6ned.gvt1.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.225.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.183.194.173.in-addr.arpa | udp |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 104.21.7.223:443 | r.dsc.gg | udp |
| US | 172.67.156.126:443 | r.dsc.gg | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 104.21.7.223:443 | r.dsc.gg | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 104.21.7.223:443 | r.dsc.gg | udp |
| US | 172.67.156.126:443 | r.dsc.gg | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| US | 8.8.8.8:53 | 27.173.189.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.213.251.133:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.170:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 133.251.213.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.188.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.97.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.144.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.100.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.243.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.121.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.156.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.7.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
Files
C:\Users\Admin\Desktop\abdispoofer\hwidspoofer_abdi.exe
| MD5 | b38e0ad4b3a5728d7eed42bb28e90818 |
| SHA1 | f09c71b2fa1436b7fac40ab2ddc4928dc857fd4c |
| SHA256 | 1424a0cc1d64a68a51eaed53f3660674babc5d07194159132a37bb6f777faddd |
| SHA512 | 8fe78815a8713bfdb9e047615fa4ed46ef82145105fd5108a7961abfad8df02e78e1611318b14b5541c351dc5c3498cacb0a1e9133c902e85ff7f1f10b8d147e |
memory/1824-10-0x0000000074A1E000-0x0000000074A1F000-memory.dmp
memory/1824-11-0x00000000000D0000-0x0000000000460000-memory.dmp
memory/1824-12-0x0000000005400000-0x00000000059A4000-memory.dmp
memory/1824-13-0x0000000004D50000-0x0000000004DE2000-memory.dmp
memory/1824-14-0x0000000004F50000-0x0000000005164000-memory.dmp
memory/1824-15-0x0000000074A10000-0x00000000751C0000-memory.dmp
memory/1824-16-0x0000000005180000-0x000000000518A000-memory.dmp
memory/1824-17-0x0000000074A10000-0x00000000751C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a0486d6f8406d852dd805b66ff467692 |
| SHA1 | 77ba1f63142e86b21c951b808f4bc5d8ed89b571 |
| SHA256 | c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be |
| SHA512 | 065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a |
\??\pipe\LOCAL\crashpad_2828_VWRHNTMDZRCTDJKC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dc058ebc0f8181946a312f0be99ed79c |
| SHA1 | 0c6f376ed8f2d4c275336048c7c9ef9edf18bff0 |
| SHA256 | 378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a |
| SHA512 | 36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 53fa70c8a022c854ef151093baeaf31d |
| SHA1 | 7c7e6c9991f915781b17c54ce91d20177ac73c1e |
| SHA256 | 72143f96040db4c9dbb496a48801e10c1dd320b75c580da0066d76d27837a194 |
| SHA512 | 995f6f1989c843705c7cadf1ab4b0b56ebd94cb50db7c7eb328e2e8f48ce0d93a7b39644dc1d98e0910750b999f8de3b2cfbea3820dbbbf3d7d465b1d0cfef55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 08ad1c940805497c6e19577e1fba0c94 |
| SHA1 | 129b6211269e85a3fc36867262bc45540a8c050a |
| SHA256 | 157296c9e070272a3f1680313233a3139ebec858547ecbfc315bfe22aedd20fb |
| SHA512 | 995187646bbbb08d779c1dca769a9169f687b9d8701245e6784ea5d688bf0a5b91953400100dec9fd99f73d06f6aeac322ae8ce9f3b18d5f1867d9f3b20de6e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4b3258b9076e53c93ccd9d43ebd0ff02 |
| SHA1 | aea816a311cc95dc37df536472ceada83680fa90 |
| SHA256 | e46ec4b191c10803eed89b99ca37f016f0db112c5584bff90f9752189828bacd |
| SHA512 | ae4fbae56548cb6a8782c3db887a83b1491fd75419e87554b49bed320035a991858c3f81b736a156c8cff650805d8c9fa2512a2cd1d1623fbabe915cd6e08b94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | baaa75980b2aa8cdd9632452e2ff79a6 |
| SHA1 | cb4504d74cb3b509ab77a116f9af2d4779dc65b0 |
| SHA256 | c95a923ca3b41b65b54db05f2456694b47feb21801b268dbb1c9b4b6175ff8b7 |
| SHA512 | d7a5fde91eadc7bd620eed700677cd0ca811ba0f4cb0d2a484a54251d757f7109418554729f640fe6cd114624867fb72094db9fd7cf4d9702b7732a021167c85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | f8a8ce46d2024c359d02bc7c1586aa1f |
| SHA1 | c1309fbc5971f827eebc1c1d7c2ef4a14a772100 |
| SHA256 | 9677df63235bd92f8d44a08603bbe7b9d690573fbfa8f9b79456996225d86321 |
| SHA512 | 42dc0ea62f8afa4be4f077112e529cabf7054dfe5a3004f67c1a263643897e3ec8bdfe3fe3a9e3ec6e17cececc990bc7756df530d7258330acd626430c223bbe |
memory/1824-192-0x0000000074A1E000-0x0000000074A1F000-memory.dmp
memory/1824-193-0x0000000074A10000-0x00000000751C0000-memory.dmp
memory/1824-194-0x0000000074A10000-0x00000000751C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\pending_pings\e0a8ac60-54ff-4ba1-812f-bb1f7529c3f9
| MD5 | 3c47a4cfb7e845b8ad85036a82e26d79 |
| SHA1 | 3a20615fdac4b320bfe7c081d01bf56845bce666 |
| SHA256 | f872136adb307af4fc4acf042a9a9b77a897eb7ff62963b0b900d836324dfc27 |
| SHA512 | 43632f3e785d2e8d7e792acd50e3debeffab20211626a399fead1649efbaa0cf20a3aa4015b630b292988574bc014e80e4d8162f1f3a78237fe4427e58cbd671 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\pending_pings\3576627a-89e7-4f33-a7cf-00e347997f33
| MD5 | 3c096d08b708540ba9d571cf5bbd1be7 |
| SHA1 | 11146819453d5b548910468d7f1983237d8b4a71 |
| SHA256 | 66f35eb29f40f3c669c9f74113ebde6cd0bc29ef60d8d7f86e5745621c8b79c4 |
| SHA512 | 6f650d81343d9507c81d8a5a08105bf045716e054576c3304428a03fa01046ba052b4e0e84087c7483a551c4bddce8e383fa3fd666e38046283f5d5b6b31b815 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\pending_pings\22658d60-0031-4df6-994f-5533613e780f
| MD5 | df5fd790d21665bed52f4c268186c7d9 |
| SHA1 | 1ddce9ade815f2e0ff2f80c599bdde11f9de8661 |
| SHA256 | 11c8e4cd5b73b1d2c7cadd2ce08e671a88eecfe60ffa7024b8ad19d16a550f36 |
| SHA512 | b52be901512f6a3e0d83b98cf74d35e2f54bd3ea9f3404208f7126a50bea0177d514be7294ebee3988c9707b0850f7448d37cc38bc02581f234edb6c63383363 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | da4780f08442a200597eb4feca28c50b |
| SHA1 | 345642db3b672718dc2840992524ebb9a369805a |
| SHA256 | db9ddb3fcf2c60dd9c2a3dc8300cbbc2905def4607d22243d539fcf38c7e26bc |
| SHA512 | 6d9f8549d77594d587ae0d121b95b7a89ec2611ade5d4ce8422736d582e20c20005e91f39c13ae303572de60dd6be9639e525d6605b6cf3bfb27c1a8e63e4995 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\7fmsgkth.default-release\activity-stream.discovery_stream.json
| MD5 | 145e77a9be22dcd2def15407991008e0 |
| SHA1 | 16e43a178aca8b3d3b4a8357b68e6a4d5b72308a |
| SHA256 | 5acc55d700fed35701594c35773ff812a921b41ce55544d2214929086606413a |
| SHA512 | d920ddf9824335690c0b682b6746b8c32a1f420e1a28237ae237219a53945683af1df9c698867b1435f6b78e0fa5541fd7c387296d560a9de1e29ec5670acea5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 4f8d0ab98b0eb17061e791b34d109ca7 |
| SHA1 | d5ba99bda76d0634590838c80823de1fb90f40b3 |
| SHA256 | 05e74a1b6c76c30ae9e09a179d70979fd240215a580803b822dd6d0269d4dbdb |
| SHA512 | 2191b6e17a8fccf7e62e525f740816cf34463cd006f464d809b7bb2a3f27a8b46a152ecedbc2501104654a63dec5b52b71824d750b6928baa77629bfaea9a1ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\AlternateServices.bin
| MD5 | f004022736658b4187a6967360538458 |
| SHA1 | 60acd34f9e9d1b42fd72f3f155024617e1367c08 |
| SHA256 | 93cc3f5cb937779e70fd6451f1286e7771cd8c2f2555a708278e859eb6ed677e |
| SHA512 | cc02cc18efe85d4ab1d507884317e41109877ae50840589c84e95c0e17f7f451d6d4307d9cd3ef9ec170fc75baf511d61e0ece8e22a6f6a09fbc5b5efc2bc7a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\prefs.js
| MD5 | a81e8bc417471f551f32b1defddddc6b |
| SHA1 | f4dfb4a267c0cd1a400d5dd57f978adb031d1515 |
| SHA256 | 30845efb30f19971364c274424ac266cc26d4b970cf251546d327db827dfcd3c |
| SHA512 | 5bdd5bd2d56e0a5a530bc51f1b7499535c4336a75a7ad24753b05498a8b8a0e4f55e46b63b98edc34651598c27ffcc6ccecfe8bcd847c4c5807f38b75b4508c2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\prefs-1.js
| MD5 | ff3a7b5b62a5cea16bb23add140c2b63 |
| SHA1 | 5f912d3cd7c2d64d40be3f9ac7a91af90ed85b7b |
| SHA256 | 0d9c73199651b98e90bf6e6bc21e4b813b3e4ad140866c8764273de54845be34 |
| SHA512 | 88dd366efda446c8c9433d7289e8603f4394218ce2fc5a17d1c5bf0e1b53226b864aae18d410ad3c7b4ba0e9e2637110dc69f6d0ca150a8cbd67f897f4dd3f71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13375659286567609
| MD5 | add1f3eee8ae0f594274bf563071d8c2 |
| SHA1 | 0c15cd50b9b6de9005460503d3a4fb2b36ad9b3d |
| SHA256 | 56e47f1955db646d01f1e4d3051e473227948c7de1b7b0cda6a76e2cdcada13c |
| SHA512 | 91b070a01f605c616bd3fc853b5bc48279e5250f9ee0795c0159542c5486bec3539bdcb133341bdfb05e78e0f2daf0ee4bc3e2f8331818c0d94189b3c223d9c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
| MD5 | fc9bac28877d758f5bf798daa34ea4d4 |
| SHA1 | fab7ef8673e59b5e479f74bf58ebb19cd9fa3bc9 |
| SHA256 | ce5259fc4bcc6e548720c48f2602ac94dae5a6a2965a44c716b09b2aac7e7157 |
| SHA512 | 84b16ba35caf9fe5cc5c5d45ffe958dec65f9e743f353467d3c8df033292bc0d637807882ba7209688b92c64f0a790d891625bf867cc9a00cdaacabdbeda8549 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
| MD5 | 3bf1fa691ac806aa33df288661a974da |
| SHA1 | 50f49102074c3563a4598bba43860d6330aae3dd |
| SHA256 | c5790838d6e6a912a8a61672162d5ee8ac188abdbacc71d8df596b1432957347 |
| SHA512 | 8ac46f1ac3e2a18070b76074331860b25602724cee91874026691e647c7abae806efbfccf5287a5ba0eaeb9e33a5908f4ec83285fda2576a1150e90583d51b2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | e3514a6c594b1c942ce2f3bd6e794587 |
| SHA1 | f610b4874dfa67f583d0e82fe40f1c90343868fe |
| SHA256 | d0fd62b3aa309862adb14aa0a46693cfe29034f0cc710ed6a12557d6f90aa513 |
| SHA512 | 6c0f11a725c9b8a6b560b6132e60d67476d3b7c932b88d1b1908a373511e1ed496f0a8512c7151bc9e824d31d751539350fede689896de18934061e9d7fd30bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 18b8c38dc410b24add31f0b552ca96f6 |
| SHA1 | cbe24f3b402d7c5ab9d3e9e799c36256152e0be9 |
| SHA256 | bb6299ce4dada75e65bd92eafe4982590f3519d6c376fc6ab36764fb6f4a6435 |
| SHA512 | 01e3278ecf7bddb08a94fa37d4110fc0b3326c95e40d03a7e8a462195b951c8a362ec728ef4b6c4f2d48422e76993658e5c0623dfe91366d7aff75c9a7486e90 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | e4bf626106e065a2de0f7915ca59e270 |
| SHA1 | 89e24d2f8693fbfdf9f090c3d4107b454cffaff9 |
| SHA256 | 306630e6a02e7fa5cb9759e3ae5e3278ef8c928e1fbc896c7e8f3d9e9e677aa3 |
| SHA512 | b8fc9b41a4d41946603e78a2d9afca3250156a8640ae5afc6ea250d3fa92d14ad41b8a8bf5a93cf2be717fc829d45375a07d7f21c29c310237abbda4183e59ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | e06af81923fdcf772fd8ed61abae3e39 |
| SHA1 | 6ff4790dd1907f8d143861e6534b62de5222d1cb |
| SHA256 | 51d044d7350e253e0266ea3b87ff7c51d401d3faeb0f40da168dd9714899384f |
| SHA512 | 97dfee50b056b20b5ead1c407a3bf742c2a212424ab3a0462de9022381b275778c6e068f1d78fc4f536ded6d30d9bc3976628f5c3e788e423405f211376da36d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | b2793fe51146c6a6d37d478076e5572f |
| SHA1 | e7f148f09f6b42fd08e1210bc90c8c5881efde33 |
| SHA256 | 291705cfc48ecb19a88a077d4989bd806242b05a064549501b41d333698e8c5e |
| SHA512 | bf4ec573e23421b150c929324562446131701b08989d79b081871c5c17caeea7bc19903f61b6803c1216da22f5bcb47cfe6f4923802f7636f71b2e06e523199f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
| MD5 | 6bc4851424575eaf03ebe2efee6073ab |
| SHA1 | 2d014fe2feb929d03a46322645a94556ca5c9e96 |
| SHA256 | abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e |
| SHA512 | af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 73ea477b875c0c38dd8d7f249d7f8190 |
| SHA1 | d8e70be82b7286ffdafe7b13162a89438ce208f1 |
| SHA256 | 435723a4ded5fdf0acf511dee03181686254821e7831ee2a6fa3ee758cf763e7 |
| SHA512 | ddb722b4241e90244c1a64d51e9fc9af0790cac1b4970b3322c057d5896811bfff89406722843434c08cae9d932dfdb6ca7841270f564fa50af09f73521886ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8b109c6e2faa441042afcc065f2d8dcf |
| SHA1 | c0d56964f8cfc3240cd56980d90c6a2287a58ab8 |
| SHA256 | 2507a8024c6edab59c76f5b024f04f0da5f0a12347d505684883b7775c0a761b |
| SHA512 | 9dfe71f44f8f75ecc669b3e90858e8d3134fabd39ae6107c351c5be029dc308ad8946717b946a40be5b4735d401517d8652651ab74e8e4881786bedeaedf84fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
| MD5 | fc97b88a7ce0b008366cd0260b0321dc |
| SHA1 | 4eae02aecb04fa15f0bb62036151fa016e64f7a9 |
| SHA256 | 6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e |
| SHA512 | 889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
| MD5 | 4fbcae5a3cd964e437e4b598fa928d9c |
| SHA1 | f5f2b91860e1d8847926e0e4dcfd5a7f1a6d84df |
| SHA256 | 67454c3a64a18e405b44fe09551d43df949e5084bd9c360bd61f139b92cf3aa8 |
| SHA512 | e22f240defe142c2ee75a814777ce93239e873cfec8626708663f151609b17cd57380d9fed297184750127c57232bdd9950c66598be3009c1a9da8ea49cf5962 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 70315226e4b934b7dde04465c73e1b98 |
| SHA1 | f37c4d8b89261a0cd6244ce05c403040001e50bd |
| SHA256 | 55e9e335eec08d515ec6d04a7da37d383410bda4df4f397029cc1ac240069fa8 |
| SHA512 | b038e33681c479c2a7df9e6019887dd739eec4012befce361fdd9221a568b5d520e9c5ced6f147856777372f58e50041e47d71dc8d14d7215f89d9b06e3ceb2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 905edbae3c14584a7468e82ce51ba360 |
| SHA1 | 8ffdafc059eb4a0d600ff69cd5954cb0956a2716 |
| SHA256 | bda747457c2ff6a00e00e837912bd07af49d1684cbe341ae66437134e67a6121 |
| SHA512 | 1532c7f2594b9ebf6de599577389d5ffada4a82297aad29424528acd2e1e5a80f46bc115a5cbf5ec741a3472d968fb4bae7617612313e5a36940e0ab40cb7fbb |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
| MD5 | f36e293633a91af4e6eb39302ac552f5 |
| SHA1 | 4552c981776df85f2d8d926614a4df23c063add5 |
| SHA256 | d4d4a5da0509c366058a7f21d5b1e83d4c9a27d228acfe7a93cc7ec20bbc9b8a |
| SHA512 | f71814f35b4f96185decb3946e278522307a2fc94335945c656d48c578cafc6882ae5708f3f5e7a2a3cf1ef5a422d734e907da000d2f312a3a46cb4f0c07822f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | afb3a17e391394e92a83eddc97fee336 |
| SHA1 | 9a24f101a3cb120ba6d4f4db4b16cf68a87af956 |
| SHA256 | f8b020d7f810bb8627a0a6bff4833b73d8b3b90bf0c13ec5fff1c957e6699b99 |
| SHA512 | 0e796453eabebf610df63c9df37879fa3f3f2d50659cace5d3b0802292ac006742a8236732611aa51dde690930e23ee11b5124d65f5a71dac476f062a4e1ccdb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d7ee4a88ab01bf68c3a6da0f78c4a7f3 |
| SHA1 | b77dc7655920cbfcbf510100fa8e5acf407c8cbe |
| SHA256 | 20272368b724da29de02fff8bfd1782a8b1b9d76ec75056ee64f601fdabec8b0 |
| SHA512 | 4643de6aab0d275de0fef0e60447144cea49a58a01a87a1a9edd22c69a1c8a41555149a987f042ac5a6d740cc1cf1add5745a37bd05bf2f09be873745d04282d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 3883585cebf74908adf6390252038cb1 |
| SHA1 | 851314e63931dc1732074fdae1b234be1b03c1e7 |
| SHA256 | 574f9edfae997c1a624c8357f84f207cee80e14d691fcdf8eb62564eba844a8f |
| SHA512 | 662e4a07f52634a6ce90049a60b17b2dae224d6a7efcf46cbed2c7cf346ffa6b4e5f04417d1408d8826a6e9bf195950f10e3b2f250bc64b9aef60b6168a72fae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL
| MD5 | 56a1e1e1380424497bf6c414de337da4 |
| SHA1 | 85964f946765dbf07966fa44e383590e554aebfa |
| SHA256 | 40a7e43d8989e9a97a47b7b8f57a00f636fd543ea8cf0e37eb0f0c66b064c4be |
| SHA512 | 271eef6d8ead25a8f1195c55e2d92bafd5b5194753e7504bb0388896548ec098dd14be990ba2701ec2b5e03f647242748b029754da4071035c4972cfacaceea0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | 4d1c3609f3cef076797e34b0fe58a2f0 |
| SHA1 | eafa3259b22937690c4f331c0a513420885600aa |
| SHA256 | c90d12d918014ff918a93ada2cbf465b661d55ea8bd48d209ec6fd4f9d6b00d3 |
| SHA512 | 224072ba9f775a6cc616d6dab8b2428561c9e18416f89e1659616d9cd72a90621e194ed9d3aaf3699da14c0067eadc0e8891d6d4aa89f8c344bdcf7352126dc0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | e6002870c65eb74ba46c899d3a38ed5f |
| SHA1 | 311164b59ae549fe1aaeab0b50520f9582931450 |
| SHA256 | 165f30367d51c7c43530f47f90a5ed42f89b114e45dbe647227d295baa3bf9a2 |
| SHA512 | 7ea99f14b90b6e4e5e606a9ed3b5abf6989e704d45bfb5629f60f0c13d784c754c9d549aa9282e6017e83c8860aca12e13cb1d954c93373b54c265c26d6312d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | f22a01e5488f1ae67ff75fd424c7a6e9 |
| SHA1 | 919360c44c01aaf50361e52bc7f5036662aea281 |
| SHA256 | 1d29986cf899d452574967ddf8986a5c3c1d8dc122d41079cbf4ac609d0365d8 |
| SHA512 | 129d24c22fee59589d89041b74d986e222717c682687e1c50b302dd60ba96873b0b3bce8acf6902c3dab9274a298aa69f85b1c4abe79179f9a23d2e600471ee9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | a48763b50473dbd0a0922258703d673e |
| SHA1 | 5a3572629bcdf5586d79823b6ddbf3d9736aa251 |
| SHA256 | 9bb14ea03c24f4c3543b22a8b4e9d306b926d4950cfcc410808ecac2407409fd |
| SHA512 | 536406435e35f8204ce6d3b64850ffb656813aacbc5172af895c16c4f183005d69999c4f48f948875d9837890f290b51a7358ff974fb1efc6ba3d1592426cca1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 5865c484527fb0b2ecac5d66a3725605 |
| SHA1 | fd8ebe6cb4ddfbb73c0cd75563e1d332cad3a7a6 |
| SHA256 | 395184d9c3450e8c26e940e36d69ad5d9705c7d378af15b754782fee51225e6c |
| SHA512 | be15f7e1e3bbc4c43d56cabb4bbd5dcfe2c9f90b7fb8784f58a7cedf8b605ede5568a50b9be95dbd63f58264dc413ca24c14015ae41070a63e3e56d37d2e100b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 098c0409edf65fadfdf07b8d21c9e675 |
| SHA1 | 1b2083f8d981fb3c2b987c4381f706eeb7285034 |
| SHA256 | 52cf4fb74dc620bfa4563ccc697e79539287b92bf5bfdf9bbbf8325973e57625 |
| SHA512 | ca50501240ed5208486005c4c83da53cbe180d98cc4b570c3896d3ce22fd004ae57e616a2a9ba790a045cb5deff90efff3a9fb5012a1889d6d42c91587aa3d1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | e33523e646a8c824c70f1bd56c2b51fe |
| SHA1 | ee6c93ac5f7059b5f088287a59c48fb10a48c354 |
| SHA256 | ae038e21781ee07918e7d14f5d117fd66c090636705fffa8f27a546253588ed0 |
| SHA512 | f48fc761e6d0e959d4777fd8f4cc34c475a2f91f3f9814cf8d9f27d49410a9104c8065a94538eb8c83f0d905405c87a7a1e7fbfa084781595771382dd9feaf87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | f62be5eaf385d294dfcf9da363864a77 |
| SHA1 | cf00c3649f06cd27cc6b12dca437cb1ed45c379b |
| SHA256 | 8ada56510d4c33dd2d1fd67aefca1290af6105ccf23be7f215ab8b1c3243793c |
| SHA512 | 59b52cb510177a7f739e2497c9c721e5fef51dc5b70efe6ea32fa503a65e06eeb157dad8765f18b6882473bb5534f3c5dc5d4fe6df079611cc0c597c50d882ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | 52f5b13b7a79fc510a7d3fc4bfde0023 |
| SHA1 | 99b6037ef343c641e447e2b53a56c71c1dce08fc |
| SHA256 | aad541649b653ce414ead21bdbbcf8ea49b8f24059c79f06b318065fcd52bed2 |
| SHA512 | a8c816ba6f58e7d0c678d8b9b5b7bd921c6ee49c3fce9493a148ab4551167cd0f925e8bfa835a46c9b18500f5e6558669a627048b66861a5be62c78606a39df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 6cad3fecf755c4e902a4a9f65e8bd278 |
| SHA1 | 83946a81bec360aa100c010bfd8f3c1af2f077fb |
| SHA256 | fa275886c2bb779e8b0015d319c19e7230a2150b1af18f8c4029212081a39943 |
| SHA512 | 7079aaf8fd76f808e0a87e4ed0307c0637b9e46eb5815fcecc64d79fd2587f0e42c82317e807f2ec687c2bad0df3c1e2fae16ade1bd557cc3dd7ec56c53efb77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | a0a13f7a5baf28e1662bdf3f7e9cbe7b |
| SHA1 | ac073cc1e8f9ae1cf4ccaebf898238ae18c53b0d |
| SHA256 | d73ede74b56dd64654cedf263c69b22fa35dfa7794b48c7d63c6da2d535422d6 |
| SHA512 | 6f95ebac7425f530d7a73c54dedf43bad4adef1c15a5cb93bd740b9f3434b60e129c754738b1f1c3c327673fdb25ef4d11c94e4ca91f1fb8854cd8cdb4032bed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
| MD5 | 792342cb957a0752e57a58e6597f4907 |
| SHA1 | 470fcf9564e3655947505a726aed2474265d2d66 |
| SHA256 | c9c19c654778ed5b893072b4b86e4cf8c4830e20c27e32b880aea0409360e1d5 |
| SHA512 | 463f1351fcfdba0b8cd0db2e4f50b00e2e3244ee9fb843b10e15b93ddd5a03ce1004986610dcbb62f0cc9e7505f1ef40caadbeb3d02320edc8141351d8b8cf64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb512d2c2e6b8c05_0
| MD5 | 8371a4338b4af2cf186fa0d27ebcada8 |
| SHA1 | 5841ab881d987dc2d41fe7b552d14ab8a6ab5bb3 |
| SHA256 | 9c537e2f53d94411c2a47672ba8034c792ea57b722f14004b991f57e72260db9 |
| SHA512 | 202c652508d03b4f709c5a394734fc57fcd814a3fe2f064907d2da823ecf940a366b1345986f2e4e3b046f22bdf928eca8a480f5193fb5147879aeaaa6e9547a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | f3cfafe6e2c49adfec4b8248e5526243 |
| SHA1 | 52b94ab3d8d2396f03718f8964831eb2ad291214 |
| SHA256 | 1f5bf76df8677f482a0b37d61f1e8763097a5bcba8855a3f7bc883d4d1f36cf7 |
| SHA512 | 2d00294fd063e85ef429d45e55091c46a6d2e4aef55979f1086c9b07cf2532dfd04c6e16dad8a13dd3839f7384f7deb83cc66498b222ddeedac521ead078af85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | fc83533f1ca4acd5a21a86c6813bdca8 |
| SHA1 | ac560fda9dd200db0f1483a849e40550413eba64 |
| SHA256 | 3d74b02bb58390f5f7a7b6d428bbf1b66ef0b175f212df0d58f220906639f1bd |
| SHA512 | 952df96aeb2025fd37f7479e71f9668df070e7f00a59f3954d66793ae3846e76b93f01196a1c981cc06e30bf50113886c3b0aaf092af51c943c8954922895e2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | ca51c51e4c7f94f84180fcdc15beea45 |
| SHA1 | ca5c23591877bab2564460b03a87a1c1208b79ac |
| SHA256 | 0c1f4f7e33296d48e9af499215e28584e30d0ff8d7c3a1e9490032f0048cc774 |
| SHA512 | 48e64967b4139d586f60ebe32bfaf9a86e9d7256445a8671543695307cf940309cb72c9c11dc8f4b1e272f06716662f54dfd4b7eae3bbba12db5f9fafff25c9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eddb1bacad491844_0
| MD5 | 23a61225959d6007f741cddf21a0cf9d |
| SHA1 | 555f1996197f05283dc8316d026d90c52550e108 |
| SHA256 | 3b962ab2d13f863e675655e37743ec9190d9171343b353c2b4ddca74a8a7f350 |
| SHA512 | d6c67a0836add57ae5f46614c816f9c22f0388e726c812ea05839ca37981b78be4a07e2564905fc412e1680170a25fbabbc0f8b88ad5aa2bc521279194f58020 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13375659286374609
| MD5 | 40f35fa5223bb8704bcad0ff4f90d624 |
| SHA1 | 6580a1a84317055fb3a1844d03eafc0f0ea36b1d |
| SHA256 | 98d941400c787d961c8f083142508deb744397204dc5412172adfe795f621af5 |
| SHA512 | b9074c48910e9e227743cf1c468e2e2180b26e7f27099a354cf9e227a2532c52d163776514c1d0d4a7ab253a9abefa48cf4f60f0968454872210ac1bc4b38922 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ce77f5742c186a7_0
| MD5 | 5940626fe71b879867ffd67f4c754b76 |
| SHA1 | 325f13ea3636ec55c71acba24f064e4bf3dce054 |
| SHA256 | a9dd77b21937fbf55ee26e32debfa1a262c7c032f78c191910550385b83f740b |
| SHA512 | 7d2e5cd9fd8ee80827dc5e36d845d8f07968599f18506be8e19b0c653bf8d568355749a681b74420e728e601caccb74875a1354f76fabd99f11aba7e50823d81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 85997ea2c996e0e5e6b241067673ac8b |
| SHA1 | d697e1e5fbc84aec169a93bfea959c88705c4932 |
| SHA256 | 46396b1d3a97d476ba7e88c58e309c147cd250f1dd49aadce671064ded07a084 |
| SHA512 | 106ea2c059bae9ebd861760c8631415ab500e39f0e257ec86c06ed190b1127da5c77eb03925b591d0a2abf165b2b5cc8e2c066b45c434ebe80ca5c66c3bd556f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\35a0f46100d62faf_0
| MD5 | 2ea3d376bb23e579726630f6b48fbaee |
| SHA1 | 67755bbc9339844df57048a08cafde6c73c883cb |
| SHA256 | c0e4bf595d6556d9eb9bbef7461740795f5dd31ffb82315f5152117a2f86c0c8 |
| SHA512 | 18d0d69f43d12732004d3f04b4b096c46f3c2d9874dae512a68dbfd02d03527a9d4036f5f4986b997216c1fad341162a82114154b3bf1ccf608f1868ceec0782 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 353697ef4321c8a966a9e1a5e95dc8af |
| SHA1 | 9a9b1891bcb6704c498a21310133c2da1387d1a9 |
| SHA256 | 9d44e7bb62187ab64fc5e9ddc6bdc7b8e6d0fdcc790046a44e74ae0e6e60e459 |
| SHA512 | b449f11484183f81e235535766a5179aa8c516e8ab01e5f5e102daa974651bf10ec55736a186f59317de05b65afd06369ed2d09a9e4e1fe8375cd82bb9ce42ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b5ae299fc2b0dedc762a7226dee75bb7 |
| SHA1 | bac8986ec5242a1d04cfcff436fa0aed1597c981 |
| SHA256 | 64997165b85067d06590fa3413365b6077d25f5b85c648fffda396fd4619db51 |
| SHA512 | 967e8bb8b186c210539a5c800017729d6cf89361523765b55aba8f5bfb969d27426148c5ba8434b288d59b76c314ef8d1a9538a1f9251cb298d611de98c840df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3e7eeabb4275e41c9b394f8e906ce37c |
| SHA1 | d5b8b92be3ac0d7cffa2ab467ce755aec7f1485d |
| SHA256 | c8ca1b5d69fa223a130120a010c1622d1403c617d442ac6248b7a930ce78e20b |
| SHA512 | 5988551a436a22653f5c7970243b3630c50c45396e6579e9402c0149f8ec6ff49f64c8bb8a08ffcc61a0698e2a558d9e77fcc31a1d08ae10c1280768cb465d65 |
memory/1824-689-0x0000000074A10000-0x00000000751C0000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 824128e4ef241ec78313e9f07e82c879 |
| SHA1 | 47692318a3f27956ddeb1cc0321036e42e1c7c50 |
| SHA256 | f3c024f9799930032ab5570b1723016f1ac0aea9921f382974d3085f677143b4 |
| SHA512 | 1226b999db5bc545a63056c7fc8126e82454d3751609358c4f24b44ff73fc89cf080150ebc703ba118e7c40fd0a6d77341efa60ca489f9257c71328fb645eb5e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\prefs-1.js
| MD5 | be0032fbb742d33f9eadea17c1e3ac3d |
| SHA1 | 3c655e641160db706c0468f01cff04f66eeb582f |
| SHA256 | 983cc67cdab80580a8a78dc69562134de3ec7f50c86e9d366b9b7a7319b4e38c |
| SHA512 | bb39f467ccebdffedfc915c2db2e7928c12c16a905724122ff4722429c772e03cc2d55fcd0588f87987d0fceaf1313927b8d3ab99208dfa37a931d66c821b305 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\AlternateServices.bin
| MD5 | 55201679f5bc63b965d9fb5233411100 |
| SHA1 | 9160123b0de8be4a49b7b59d9e9fb7b71182e225 |
| SHA256 | 693ae04d10bb52b010f9ca8911f000b9e0df9f26c6c7f1d26409ac6cd9d9bf0f |
| SHA512 | 985553ecd04b165db2ddf31104f11238936cf2c09dd8fa2c6404158a0b3e17ad794c5a492ca24e975c243b911e70abd1885e465ed56a8ca993705708a52014da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0bba7ff934981c1e31614f8b4f7afd27 |
| SHA1 | da336f3e804c11b45e0c8cf4cd0da7b67c2b07b8 |
| SHA256 | 543a2030e0f08a5cdefafa96d270acf7a90bb877e914fba8285edee07a569779 |
| SHA512 | 4ddde9dbe2e299dbba7633d7572c99749e6a91b1fb861ebba91a999dcb6467ff1c1ef5a94b206e0e082d434de57a9bfabe851fd728d5478eddd89a750256c226 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 7f63813838e283aea62f1a68ef1732c2 |
| SHA1 | c855806cb7c3cc1d29546e3e6446732197e25e93 |
| SHA256 | 440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b |
| SHA512 | aaea9683eb6c4a24107fc0576eb68e9002adb0c58d3b2c88b3f78d833eb24cecdd9ff5c20dabe7438506a44913870a1254416e2c86ec9acbbcc545bf40ea6d48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 150b2f083987807441453cb02209be33 |
| SHA1 | 2aa9808dffa59ab9e62f718723cf870ef2e8236a |
| SHA256 | 5b946a0a8a0de935ecd2ec5a0ac437c6e15407f62e6db46ee9f4e46f4a2ed026 |
| SHA512 | 2d02c606fecfd33c14448a85639c3ac4ed4cb8b3ea97a9b09b7a54ce85431392dd1abc10f8c60e745637ec00cd71ea11fe8693a6269dc1679783ed0452b16e34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 712711f3450fe01d1ad5bd04224fd265 |
| SHA1 | 974e3b5df48ace85d2f48af29530a328b0a12700 |
| SHA256 | ce520c9e04dfa7a28167cf030bb180d4566b9387735c1cc20c1d0db49aeb7679 |
| SHA512 | d0e82f8e61d999e1eebb653e797173271245916f51528235334e9e7e557fb8039a55151d12645232980820d1d9196e00de4ffe6dfe2ba6ac822111ce02da6db4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1a46eac5f47792309837bce451f548e0 |
| SHA1 | 3828e043443c6957adcedf6038c3ce79038f9cbc |
| SHA256 | 8b5e5945657ec7d2ca65a36c9f7094aad0f8591a491e9dfd093b0d1a9043eea9 |
| SHA512 | 9bd156d5cf6735b1d259fd4ff55aa99688edcc11eba4f873ced0763415e5d09c2d70d6a575d04a9253dede671810dd64bdd543fbfca3e4bc96bb3652176d761e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6da7512db6ccc7c7d9c64d6f9f0862d1 |
| SHA1 | dcf34ea6d6cc84be55ccdafae0117866ba91a032 |
| SHA256 | 9abeeb4fbae14f2e9af1e50e7762947abcceedf6a42c06d2e29f3ec1959ad798 |
| SHA512 | dae2f45df79dcfe6439897fe7672bda193ef3b8ed3b89ec349728be1ed3f76e189565ac20a53d4c947aaf7a30921a354fa962d1d30bb391807910b80b7d96df9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | df6c7fbd6cde977751e514fb285d62c3 |
| SHA1 | 57b3ebc5b72cdec86fa21966b2bc13680db7b2c5 |
| SHA256 | 623e1226a3cd734959b4927e0914253ca1859473e78d103d492da8f4cbdbfe30 |
| SHA512 | d71ac66f12df8ecbaccfc4207b1026d6e424437cacacdc0172636d55f1ef436ae1b6c9ac8d36b12085ebb0437d8276edfe3b4055aedfaa32feb86f13e264530c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\36b7264e830be24e_0
| MD5 | eb16e6179ce545a553f12a4029c67fdb |
| SHA1 | 43ca932c8e7f5a20730daa597717f6ad2cf0c5ac |
| SHA256 | 8f568e36092172a30568cfdf067762ff201b95e518f33ad34124548ebaca69d7 |
| SHA512 | 9a5cff062c99ac76bb01bf51d3e8da3e7280c9c442658c1f57e9933f8a7eddbbf3cb506bafd4c9696458c8c288201b11049fd424dd6932c352f3d226498c049e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2863aa3c56d0b568_0
| MD5 | 5c0458d2da36cd04668bf260e1410318 |
| SHA1 | a980cd49157a8c9d53362ba5007b6f13ac5ac96c |
| SHA256 | 31bc90ffa79dd59be97997085ec72305f464628cf11579873e805e9a79d2964e |
| SHA512 | 5b40a7a96541ea690bbba556537f16cb4995af0feec5b301c528aeeb0f61a7d67c89e7b2ef435c72af3723287aac99cefb947bb56f779534fa10f0ddde17b049 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eddb1bacad491844_0
| MD5 | 2b4e13fd1d5b28be771826b731ba0ff0 |
| SHA1 | 72ddd7ed2aae3ef4bfb2ff2babca8d0c6f79f828 |
| SHA256 | 4dab40f853614e440bc778263d3651be39b062d27f9a4f17883965d65ea0a232 |
| SHA512 | 60dfc534016bb03b367adf63276dff5cc2b94c182e5c59e27121dd63e86db5e699a55bc0780a95e089ffb9509573347b537d3440d2ac6680cbbd54712d41471b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cb512d2c2e6b8c05_0
| MD5 | 467331a5b1812b1c1e592e1232ec03bf |
| SHA1 | 00cd1de92921c1d41d8d7e9ae4a7e1e4aae0a309 |
| SHA256 | 86c156c8c3b0d14ba11dfd8fbfe17e42a8492841c93bc5c2d596212e74ec679d |
| SHA512 | f27661e572b92983c1a7a6bc77ed1112fb5b147dcbd363a18edbe29d86b732433d32706f86008a32f52fb7af0a3538da2298704ba6801312d42ab21868d57684 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d06d1c61247f265c_0
| MD5 | ed1b5cbbf05b2e508694d424bddff8cb |
| SHA1 | a74b240c0c899a42bf89f5b1184987b8d3a1abad |
| SHA256 | a37317c9566e1710d792246ff5e2887f94e6834e91ca49d1e57c0cb0e89ad88d |
| SHA512 | 47a63fd9e8052f9053de024b589cf3e373d59bcaa6f79785f508293988b73bb5521ed3ce8ff74d38bfe3f82d3d8a6daef4d40618beec073dde43645e61d54c94 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\35a0f46100d62faf_0
| MD5 | e7d686adb3163c0d3269463acbf19edf |
| SHA1 | ea50329e98a79b66937a0543a88b0958af3906a9 |
| SHA256 | 35ee94dae9281367b0ec971d10c7e1fd5421d0183a605155ac0a5eed5db04a19 |
| SHA512 | e8fe50bb3a6089ca382a3788014594d06ff3279b7d21749d8acfe73969f2974309f5de055e56281f3180561b6b27ce164c44da3b62ba62c0d2d1509131793315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06916ad58ec2fd82_0
| MD5 | 129dc4b92616ea9488759d28e717707e |
| SHA1 | f0e4aa81702bf08a3d600cb44c1ec9b6794a7a52 |
| SHA256 | 60befea4f4654bddec264fa6a801a67c8ebca0c2b0ceb0034622bebc46109d71 |
| SHA512 | 4852c01acfc1f37fc66071ea4369a4fb00dac5a35a692fcaf084a0bbc4c3a0a8d1fec4f46d5a3c987938c2be8874e7da2a90700f06ee37cf9efd53c443058e67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7ce77f5742c186a7_0
| MD5 | c8b2f20499c64dfe1477c8157bc80f22 |
| SHA1 | ea3a36f9d79e37d19dd271d4acef7a82affcf870 |
| SHA256 | ac43fa9a964021fcf0d2dfe84598fc399a04b971ccfb55dc6c89d918f31589ab |
| SHA512 | 895a1afdce35b56a12b6b30bed5cd90c04e4f78eb95cecfb98d35decb0e1a8dfcae782559f4fd225094a629406d5a028496976fcc0bc328a92eaba7433d70157 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f09d470932f4bc07_0
| MD5 | f3c656652f87d6543166d6037f1bd119 |
| SHA1 | b982152c32d31fdd66059cc3db8302947d5910d8 |
| SHA256 | db08f207880d54ff99f85120199914a7d8a2fb68dca125c338fca1dd836495f5 |
| SHA512 | c885b7b7c2c76540042567c3da2651d98c6532bbdb68f4ea01008009102230e136be77014bbe6de5f84702219853f76492077ef25ba04b54670b85964a5696df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa6edb2fd574444f_0
| MD5 | 894ee516e7b4b75fd2743cd6e8fa7f83 |
| SHA1 | c68ede8e6ad6728d11c03803c3919acf246778ff |
| SHA256 | d04072f00a4c7d5d0d845437deac29b285f1814edec9865061f7b747be180511 |
| SHA512 | 474acca365e94647c8e30c39110097c734d9d95dee71edf99c3eb4c8628e18f7ab91f95fe7171f21813e534e7d0a54f4abc610432fec2194e8f39f19231d4f2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0152f6f515883f2a_0
| MD5 | 7c0cb99400c73d8487832b56d0ed0014 |
| SHA1 | 2fbd585187dc0e9dc46230b5c4e7c43d7eb7e170 |
| SHA256 | b52ea5ab5fc5282d80eebcdb7335fc9bf0cd94cab42865bd14bb1dba7afec03f |
| SHA512 | ec88f1fd5a3a3125096540ed5e0ba34a441dd8ecdf73b734db7bc4f9ed03c885a5ec7cf859f324c9bd2bb9cbf48ee2e111d156c6cc9bcb11410dd6c8e28e41ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\084e77b07b8c6e66_0
| MD5 | e82b8b4715a2a8abfc5c9dd06ed2f222 |
| SHA1 | fa9303b1cba8afd7c549bb56aa6e50d56ba41d0d |
| SHA256 | a24add0e5ca12a4f317f321aed37f846b29fec087b22baf496f10a7b2d7d6254 |
| SHA512 | b81b1d5c0594bb9922919ce89e6cb823941f1393355ba4ddee6c5b77a583efbc44432633797526d1048fe2b9dec872da1afc69dc99e1d125c489479b12e0cbb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53229f6ac4602140_0
| MD5 | e25ef999e8aeafc77490b7f7e387513a |
| SHA1 | 9899f866e1b5e6868df31fed58d58f26934150e3 |
| SHA256 | f81cf7476b2dc8430632a8003ca298c5bb0584538952023d81db72b4ff71766e |
| SHA512 | 146f61eedf2c980fa876c93ce13929f43604549db08ee0d7f3f39955b70c65ddabad86101ab80397edaac5519b2f942c2e3c5769f9111f2e26cf4a2183827a4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0cda9af93a09c8cd_0
| MD5 | a2d8f5c493f7fed2af29b3a4f6296eb6 |
| SHA1 | a0106131c98e196a96d389b6a7f50ba51d939889 |
| SHA256 | dc9042e3bee1aa7f86da9c70d87a40e5a4acdef21b03b0b730d5afa3e5e7e44f |
| SHA512 | 496b332b5ff2630088a5de7caeedd8154932364d324a6cf741486a200f79fe3b9d3632419dacc2202ef34c7044385f349f1a4baddd665909f24009d0208c8873 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\506c503332cdc72e_0
| MD5 | 5d9264fed8b205aedded35dc697a364b |
| SHA1 | 500800d2f8bc4052ba3751e1e80495b5be277b68 |
| SHA256 | b1fbbb95323da552e265b0d4d1f766340881f414217f2624294df5ee8317b062 |
| SHA512 | 772059b2acaeed9a1c23b793571f4635982d7cb0eaba164e4a0648b8710d7b8a90b9fa01d0cb0e43c2bbad43e5186dc78d21ccff57a99d5801183cfb965dd927 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4670d50a42be53a_0
| MD5 | 2f963c387d04e9fb39c1d970a22b5fb8 |
| SHA1 | ceef6275d132ccbba01c70f9beb98a38396a5a40 |
| SHA256 | 2222722b4ec523009f802ca5948b88a22b23874866ab1956c11d2aefd493e852 |
| SHA512 | bc44b2fb3516475a596da0744ebf95898622956b505da85d52b0d496475ee3bf576deec19d8b22db295262543d90a81d5f7959c72955c743a96514c88333970a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c17b2f76addfbcbb_0
| MD5 | daa85c5624d8ad2d02781e5deb293c40 |
| SHA1 | 7aef3522a988fc37abd38c789c4fe3bccff3c078 |
| SHA256 | d39d552ffe1998b888d79f2c0c27150293f214cbd4b5f906f60d6a2f9b43b212 |
| SHA512 | 3119c411d2a677e792847b1c1ef611708b16fcb1602b56f2bdb679a0fe12e488602b0da6763fd2a8945c4f8f56641ca34c1052a392f26c6b504e29ac0154ace8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\17d656c7685cc089_0
| MD5 | 77c6f81342f58e1da8db724a4c330cec |
| SHA1 | 101475347317c100008a3a619f51c81f33349c34 |
| SHA256 | b53f090b11d85b566e23ba0fb0441c9639afa54dbc9a7c228af647bf34f86ea0 |
| SHA512 | 5660fc50b8d76fa56062a32559bfd3c760aaa6b9fa9013bbf758c236dc2a7864f5f6dad89fdd15bcc3ceb4d53b529a474bb406107757af2277307672af819a0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\340100b83fd2ff1a_0
| MD5 | a24025447d843073aa43c866448b7ee1 |
| SHA1 | d1ca4d6ff15cfbc31a7b87a8cc7bfbe89eae8cc9 |
| SHA256 | d99e773131cf1640a13c58ff5b6c3dd08c2f34965bcd966e91d656c5e5a1d5cf |
| SHA512 | 602fb75e13d8138a17b1d3005f1ca482f6cba5257232ccbc67f35658064cc4260c4eed8c23bbddee74362c66e7fec0f8e1705d6e63dd9a067d5796592bcc1c8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9cf5528b4ee9b64d_0
| MD5 | ac61711cfc2bcc7835729534e3f0e0da |
| SHA1 | 6915e696fae76079daa0bd46136a36798f86aa2e |
| SHA256 | c578d4780e48569ffa913259541036934d5c5956e3e0f8a84531d04aceac56a1 |
| SHA512 | f7c1bc7ba33ce5875dbd5bae1e0086ef3f9249a28b2b8d968245537e39b693f208763934e5b44bb0fef8cc8aa1473349340af63c783317105361f36a08c8abde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c5cb84c71a1c819a_0
| MD5 | 88f0c12a85a315b1359b02e7aa03a289 |
| SHA1 | b0b57cecd908de0906b89c9726ea3a442b42affd |
| SHA256 | 733349aab45e4f6fca4f9c36d77612bed1a70d23b51ec068a55dd5ca7c22804f |
| SHA512 | fd2484c3184fa9e096b21d9e8d33d0ead06fea676b663e644472f6fcb88ed9bb2d2624e480542c1c301aaeac206bfcbf31dffc9efba54dd27428d8e509353280 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cd680494a4a83220_0
| MD5 | b8f8b52990a874985f15615fbfecec9a |
| SHA1 | 76420e9652824d5daf659ee37cc2245d0c7c0d91 |
| SHA256 | 8b4876b5bcdc5500d3cd9af0ccb3baa44e1888760692c7baa3d78ea3302f30fc |
| SHA512 | f0e44cf6c30442175e63cdf233c1dc5bab3f1557781d7338a6348beae73d312262557316068f17994b9edeac3d1a101be1f6283af60439124effaaeedf4587c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e8a331feb1f869994bd6f8fbd5392afe |
| SHA1 | f47f6e171a01074c03807baa7ea55d257a25de7c |
| SHA256 | 9bc7419be9d5ac9f9aa70e915aa9cacd0fdb9adff6c54a2bd0a7dbc70eadb7dd |
| SHA512 | 75157ec7d7fa8a13d2e628cf3871798ae12835e963b2efca3923fa6561a8c564197cbe524a91fa8c4fd6778c591e8dab9831090ed2dee1af5048483ecfe66d6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b063cf93dcc8df092afbc242c3d43715 |
| SHA1 | 299b9b05a0aaf6417c25fa27cc43b0ac04560e81 |
| SHA256 | c32ba1d3fe9e2f0a6604b66649b0c7bf89da9fa43c81465780c6d9fb075b1e78 |
| SHA512 | df9f471da514c548a08d5760be158b8ff95b3e7e6ac2dc6badf8e4ed1aa3e2789921a8e03176882086ed792fabefe1901925c025ef3ed92b5af6fa8d3df658f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1dffb6f4b2f607780dd1e9752833cbf6 |
| SHA1 | 2f8227a6587f2da4d60adb4a0d03d415611a6aa3 |
| SHA256 | 1822a10205d5329a6c1332fc72fda66ce3f6bc35d9ecbe11c74ac4f396ed1080 |
| SHA512 | 7afb765c747dab45ac855422ca1bf138403f7d65c967fca14515eda23cb093381fcf41ca4b7fd3a85b66784b9333e0cd835ebb5aae45d2a1ef5a977373ce106c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f51c2678fe060c986a5592f93d6f23bb |
| SHA1 | b96c7905cc0efc215a3de3c498b2940e99c2f52f |
| SHA256 | 7d4954cd739580dc28079cd7ac9bce263d9fd0bf1daac620dcb27c3ae337602d |
| SHA512 | 6c23c587163293fa966ac944785956dde156606df2963008e480b856a5a36705eec724c5b809d3d03a270875623f38c8a6ebc1d116ff412ef70cb4cbcc7123e5 |
memory/1232-1140-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1142-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1141-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1148-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1152-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1151-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1150-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1149-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1147-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
memory/1232-1146-0x000001E0A9540000-0x000001E0A9541000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7fmsgkth.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 68763c1dd3b42ba843c8395ae863d7b2 |
| SHA1 | c16b9de10f32a63ee9653aea6fba91cc32eabc64 |
| SHA256 | c45332cb28aa8b8dc5e87073b18454e701de0da70dcaf2c96a98ce6137b6ca70 |
| SHA512 | 3be29527b2b8d1ab2b85f646a6a02e3c645244418737fb9acff384b2e09f78aaa67109b5bae6daec64f1c5fc41d4f7f33347b53e6057e8babb9687c59ecf5f8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7b73cddaa12c3e2308476d96db177a06 |
| SHA1 | d65fbe4fe917d13ed761c7c7f53a6f19ee9b56da |
| SHA256 | 038d61c5f9d1c57754dc3159b24cfbe0bca825fe1f65c4af9068a3d82047f597 |
| SHA512 | a842fc6df7f40bd88c103221a01034f3d1c37278ea361c576c979f8519e85fa15503aa7d7121a7855bddd4ae44dd1679c54ef4ee88e7c892877b7818c35f995d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |