Analysis Overview
Threat Level: Likely benign
The file https://gofile.io/d/MqvFWU was found to be: Likely benign.
Malicious Activity Summary
Browser Information Discovery
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-10 20:34
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-10 20:34
Reported
2024-11-10 21:06
Platform
win10v2004-20241007-en
Max time kernel
1761s
Max time network
1766s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://gofile.io/d/MqvFWU
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ea8346f8,0x7ff8ea834708,0x7ff8ea834718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4776301700188962729,5556690388692561123,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3784 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | gofile.io | udp |
| FR | 45.112.123.126:443 | gofile.io | tcp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.123.112.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| FR | 45.112.123.126:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | s.gofile.io | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | 210.242.75.51.in-addr.arpa | udp |
| FR | 51.75.242.210:443 | s.gofile.io | tcp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 136.243.11.250:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 213.239.209.209:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 250.11.243.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.209.239.213.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 78.46.32.91:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | 91.32.46.78.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 136.243.35.166:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 166.35.243.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 148.251.155.232:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 213.239.209.209:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 232.155.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 148.251.53.118:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | 118.53.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 78.46.33.196:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 136.243.11.250:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 196.33.46.78.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 116.202.214.170:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | 170.214.202.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 148.251.194.214:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | 214.194.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 78.46.32.91:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 148.251.155.232:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.a-ads.com | udp |
| DE | 188.40.69.138:443 | ad.a-ads.com | tcp |
| US | 8.8.8.8:53 | static.a-ads.com | udp |
| DE | 116.202.214.170:443 | static.a-ads.com | tcp |
| US | 8.8.8.8:53 | 138.69.40.188.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d22073dea53e79d9b824f27ac5e9813e |
| SHA1 | 6d8a7281241248431a1571e6ddc55798b01fa961 |
| SHA256 | 86713962c3bb287964678b148ee08ea83fb83483dff8be91c8a6085ca560b2a6 |
| SHA512 | 97152091ee24b6e713b8ec8123cb62511f8a7e8a6c6c3f2f6727d0a60497be28814613b476009b853575d4931e5df950e28a41afbf6707cb672206f1219c4413 |
\??\pipe\LOCAL\crashpad_4564_SYDSMRTIJNLFTQJT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | bffcefacce25cd03f3d5c9446ddb903d |
| SHA1 | 8923f84aa86db316d2f5c122fe3874bbe26f3bab |
| SHA256 | 23e7cbbf64c81122c3cb30a0933c10a320e254447771737a326ce37a0694d405 |
| SHA512 | 761dae5315b35ec0b2fe68019881397f5d2eadba3963aba79a89f8953a0cd705012d7faf3a204a5f36008926b9f614980e333351596b06ce7058d744345ce2e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0977beef3d8a3254ebb99a5dd5f65681 |
| SHA1 | b1ad98231225a608c4d40ab7ed82bdf0149b81ec |
| SHA256 | 415b17de5b3e3202c31890e612f7b4e07115e86154e41624cdafa6aa6132c788 |
| SHA512 | 2d0e2d9d30b0e12c5753f8e1c40c48793935f51b7e543d7ebeeccb78528a9dbf2699e4aaea4678fa0be50854a1ebbe5fd55813a538e76bb49876c8bd0859ace7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ae82cfe34239016f73a4087351a36a40 |
| SHA1 | 1905d9780ae9394c073ba4f4ae223989e8dbd042 |
| SHA256 | bc2f2d36bdac65e77acbfe15e98283b200faee2f71f57e5fece5114d912cdc86 |
| SHA512 | 1e96c864da7a671d45af1ea244f5bf67dc1648435b9fd8f0c3cee2b6d0c9d901649b73dfaa1a38fa28465f6b66dca516dffea5acbea93d50ed6cf7e78c551a73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62a70928cfbfeddf97072b632f5e241d |
| SHA1 | 4d2256dff3cb54c23f30dd8850b3091e512d7d47 |
| SHA256 | c4309114432415532c649204a3451edb29afc624f059d509ee74b8341ed7beaa |
| SHA512 | 6610b717c7940ffc4bd70875f2da6c8ee33ae08cef6958f7b011f4d2be6a68a9dbf0cb76513389516fd05fcffb7a7e2028e0d0698e6baa7fe84e6c41493d7d0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ec8ce299429fcb5c45b4ab91502f7a40 |
| SHA1 | 399c145f3f41bc6c262e1d9c39b84cf133d23685 |
| SHA256 | a9c7e8b9a10cf68a5e9913af2922b1b2f0191fe5c2c667ff95b154d3fb0f3d5b |
| SHA512 | 8a58ffe6452978963c8bfd3f604d13aac677b1fd6feb93b2be34016874a3b8417d8d5306f8a7a3af5deaa0869cc21eca60203a6f23ac4a6242187385563d43ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 89c35bec7b7664d7a78f26398cb9334f |
| SHA1 | 7f96e221afba0c62b1a6bd083c15b04961fbe001 |
| SHA256 | 84a8cf8e21c4dd467d3f99b8cbae2344543e73b6bc7eedac08e142af9af1f2af |
| SHA512 | 2eb07220f5c28880eddbb22d6a1ab4978971a0e5fda231b3275f9bfc79edd72ae26555424440519deefea759667183d0b54d293e8b37550590dd3f50ac8729bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c10fdf32ac7aa502da90260d295c0041 |
| SHA1 | 183349a3ed0f042a8557208fbf198e9695a0ddac |
| SHA256 | 614c327743559a604a36d9013d51c613b0298f2f319064620d368ce75fa06cfc |
| SHA512 | ef517b000ed6801388d2878eb1ab5d68939e51643ed169c3304dc784749bb8abc039921dd087049d3c6c157ef74adca281410880b34aa7f20d81e83150a652b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 49d13413521001e7861d74ebd1e891d5 |
| SHA1 | 8fa9d5c17efba9b63bf96b73681f5e6fff5fda57 |
| SHA256 | f872c971f7fac362985ee47f248def24f0662a3ddafaf1ce9a6d6d489bdf89c2 |
| SHA512 | 5458be1bb4b667f753b3c2a976ba091237307c7519f07ce24edf7c085fa3ab9a239c230beafa774dcc4a7d54172edfe9540b133d11d619c76e06a2749540ed0a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 37967b09f68b517683b0d06251fc6d5a |
| SHA1 | 5283278a05e010788b58499b6bb7044452191b86 |
| SHA256 | 2c8759183ef9ab339378354de83afded17cdc919a7faf3066a05e02594fe2d57 |
| SHA512 | 1616ac935a178596377371a8bf113a75b8720f08e731b0f8dadacb4f77c752d818f7408355cbf60d6b4258e78fc390adff481431fe2a2efcebeb9fbd709b972f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 722a58af8fdbbb699dbe4c8fc2de1b90 |
| SHA1 | e2d321e782e3ef8a4d79a05c97bd97bee2e9fd7e |
| SHA256 | 87d55bb832c6fa1f0229ba8966ae59f47f4b2c311f3c504f3a1e1db006243a91 |
| SHA512 | 755dc634181f804279960decbb7f7f49ad655e68c083485127f40f7c3492eb31db5468337b3e76bdac8ef25255e2d7adb1c0c8de541ea01aa6431b150db8e295 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ed40fe231ca82c35983c62f46a4b871e |
| SHA1 | d93af3a7c0f3070fc0737d9294746edfe6982258 |
| SHA256 | 6662a019331e7bc0d9a4f9d8170ec9fa3eb76d4d0893c993e779ed0a6a225e98 |
| SHA512 | f2fbb5758ec69375048b5814ded2e55539274abea2e7606785c906f303ef5d1428920c84bbd7713fbc8ac716d06a91500f4d56bd95c1986c27f44def2a591fb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2f072e816170576b35ec0c498efa3d03 |
| SHA1 | a0f15331704865cfb262b95f446ab1830a5a4b22 |
| SHA256 | 3326fdab6c0350e72430d08866c28dfef4e59ae6ecf0dc011b58883a60a0b02b |
| SHA512 | fb81cd98757e1194e800210f0ac8f936be601a5ed31d9ace121a43b29108a669ed69df278328edb8bef3331f41bb8a33ab86d7678999dd70a820c9d63bfdd649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 390d228fa67dea18d5b8b6c3cb67a704 |
| SHA1 | 3f142c8a72a527a9be4d99f66c5c8e99d85f54bc |
| SHA256 | 0ae4a5ec7e62644229532b67caf88dfbf9dd44c0dd2639e63c1a5b616c4625e3 |
| SHA512 | eeb1143dfd5fdfb77df6c8293857e595f588e5aa6c153f454ecd4ae447aafb3be433062d2b0ab8d1fe5517d43c6c5a7d0be4573bcce5255f17c113cefafeaf74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 31970371e38d823d475161c091995072 |
| SHA1 | 1e267955ca22315883d01762db711455b09d4a12 |
| SHA256 | 032bac7338abbefb1bf83395514d1c54f1d46239afd21f522c8668e473f47326 |
| SHA512 | 42ca9329e3d75f4fdb3d2dcefe09fb10564c1ae074aedf24a5b8d25d30363741bb9189ed43080d81d4d53afde7cc3142b8fc1bc0275a48df8bc885258e666498 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0ebf88aafb4f346947572bff8dd9093a |
| SHA1 | f025d5140132e2f09f6fd373ff4def7bf40120dd |
| SHA256 | 039a233758792735b20b3c7ccfc2322a986d4795b55c4044e299466a730e00af |
| SHA512 | c86a090cd89fdf50864e058008dc9847547bf4eaaf9d79f1a26d3c1b93eebd13fca081e4ea25cbc1f36d068bc5da99c74ba6391bc148d001167c93e8b0cc0580 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ef52ad13e732d4111e68bbf7ca03f00f |
| SHA1 | eafa5a917242701cfb70bf9bd665288e143493de |
| SHA256 | 8300e1d7abaf5a374f6e7dd14c9b36917cdb394cff1bcf19447a6a76025f4355 |
| SHA512 | e406e8a9483ef35f076cffb50821c6597e6bcc9e21dbcfdf510435c6e4705325f1d6e3d28ec4fc7d99a458cd78ee6507723ddf15e7c7c8b5becd9dd1927268d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b664faeff5cab253147dfd1b51af9b0f |
| SHA1 | e60d781e14122dfea030b4ce759ed0ebf5ef2ffd |
| SHA256 | 91d52953c4bdb31a680cc6214249956f1f000b49d465b00179f87d62b6e77d0d |
| SHA512 | 1efec2ca40be75056d3b9b9453d9ddb07841a95560a734f767303be931b483d6d51fc430733c6f68309974852faf9dc6aef6db887796af77c32468cc7b087b0d |